Network Security Concepts Quiz

Questions and Answers

Which access control model enables the resource owner to specify access permissions for subjects?

• Attribute-Based Access Control
• Role-Based Access Control
• Discretionary Access Control (correct)
• Mandatory Access Control

What are the layers of the TCP/IP model from bottom to top?

• Application, Transport, Internet, Network Interface (correct)
• Link, Internet, Network, Application
• Network, Transport, Link, Internet
• Transport, Network, Application, Session

If the client's private key is Kc = 13 and the public parameter is p = 1013 with generator 2, what is the client's public key?

• 409
• 819
• 154
• 763 (correct)

What shared secret information is exchanged between the client and server if the server's private key is Ks = 11?

765 (A)

What is the encryption key in hexadecimal form after applying MD5 to the shared secret information with ASCII encoding?

9e107d9d372b4172326323027427d82 (C)

What does the Enigma machine allow for in its encryption process?

Probabilistic encryption with identical keys (D)

In the context of the Advanced Encryption Standard (AES), which component is responsible for performing substitutions on the input data?

SubBytes (C)

Which mode of operation does not allow for probabilistic encryption?

Electronic Codebook (ECB) (D)

What is indicated by the term 'avalanche effect' in cryptography?

Input changes result in radical output changes (A)

Which statement about MAC algorithms is incorrect?

MAC algorithms are non-reversible. (D)

When utilizing block ciphers, what is a crucial step to maintain confidentiality?

Employing the correct mode of operation (C)

What is the significance of the Rijndael S-box in the AES?

It is responsible for byte substitutions. (D)

How does the Counter mode (CTR) function in terms of encryption?

It employs a counter that varies with each block. (A)

Which access control model uses attributes of the user, resource, and environment to control access?

Attribute-Based Access Control (ABAC) (B)

What does a low false nonmatch rate in biometric systems primarily ensure?

Fewer legitimate users are incorrectly denied access (B)

Is multi-factor authentication generally more secure than single-factor authentication?

Yes, it offers additional layers of protection. (C)

Which statement regarding file permissions is incorrect based on the output of 'ls -l /sbin'?

Normal users can run the command: cd /sbin (A)

Which authentication factor is demonstrated when Martin uses his employee card?

What a user has (C)

What is the consequence of restricting user passwords to a length of only 8 digits as done by Olav?

It makes passwords easier to brute-force. (B)

Which access control model is most appropriate for granting user access based on job functions?

Role-Based Access Control (RBAC) (B)

What character set was used in the password entry generated by Windows LAN Manager?

Lower-case and upper-case English letters only (B)

What is the numerical representation of the permission drwxr-xr-x for a directory?

755 (D)

What role does salt play in common password storage techniques?

It complicates brute-force attacks. (D)

What type of entity is described as capable of accessing a resource in an access control system?

Subject (C)

What is the default umask value for newly created directories in Linux systems?

022 (D)

How does salted hashing contribute to the security of stored passwords?

By increasing the difficulty of dictionary attacks. (B)

What does the term 'false acceptance rate' refer to in biometric authentication?

The likelihood of unauthorized users being granted access. (B)

Which access control model compares security labels to determine access rights?

Mandatory Access Control (MAC) (C)

Which of the following best describes the common practice of hashing passwords with a salt?

It combines the user's password and salt before hashing. (D)

What significantly distinguishes public-key cryptography from symmetric encryption?

Public-key cryptography employs two separate keys for encryption and decryption. (C)

What does a public key certificate primarily consist of?

A public key, a user ID, and a signature by a trusted party. (A)

Who were the developers behind the RSA public-key scheme?

Ron Rivest, Adi Shamir, and Len Adleman (D)

What is the primary purpose of the Diffie-Hellman key exchange algorithm?

To enable two users to securely exchange a shared secret key. (D)

What is the limitation of the Diffie-Hellman scheme regarding the messages exchanged?

It allows interception without revealing the private keys. (A)

What is the main goal of digital signatures in public-key cryptography?

To prove the origin or approval of a message from a specific user. (C)

Which of the following best describes the RSA algorithm's method of operation?

It operates with plaintext and ciphertext as integers within a specified range. (A)

In symmetric key cryptography, which statement is true?

A shared secret key is used for encryption and decryption between two users. (B)

What umask value should be set to achieve the desired directory permissions of rwxrwxr--?

002 (B)

What is the first step in establishing a TCP connection using the TCP three-way handshake?

The Client sends a SYN packet to the Server. (D)

What does the Server send back after it receives the SYN packet from the Client?

A SYN-ACK packet. (C)

Which umask would result in directory permissions of 755?

122 (B)

What primary function does DHCP serve in computer networking?

Dynamically assigns IP addresses to devices. (B)

Which umask would result in 774 directory permissions?

003 (B)

In the context of TCP connection establishment, what does the acronym 'SYN' stand for?

Synchronization. (D)

What is the final step in the TCP three-way handshake after the Client receives the SYN-ACK?

The Client sends an ACK packet. (A)

Flashcards

Enigma Machine

A cipher device used in the 20th century for secret communication.

Probabilistic Encryption

Same inputs lead to different outputs in encryption.

AES (Advanced Encryption Standard)

A symmetric encryption algorithm, iterates on operations (SubBytes etc.).

SubBytes

Substitution cipher component of AES, uses a look-up table (S-box).

Rijndael S-box

8x8 substitution table (S-box) used in AES.

Block Cipher Modes of Operation

Methods for processing data blocks in block ciphers.

Cipher Block Chaining (CBC)

A block cipher mode where each block influences the next.

Electronic Codebook (ECB)

A block cipher mode that encrypts each block independently; Not Probabilistic

Multi-factor authentication (MFA)

A security method that requires multiple authentication factors from the user (something the user knows, has, or is) to gain access.

User Authentication Factors

Methods used to verify a user's identity, such as something the user knows (password), has (ID card), or physically is (biometrics).

Salted Hashing

A password storage technique that adds a random value (salt) to the password before hashing. This makes brute-force and dictionary attacks more difficult.

Hashcat

A tool used to crack passwords by trying different combinations.

Password Storage

The method of saving passwords in a secure way to prevent unauthorized access.

MD5

A hashing algorithm.

Biometric Authentication False Match

When a biometric system incorrectly identifies a different person's sample as the same person during verification.

Single-factor authentication

User authentication relying on only one factor, such as a password.

Access Control Mechanisms

Rules and policies that dictate how users or processes can access system resources based on their identity and permissions.

Access Control Model: Discretionary Access Control (DAC)

A model where the resource owner specifies which subjects (users or processes) can access specific resources.

Access Control Model: Mandatory Access Control (MAC)

A model where the system enforces access control based on predefined security policies and labels, limiting user discretion.

TCP/IP Model Layers

The TCP/IP model organizes network communication into five layers: Application, Transport, Internet, Network Access, and Physical.

Diffie-Hellman Key Exchange

A cryptographic method for securely exchanging keys over an insecure channel, using public and private keys.

False Nonmatch Rate

The probability of a legitimate user being incorrectly rejected by a biometric system.

False Match Rate

The probability of an unauthorized user being incorrectly accepted by a biometric system.

ABAC (Attribute-Based Access Control)

A model where access rights are based on attributes of the user, the requested resource, and the current environment.

DAC (Discretionary Access Control)

A model where users control access to resources that they own, setting permissions based on individual identity.

RBAC (Role-Based Access Control)

A model where access rights are defined based on the user's role within an organization.

MAC (Mandatory Access Control)

A model where access rights are based on security labels assigned to resources and users.

Linux File Permissions (drwxr-xr-x)

The permission settings for a directory, representing owner (d), group (r), and others (x) rights: read, write, and execute.

umask (File Permission Mask)

A Linux command used to set default file permissions for newly created files and directories.

TCP/IP model

A set of rules that computers use to communicate on the internet.

TCP Three-Way Handshake

A process of establishing a secure connection between a client and a server.

DHCP

A protocol that allows devices to automatically get their IP address from a network.

UMASK

A number used to control the default permissions for files and directories created.

Octal Permissions

A way of representing file permissions in the form of three digits, each digit representing owner, group, and others.

Default Directory Permissions

The permissions granted to new directories by default, often rwxrwxrwx.

Setting Directory Permissions

The process of changing the permissions granted to a directory, usually by modifying the default.

Public-key cryptography

Uses two separate keys: a public key for encryption and a private key for decryption. This makes it possible to securely communicate without sharing a secret key beforehand.

Public-key certificate

Contains a public key and the owner's identity, digitally signed by a trusted third party (certificate authority). It proves the authenticity and validity of the public key.

