Software Security: Communication & Vulnerabilities

Questions and Answers

What is a common goal of an attacker in a software security context?

• To improve system user interface
• To take over the target machine (correct)
• To enhance application performance
• To monitor network traffic

Which of the following is NOT a type of software vulnerability?

• Buffer overflow attacks
• Network encryption (correct)
• Malware
• Format string vulnerabilities

What does the concept of 'only as secure as the single weakest layer' apply to?

• Web security only
• Software application design
• Network security in general (correct)
• Physical security measures

Which protocol is commonly associated with transport layer security?

TLS/SSL (B)

In the context of operating system security, what does the OS Attacker control?

Malicious files and applications (D)

Which aspect of security addresses the vulnerabilities in end systems?

Computer security (B)

How can insider fraud manifest in software development?

Writing code that bypasses security checks (B)

Which of the following does NOT fall under communications security?

End system firewalls (C)

What is defined as a weakness of a system that could be exploited?

Vulnerability (A)

Which term describes the protection of computing systems from threats?

Computer Security (A)

What was the primary illegal action taken by the employee of company A in the espionage case?

Impersonating customer C to access confidential information (C)

What are the three key strategies in security management?

Prevention, Detection, Reaction (B)

Which of the following is NOT considered an asset in a computing system?

Attacks (C)

What technique did the password sniffing program use to gather user credentials?

Displaying a fake login prompt after crashing (A)

What is the main goal of a security policy?

To regulate the security services (C)

In the context of e-commerce, which strategy involves encrypting orders and using firewalls?

Prevention (D)

How does the denial of service attack via TCP SYN flooding work?

By sending too many connection requests to overwhelm a server (D)

Which of the following describes an unauthorized transaction showing up on a credit card statement?

Detection (B)

What is an 'exploit' in the context of computer security?

A technique taking advantage of a vulnerability (A)

What was the year the password sniffing incident that involved a student’s program occurred?

1978 (D)

What common outcome of the espionage task was identified in the case of company A and B?

Unauthorized access to sensitive files (C)

What does eavesdropping primarily violate in terms of security principles?

Confidentiality (C)

Which kind of attack involves unauthorized modification of information during transmission?

Alteration (B)

What type of attack is characterized by overwhelming a service to interrupt access?

Denial-of-service (B)

Which step in a common attack pattern involves gathering information about a target?

Reconnaissance (B)

During which phase does an attacker scan for vulnerabilities in the target network?

Scanning (D)

Masquerading primarily violates which aspect of information security?

Origin integrity (B)

What type of threat involves creating a false record in a system?

Fabrication (D)

Which of the following is NOT a common violation caused by security threats?

Scalability (B)

What is the primary goal of integrity in security objectives?

Prevent unauthorized modification of information (A)

Which security objective aims to ensure that resources are accessible and usable upon demand?

Availability (B)

What does confidentiality aim to protect?

Unauthorized disclosure of information (A)

Which of the following describes accountability in security objectives?

Proving that an entity was involved in an event (D)

Which scenario best illustrates the principle of authenticity?

Verifying the identity of a user before granting access (B)

What is a primary concern of availability in security objectives?

Denial of Service attacks (A)

What does access control aim to achieve in the context of security objectives?

Restricting access to authorized entities (B)

Why is data integrity crucial in security systems?

It maintains consistency between data sources and documents (A)

Study Notes

Secure Communication

• Key security considerations include confidentiality and integrity.

Software Security

• Attackers aim to take over machines and execute arbitrary code by hijacking application control flow.
• Common attack techniques include:
  • Buffer overflow attacks
  • Format string vulnerabilities
  • Malware exploitation
• Solutions exist to mitigate these risks.

Operating System Security

• OS attackers control malicious files and applications, posing a threat to users and their data.

Network Security

• Security is based on a layered model that includes:
  • Application layer (e.g., Remote login, email)
  • Transport layer (e.g., TCP)
  • Network layer (e.g., IP)
  • Data link layer (e.g., 802.11, Wi-Fi)
  • Physical layer (e.g., RF)
• Security is only as robust as the weakest layer in this model.

Web Security and Privacy

• Web attackers can set up malicious sites but lack control over the user's network.

Aspects of Security

• Distributed systems are connected via networks.
• Communication security emphasizes securing communication links.
• Computer security focuses on protecting end systems, which is increasingly challenging.
• Application security combines network and computer security to serve users safely.
• Proper security management involves deploying technologies like firewalls.

Insider Fraud

• Notable historical example: A programmer exploited a bank's system to ignore overdrafts.
• Discovered through manual account processing when the system broke down, leading to a suspended sentence.

Espionage – Identity Fraud

• Competitor employee exploited secret phone numbers to impersonate a customer, resulting in unauthorized access to files.
• Highlighted the importance of safeguards against identity theft and computer memory searches.

Password Sniffing

• A program designed to collect user credentials resulted in file deletions for victims.

TCP Session Hijacking

• Involves predicting challenges to send messages that appear to come from a trusted host, identified as an early warning system.

Denial of Service (DoS)

• TCP SYN flooding exploits the creation of half-open TCP connections to exhaust resources.

Definitions

• A computing system comprises hardware, software, data, and storage.
• Threats are circumstances with the potential for loss or harm.
• Vulnerabilities are system weaknesses that can be exploited.
• Computer Security aims to protect systems from threats.
• Attackers pose threats to organizations, also termed hackers or crackers.

Security Strategies

• Prevention: Measures to avoid damage to assets.
• Detection: Identifying when and how assets are compromised.
• Reaction: Recovering from asset damage.
• Investment in prevention typically necessitates further investment in detection mechanisms.

Security Objectives

• Confidentiality: Prevent unauthorized information disclosure.
• Integrity: Prevent unauthorized information modification.
• Availability: Ensure resources are accessible when required.
• Authenticity: Validate identities of communicating parties.
• Accountability: Provide evidence of participation in events.
• Access Control: Restrict resource access to authorized entities.

Confidentiality

• Protects against unauthorized information disclosure.
• Secrecy refers to safeguarding sensitive organizational data.

Integrity

• Ensures data remains unaltered during transmission and storage.
• Data integrity is vital for coherence in records and systems.

Availability

• Ensures authorized entities can access desired resources.
• Denial of Service attacks threaten availability, making it crucial for system security.

Threats and Attacks

• Eavesdropping involves intercepting intended information during transmission.
• Alteration can occur via man-in-the-middle attacks, modifying communication streams.
• Denial-of-service impacts data access and service continuity.

Violations of Security Principles

• Eavesdropping violates confidentiality.
• Alteration compromises data integrity.
• Denial of service affects availability.
• Masquerading undermines origin integrity.

Security Threats Pattern

• Typical attacks follow a five-step pattern:
  • Reconnaissance: Gathering information about the target.
  • Scanning: Seeking vulnerabilities through tools like port and network scanners.

Description

This quiz covers key aspects of software security, focusing on secure communication, confidentiality, and integrity. Topics include common vulnerabilities such as buffer overflow attacks and format string vulnerabilities, along with approaches to counter malicious software. Test your understanding of how to protect systems from exploitation.