SWE3002 - Information and System Security
29 Questions
9 Views

SWE3002 - Information and System Security

Created by
@ExtraordinaryProsperity

Podcast Beta

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of bit stuffing in data transmission?

  • To ensure data integrity through error checking (correct)
  • To compress data for reduced transmission size
  • To encrypt the data being transmitted
  • To enhance the performance speed of data transfer
  • What does a digital signature primarily ensure in data transmission?

  • Authentication of the sender's identity (correct)
  • Real-time data monitoring
  • Integrity of the data being sent
  • Complete confidentiality of the data
  • Which mechanism is used to select secure routes for data under suspicious conditions?

  • Trusted functionality
  • Event detection
  • Security audit trail
  • Routing control (correct)
  • What is the purpose of a security audit trail?

    <p>To collect data for independent security reviews</p> Signup and view all the answers

    What role does trusted functionality play in security mechanisms?

    <p>It ensures compliance with security policies</p> Signup and view all the answers

    What is a common method used in masquerade attacks?

    <p>Using stolen login identifications and passwords</p> Signup and view all the answers

    Which of the following best describes a replay attack?

    <p>Capturing data traffic and resending it as if it were the original sender</p> Signup and view all the answers

    What does message modification involve?

    <p>Altering or delaying parts of a message</p> Signup and view all the answers

    What does a denial of service attack primarily prevent?

    <p>The normal use of communications facilities</p> Signup and view all the answers

    How is authentication typically secured?

    <p>Through the use of username and password</p> Signup and view all the answers

    What determines who can access data in an access control system?

    <p>Role management</p> Signup and view all the answers

    Which principle ensures that only the sender and receiver can access shared information?

    <p>Confidentiality</p> Signup and view all the answers

    What is non-repudiation in security services?

    <p>Ensuring that a user cannot deny involvement in a transaction</p> Signup and view all the answers

    What is the primary focus of the OSI security architecture?

    <p>Addressing security attacks, mechanisms, and services</p> Signup and view all the answers

    Which of the following best describes a security mechanism?

    <p>A process designed to detect, prevent, or recover from a security attack</p> Signup and view all the answers

    What characterizes a passive attack?

    <p>It aims to learn or utilize information without affecting system resources</p> Signup and view all the answers

    Which type of passive attack involves analyzing transmitted information without accessing its content?

    <p>Traffic analysis</p> Signup and view all the answers

    What is a common technique used to mask the contents of messages during a passive attack?

    <p>Encryption</p> Signup and view all the answers

    Which of the following is NOT a type of active attack?

    <p>Traffic analysis</p> Signup and view all the answers

    What is a defining characteristic of a masquerade attack?

    <p>Pretending to be a legitimate user to gain access</p> Signup and view all the answers

    What distinguishes an active attack from a passive attack?

    <p>Active attacks result in compromised data integrity</p> Signup and view all the answers

    What is the primary purpose of integrity in data communication?

    <p>To guarantee that the information received is accurate and unchanged</p> Signup and view all the answers

    Which security mechanism establishes proof of origin and integrity of data?

    <p>Nonrepudiation</p> Signup and view all the answers

    How does encipherment protect data during communication?

    <p>By encrypting the data to make it unreadable</p> Signup and view all the answers

    What role does notarization play in communication security?

    <p>It serves as a mediator to reduce conflict between parties</p> Signup and view all the answers

    Which mechanism is used specifically to enforce access rights to resources?

    <p>Access control</p> Signup and view all the answers

    What is the result if the integrity of a message is compromised during its transmission?

    <p>The original content is no longer accurate</p> Signup and view all the answers

    What does authentication exchange ensure in data communication?

    <p>The identity of the communicating parties is verified</p> Signup and view all the answers

    Which security mechanism focuses on maintaining the accuracy of data units?

    <p>Data integrity</p> Signup and view all the answers

    Study Notes

    OSI Security Architecture

    • Focuses on security attacks, mechanisms, and services.
    • Security attack: Action that compromises organizational information security.
    • Security mechanism: Process to detect, prevent, or recover from security attacks.
    • Security service: Enhances the security of data processing systems and information transfers.

    Security Attacks

    • Attacks can be categorized as passive or active.

    Passive Attacks

    • Aim to gather information without altering system resources.
    • Two types:
      • Release of message contents: Capturing sensitive information in communications (e.g., phone calls, emails).
      • Traffic analysis: Analyzing patterns of traffic without revealing content; commonly masked by encryption.
    • Difficult to detect as they do not alter data.

    Active Attacks

    • Involve modification of data streams.
    • Subdivided into:
      • Masquerade: Intruder impersonates a legitimate user to gain unauthorized access.
      • Replay: Captured data reused to deceive the receiver; the receiver thinks it’s an original message.
      • Message modification: Altering message contents to produce unauthorized effects (e.g., changing file access permissions).
      • Denial of Service (DoS): Disrupting normal communication services to target specific entities.

    Security Services

    • Authentication: Verifying user or system identity, often through usernames and passwords.
    • Access Control: Regulating who can access information and the extent of their access.
    • Confidentiality: Ensuring only authorized parties can access shared information, protecting against unauthorized access.
    • Integrity: Assuring received information is accurate and unaltered during transmission.
    • Non-repudiation: Ensuring proof of origin and integrity of data, preventing either party from denying the receipt or sending of messages.

    Security Mechanisms

    • Encipherment: Hiding data through algorithms, ensuring confidentiality.
    • Access Control: Mechanisms to enforce user access rights to resources.
    • Notarization: Involves a trusted third party to mediate communication, reducing conflict risks.
    • Data Integrity: Mechanisms ensuring the consistency and accuracy of data.
    • Authentication exchange: Two-way confirmation of identities at the TCP/IP layer.
    • Traffic padding (Bit stuffing): Adding extra bits to ensure data integrity during transmission.
    • Digital Signature: Electronic signature added by the sender to verify identity and data integrity.
    • Routing Control: Selects secure physical routes for sensitive data.

    Pervasive Security Mechanisms

    • Trusted Functionality: Identifies correct processes per security policy.
    • Security Label: Enhances object security through labels attached to data.
    • Event Detection: Identifies security-relevant events.
    • Security Audit Trail: Collects data for independent reviews of security systems.
    • Security Recovery: Mechanisms for recovering from security breaches.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers Module 1, Topics 2 and 3 of SWE3002, focusing on the OSI security architecture. Key concepts include security attacks, mechanisms, and services essential for safeguarding information. Test your knowledge on how these elements work together to secure organizational data.

    More Like This

    OSI Security Architecture Quiz
    5 questions
    Security Objectives and OSI Architecture
    7 questions
    Security Objectives and OSI Architecture
    7 questions
    Use Quizgecko on...
    Browser
    Browser