Digital signature

A cryptographic method used to verify the authenticity and integrity of a message. It uses the sender's private key to sign the message and the receiver's public key to verify it.

What is a certificate authority (CA)?

A trusted third party that issues and manages digital certificates. It verifies the identity of individuals or organizations and serves as an intermediary to ensure trust in online transactions.

How does symmetric key cryptography differ from public-key cryptography?

Symmetric key cryptography uses a single shared secret key for both encryption and decryption, while public-key cryptography uses a separate public key for encryption and a private key for decryption.

Why is public-key cryptography considered more secure than symmetric key cryptography for key distribution?

Public-key cryptography allows secure key exchange without the need for pre-shared secrets, making it more secure for distributing keys over insecure channels. In contrast, symmetric key cryptography requires secure key distribution, which can be a challenge.

Study Notes

INF 140 - Introduction to Cyber Security

• Course is structured around quizzes and previous exams
• Modules cover various cybersecurity aspects
• Module 1: Overview of Cybersecurity, encompassing fundamental security design principles and attributes
• Module 2: Cryptographic tools - focusing on symmetric primitives
• Module 3: Cryptographic tools - focusing on public-key cryptography
• Module 4: User authentication
• Module 5: Access control and auditing
• Module 6: Network protocols and attacks
• Module 7: Firewalls
• Module 8: Security protocol - application security and TLS
• Module 9: Network authentication and WLAN security
• Module 10: Intrusion Detection System (IDS)
• Module 11: Malware

Quiz 1 - Overview

• Cybersecurity protects five key attributes of assets in cyberspace
• Authenticity: refers to genuine or verifiable property
• Security design principles: Open design, Principle of least privilege, Separation of privilege, etc
• Layering: multiple, overlapping protection approaches across people, technology, and operational aspects of information systems
• Adversary: Individual, group, organization, or government that conducts or intends detrimental actions against security attributes of assets
• Sabotage: Techniques intended to limit or impair the operational effectiveness of adversarial or undesirable activity within a system
• Weakness/vulnerability: refers to a weakness in an information system, procedures, internal controls, etc

Quiz 2 - Symmetric Crypto

• Key stream: 8-bit stream cipher string 01010011
• Playfair Cipher: encryption matrix used to encrypt plaintext "SECURITY"

Quiz 3 - Asymmetric Crypto

• Public-Key Cryptography (PKC): More secure than symmetric cryptography, offers key sharing convenience, and non-repudiation
• RSA: Integer factorization is a key element of security, public key e must be coprime to n.

Quiz 4 - User Authentication

• Multi-factor authentication: more secure than single-factor authentication
• User authentication methods: What a user knows, is, has, does
• Techniques involved in authentication: user ID, salt, hash(salt, password)

Quiz 5- Access Control

• Access control models: ABAC, DAC, and RBAC, use attributes of user, resources and conditions
• Administrators need to define permissions, policies and security standards for each access control model

Quiz 6 - Network Protocols and Attacks

• TCP/IP layers
• Network devices and protocols.
• Attacks: DOS and DDoS, spoofing

Quiz 7- Firewalls

• Firewall rules to block traffic incoming or outgoing based on source IP, destination IP, destination port, etc

Quiz 8 - Cryptographic Security and TLS

• Protocol for secure communication over TCP
• Handshake protocol, Change Cipher Spec Protocol, Alert Protocol
• HTTPS operates on application layer, TLS/SSL operates in Transport Layer

Quiz 9 - Network Authentication and WLAN Security

• Protocol for authentication: Password-based, Challenge-Handshake (CHAP), Extensible Authentication Protocol (EAP)
• AAA standards: RADIUS, Kerberos
• Public key systems are common in secured access

Quiz 10 - Intrusion Detection System (IDS)

• Intrusion detection and prevention systems (IDS/IPS) detect unauthorized activity in the system
• Intrusions might include: masquerader, misfeasor, clandestine user
• Detection methods include: anomaly detection, and signature detection

Quiz 11 - Malware

• Malicious software (Malware) targeting Confidentiality, Integrity, and availability
• Types of malware include: Adware, Attack Kits, Backdoors, Downloaders, Exploits, Flooders(DoS Client), Keyloggers, Macro Virus, Mobile Code, Rootkits, Spammers, Spyware, and Trojan Horses
• Malware propagation techniques: Social Engineering