Network Security

The flashcards below were created by user finmcoul on FreezingBlue Flashcards.

  1. Active security attacks on computer systems attempt to
    alter system resources or affect their operation
  2. Passive security attacks on computer systems attempt to
    learn or make use of information in the system contrary to its security policy
  3. Types of Passive Attacks
    • eavesdropping on computer communications by monitoring transmissions and reading messages
    • traffic analysis of computer communications by analysing patterns in communication
  4. Types of Active Attacks
    • denial of service that inhibits normal use or management of service
    • masquerades which subvert the security policy through the pretence that some entity is some other entity
    • modifying message to get unauthorised effects
    • capture and replaying of messages to get unauthorised effects
  5. TCP/IP Layers
    • application - interfaces directly with users e.g. e-mail, remote login
    • transport - handles (safe) transfer of messages among node
    • network - handles routing and addressing of packets in network
    • data link - handles error detection and recovery in physical layer
  6. Network gateways do what with packets
    • Decrement hop count by 1 before forwarding packets
    • Don't pass on packets with 0 hop count
  7. What is traceroute
    Traceroute is a network application that traces the route through gateways taken by network traffic during its passage across the Internet
  8. How does traceroute function
    Traceroute probes each router along a path to a remote target by launching successive sets of 3 UDP packets with a steadily increasing hop count to unused port on remote target to get time exceeded or port unreachable responses
  9. What is a socket
    A communication endpoint with associated protocol used for IPC within a communication domain
  10. Sockets have what properties
    • in order delivery of data
    • unduplicated delivery of data
    • reliable delivery of data
    • preservation of message boundaries
    • support for out of band messages
    • connection oriented communication
  11. Communication is connection-oriented if
    identity of each endpoint is established at start of communication, maintained at each end and isn't transmitted with each packet
  12. Stream socket models byte stream communication that are
    • connection-oriented
    • reliable
    • supports out of band communication
  13. Internet socket addresses are
    • unique in address domain
    • immutable once given
  14. Datagram socket models packet oriented communication that is
  15. Multicasting with sockets means
    sending same message to all server sockets in broadcast range in given multicast class
  16. Servers need to operate concurrently to
    • support responsive use and avoid delays in responding
    • enable tolerable shared use of services taking a long time
    • support fair access to service
  17. Concurrent operation of a server can be realised by
    • multithreading execution of server
    • concurrently executing multiple instances of server
  18. Scheduling policies are priorities if
    chances to execute depend on priority rankings
  19. Scheduling policies are time-sharing if
    run for time-slice between context switches
  20. Scheduling policies are preemptive if
    may be switched out during their time slice
  21. Multithreading is
    concurrent execution of multiple threads by context switching among them
  22. A TCP server typically
    • accepts requests via reliable byte stream connections
    • replies to requests along same connection
  23. A UDP server typically
    • accepts requests in datagram packets
    • accepts requests in datagram packets
  24. A cryptographic key is
    sequence of symbols that controls the deciphering of ciphertexts or the ciphering of plaintexts
  25. Symmetric encryption uses
    same key for ciphering and deciphering a message but not necessarily the same algorithm
  26. Requirements for secure use of symmetric encryption in communication include
    • ciphertext can't be read without knowing cipher key
    • key can't be discovered from cipher algorithm and some ciphertexts
  27. Security of methods of encryption relies on attackers not knowing
    cryptographic key used
  28. A Feistel network is a block based symmetric product cipher involving multiple rounds where each round
    splits block in half, XORs left half with round functioned right half and swaps result and left half
  29. Data Encryption Standard or DES is
    Feistel network based cipher based on on 64 bit blocks, a 56 bit key and 16 rounds of processing
  30. Advanced Encryption Algorithm or AES supports what length of key?
    128, 192 and 256 bit key lengths
  31. Rivest, Shamir and Adleman (RSA) public key algorithm supports what services
    • encryption
    • key exchange
    • digital signatures
  32. Diffie and Hellman public key algorithm supports what services
    Key exchange
  33. Public key algorithms avoid what issues but have what inherit problems
    Public key algorithms avoid problem of having to distribute a secret key but face problem of ensuring purported public key is genuine
  34. Public key certificate is solution to the problem of
    knowing whether a given key is a given party's public key
  35. A public key certificate contains as a minimum
    • name of subject for whom certificate is issued
    • public key of subject
    • digital signature of some party verifying that data
    • name of party supplying digital signature
  36. When a certificate authority issues a certificate for some subject it is verifying that the certificate
    contains the public key of that subject in its key field
  37. Reasons for a public key certificate to be revoked
    • certificate authority no longer has good reason to believe that the subject has accurately identified himself
    • security of certificate authority's private key has been compromised
    • subject has notified certificate authority that his private key has been compromised
  38. What port does http operate on
  39. What port does https operate on
  40. Secure Sockets Layer is network protocol layer on Internet
    between transport and application layers to encrypt packets being passed by transport layer for applications
  41. PGP supports what services
    security services for communication, data storage and e-mail
  42. ASCII armour is what
    base 64 encoding of messages
  43. A digital keyring is what
    a store of public or private keys
  44. OpenPGP certificates have the what information
    • key ID
    • public key
    • self-signature
    • validity period
    • symmetric encryption algorithm preference
  45. Before signing a public key certificate you should do what?
    • get the public key from somewhere (e.g. public key server)
    • check with key's owner that properties are correct
    • check that user ID(s) truly designate the owner
    • sign ID(s) with own private key to attest public key is owned by those ID(s)
  46. PGP depends on what trust model
    web of trust model
  47. X.509 depends on what trust model
    hierarchical trust model
  48. What levels are in the PGP trust model
    • unknown
    • marginal
    • trusted
  49. A marginal level of trust in a signer of another's public key means what
    That the signer understands the implications of the signing the key and has validated the user's identities
  50. How does PGP supports bulk encryption of documents
    through symmetric encryption, encrypted with a randomly generated session key, which is encrypted and sent to the receiver via their public key
  51. What is a firewall
    a device or software that filters network traffic in accordance with the network policy
  52. Firewalls are useful because
    vulnerabilities on many hosts in a private network can be closed to attack from a public network like the Internet by apt rules on a single well placed firewall
  53. The ideal design for a firewall is what
    • all traffic via firewall host must travel through firewall
    • only traffic authorized by security policy may pass
    • firewall host itself is immune to hostile penetration
  54. A bastion host is what
    • A critical strong point of the network and is unprotected by firewall or packet filtering and is exposed to the internet
    • example :  DNS server
  55. An application gateway firewall is a firewall that
    runs application proxies relaying network traffic with external services and controls usage of the application in accord with a security policy
  56. DMZ (demilitarised zone)
    An area of the network that is unprotected and not trusted
  57. A virtual private network is what
    a private network over public network( e.g internat) via virtual point-to-point secure connections
Card Set:
Network Security
2014-12-07 14:15:49

Notes from quizzes by Hamish Taylor
Show Answers: