Network Security Concepts Quiz

Questions and Answers

Which access control model enables the resource owner to specify access permissions for subjects?

Attribute-Based Access Control

Role-Based Access Control

Discretionary Access Control (correct)

Mandatory Access Control

What are the layers of the TCP/IP model from bottom to top?

Application, Transport, Internet, Network Interface (correct)

Link, Internet, Network, Application

Network, Transport, Link, Internet

Transport, Network, Application, Session

If the client's private key is Kc = 13 and the public parameter is p = 1013 with generator 2, what is the client's public key?

409

819

154

763 (correct)

What shared secret information is exchanged between the client and server if the server's private key is Ks = 11?

765

What is the encryption key in hexadecimal form after applying MD5 to the shared secret information with ASCII encoding?

9e107d9d372b4172326323027427d82

What does the Enigma machine allow for in its encryption process?

Probabilistic encryption with identical keys

In the context of the Advanced Encryption Standard (AES), which component is responsible for performing substitutions on the input data?

SubBytes

Which mode of operation does not allow for probabilistic encryption?

Electronic Codebook (ECB)

What is indicated by the term 'avalanche effect' in cryptography?

Input changes result in radical output changes

Which statement about MAC algorithms is incorrect?

MAC algorithms are non-reversible.

When utilizing block ciphers, what is a crucial step to maintain confidentiality?

Employing the correct mode of operation

What is the significance of the Rijndael S-box in the AES?

It is responsible for byte substitutions.

How does the Counter mode (CTR) function in terms of encryption?

It employs a counter that varies with each block.

Which access control model uses attributes of the user, resource, and environment to control access?

Attribute-Based Access Control (ABAC)

What does a low false nonmatch rate in biometric systems primarily ensure?

Fewer legitimate users are incorrectly denied access

Is multi-factor authentication generally more secure than single-factor authentication?

Yes, it offers additional layers of protection.

Which statement regarding file permissions is incorrect based on the output of 'ls -l /sbin'?

Normal users can run the command: cd /sbin

Which authentication factor is demonstrated when Martin uses his employee card?

What a user has

What is the consequence of restricting user passwords to a length of only 8 digits as done by Olav?

It makes passwords easier to brute-force.

Which access control model is most appropriate for granting user access based on job functions?

Role-Based Access Control (RBAC)

What character set was used in the password entry generated by Windows LAN Manager?

Lower-case and upper-case English letters only

What is the numerical representation of the permission drwxr-xr-x for a directory?

755

What role does salt play in common password storage techniques?

It complicates brute-force attacks.

What type of entity is described as capable of accessing a resource in an access control system?

Subject

What is the default umask value for newly created directories in Linux systems?

022

How does salted hashing contribute to the security of stored passwords?

By increasing the difficulty of dictionary attacks.

What does the term 'false acceptance rate' refer to in biometric authentication?

The likelihood of unauthorized users being granted access.

Which access control model compares security labels to determine access rights?

Mandatory Access Control (MAC)

Which of the following best describes the common practice of hashing passwords with a salt?

It combines the user's password and salt before hashing.

What significantly distinguishes public-key cryptography from symmetric encryption?

Public-key cryptography employs two separate keys for encryption and decryption.

What does a public key certificate primarily consist of?

A public key, a user ID, and a signature by a trusted party.

Who were the developers behind the RSA public-key scheme?

Ron Rivest, Adi Shamir, and Len Adleman

What is the primary purpose of the Diffie-Hellman key exchange algorithm?

To enable two users to securely exchange a shared secret key.

What is the limitation of the Diffie-Hellman scheme regarding the messages exchanged?

It allows interception without revealing the private keys.

What is the main goal of digital signatures in public-key cryptography?

To prove the origin or approval of a message from a specific user.

Which of the following best describes the RSA algorithm's method of operation?

It operates with plaintext and ciphertext as integers within a specified range.

In symmetric key cryptography, which statement is true?

A shared secret key is used for encryption and decryption between two users.

What umask value should be set to achieve the desired directory permissions of rwxrwxr--?

002

What is the first step in establishing a TCP connection using the TCP three-way handshake?

The Client sends a SYN packet to the Server.

What does the Server send back after it receives the SYN packet from the Client?

A SYN-ACK packet.

Which umask would result in directory permissions of 755?

122

What primary function does DHCP serve in computer networking?

Dynamically assigns IP addresses to devices.

Which umask would result in 774 directory permissions?

003

In the context of TCP connection establishment, what does the acronym 'SYN' stand for?

Synchronization.

What is the final step in the TCP three-way handshake after the Client receives the SYN-ACK?

The Client sends an ACK packet.

Study Notes

INF 140 - Introduction to Cyber Security

• Course is structured around quizzes and previous exams
• Modules cover various cybersecurity aspects
• Module 1: Overview of Cybersecurity, encompassing fundamental security design principles and attributes
• Module 2: Cryptographic tools - focusing on symmetric primitives
• Module 3: Cryptographic tools - focusing on public-key cryptography
• Module 4: User authentication
• Module 5: Access control and auditing
• Module 6: Network protocols and attacks
• Module 7: Firewalls
• Module 8: Security protocol - application security and TLS
• Module 9: Network authentication and WLAN security
• Module 10: Intrusion Detection System (IDS)
• Module 11: Malware

Quiz 1 - Overview

• Cybersecurity protects five key attributes of assets in cyberspace
• Authenticity: refers to genuine or verifiable property
• Security design principles: Open design, Principle of least privilege, Separation of privilege, etc
• Layering: multiple, overlapping protection approaches across people, technology, and operational aspects of information systems
• Adversary: Individual, group, organization, or government that conducts or intends detrimental actions against security attributes of assets
• Sabotage: Techniques intended to limit or impair the operational effectiveness of adversarial or undesirable activity within a system
• Weakness/vulnerability: refers to a weakness in an information system, procedures, internal controls, etc

Quiz 2 - Symmetric Crypto

• Key stream: 8-bit stream cipher string 01010011
• Playfair Cipher: encryption matrix used to encrypt plaintext "SECURITY"

Quiz 3 - Asymmetric Crypto

• Public-Key Cryptography (PKC): More secure than symmetric cryptography, offers key sharing convenience, and non-repudiation
• RSA: Integer factorization is a key element of security, public key e must be coprime to n.

Quiz 4 - User Authentication

• Multi-factor authentication: more secure than single-factor authentication
• User authentication methods: What a user knows, is, has, does
• Techniques involved in authentication: user ID, salt, hash(salt, password)

Quiz 5- Access Control

• Access control models: ABAC, DAC, and RBAC, use attributes of user, resources and conditions
• Administrators need to define permissions, policies and security standards for each access control model

Quiz 6 - Network Protocols and Attacks

• TCP/IP layers
• Network devices and protocols.
• Attacks: DOS and DDoS, spoofing

Quiz 7- Firewalls

• Firewall rules to block traffic incoming or outgoing based on source IP, destination IP, destination port, etc

Quiz 8 - Cryptographic Security and TLS

• Protocol for secure communication over TCP
• Handshake protocol, Change Cipher Spec Protocol, Alert Protocol
• HTTPS operates on application layer, TLS/SSL operates in Transport Layer

Quiz 9 - Network Authentication and WLAN Security

• Protocol for authentication: Password-based, Challenge-Handshake (CHAP), Extensible Authentication Protocol (EAP)
• AAA standards: RADIUS, Kerberos
• Public key systems are common in secured access

Quiz 10 - Intrusion Detection System (IDS)

• Intrusion detection and prevention systems (IDS/IPS) detect unauthorized activity in the system
• Intrusions might include: masquerader, misfeasor, clandestine user
• Detection methods include: anomaly detection, and signature detection

Quiz 11 - Malware

• Malicious software (Malware) targeting Confidentiality, Integrity, and availability
• Types of malware include: Adware, Attack Kits, Backdoors, Downloaders, Exploits, Flooders(DoS Client), Keyloggers, Macro Virus, Mobile Code, Rootkits, Spammers, Spyware, and Trojan Horses
• Malware propagation techniques: Social Engineering

Description

Test your knowledge on access control models, TCP/IP layers, public key generation, and encryption techniques in network security. This quiz covers essential concepts and technical details that are foundational to understanding secure communications.