Scribd
Upload
19 views

Chapter 01, 02 Security

Uploaded by

Toqua Magdy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
19 views

Chapter 01, 02 Security

Uploaded by

Toqua Magdy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Security Question Bank

Chapter 01
1. What is meant by the CIA triad?

- This definition introduces three key objectives that are at the


heart of computer security.

1- Confidentiality
- Preserving authorized restrictions on information access.
‫بنحافظ على سرية المعلومات عن طريق منع أي حد إنه يوصل للداتا دي‬
a. Data confidentiality: Assures that private information is
not made available to unauthorized individuals.
b. Privacy: Assures that individuals control what information
related to them may be collected and stored and by whom
and to whom that information may be disclosed.
2- Integrity
- Guarding against improper information modification ‫حماية‬
‫المعلومات من إنها تتعدل بشكل غير صحيح‬
a. Data integrity: Assures that information and programs are
changed only in a specified and authorized manner.
b. System integrity: Assures that a system performs its
function in an efficient manner, free from unauthorized
manipulation of the system.
3- Availability
- Assures that systems work promptly and service is not
denied to authorized users.

2. What is the difference between data integrity and


system integrity?

a. Data integrity: Assures that information and programs are


changed only in a specified and authorized manner.
b. System integrity: Assures that a system performs its
function in an efficient manner, free from unauthorized
manipulation of the system.

3. What are the types of Attacks ? (Personal)

a. Active attack: An attempt to change system resources or


affect their operation.
b. Passive attack: An attempt to learn or make use of
information from the system that does not affect system
resources.
c. Inside attack: Initiated by an entity inside the security
perimeter (an “insider”).
d. Outside attack: Initiated from outside the organization, by an
unauthorized user of the system (an “outsider”).
4. List and briefly define the kinds of threat
consequences and the types of threat actions which
cause these consequences.

- Threat Consequences

1. Unauthorized Disclosure: event whereby an entity gains


access to data for which the entity is not authorized.
2. Deception: event that may result in an authorized entity
receiving false data and believing it to be true.
3. Disruption: event that prevents the correct operation of
system services and functions.
4. Usurpation: event that results in control of system
services or functions by an unauthorized entity.

- Threat Actions

1. Exposure: Sensitive data are directly released to an


unauthorized entity.
2. Interception: An unauthorized entity directly accesses
sensitive data traveling between authorized sources and
destinations.
3. Inference: A threat action whereby an unauthorized entity
indirectly accesses sensitive data.
4. Intrusion: An unauthorized entity gains access to sensitive
data by circumventing a system’s security protections.
5. List and Define Five Security Requirements. (Personal)

1. Access Control: Limit information system access to


authorized users.
2. Awareness and Training: Ensure that managers and users of
organizational information systems are made aware of the
security risks.
3. Identification and Authentication: Identify information system
objects and authenticate the identities of those objects.
4. Maintenance: Perform periodic and timely maintenance on
organizational information systems.
5. Media Protection: Protect information system media, both
paper and digital.

6. List and define five fundamental security design


principles.

- Economy of mechanism: the design of security mechanism


should be as simple and small as possible.
- Fail-safe default: means access decisions should be based on
permission rather than exclusion.
- Open design: means the design of a security mechanism should
be open rather than secret.
- Modularity: refers to the development of security functions as
separate, protected modules.
- Layering: refers to the use of multiple protection approaches.
7. What is a security policy ? What are the actions
involved when implementing a security policy ?

- a security policy is a formal statement of rules and practices


that specify how a system provides security services to protect
sensitive system resources.

• Prevention
• Detection:
• Response
• Recovery

8. Differentiate between a network attack surface and


a software attack surface.

• Network attack surface: This category refers to vulnerabilities


over an enterprise network, wide-area network, or the Internet.
• Software attack surface: This refers to vulnerabilities in
application, utility, or operating system code.

‫ضيف عليها‬

• Human attack surface: This category refers to vulnerabilities


created by personnel.

‫ وتبقا سؤال‬Categorization of Attack Surfaces


9. Compare between Attack Surface and Attack Tree.
(Personal)

• Attack Surfaces: An attack surface consists of the reachable


and exploitable vulnerabilities in a system.
• Attack Tree: An attack tree is a branching, hierarchical data
structure that represents a set of potential techniques for
exploiting security vulnerabilities.
Chapter 02
1. How is Cryptanalysis different from Brute-force
attack?
2. List and briefly explain the different approaches to
attacking a symmetric encryption scheme.

• Cryptanalysis: This type of attack exploits ‫ يستغل‬the


characteristics of the algorithm to attempt to deduce ‫ نستنتج‬a
specific plaintext or to deduce the key being used.
• Brute-force Attack: is to try every possible key on a piece of
ciphertext until you obtain the original plaintext.

3. What are the two principal requirements for the secure


use of symmetric encryption?

• Strong encryption algorithm.


• The sender and receiver must have obtained copies of the secret
key in a secure fashion.

4. What is one-way hash function?

• a hash function accepts a variable-size message as input and


produces a fixed-size message digest as output.
5. What are the principal ingredients of a public-key
cryptosystem ?

• Plaintext: This is the readable message.


• Encryption Algorithm: performs various transformation on the
plaintext.
• Public and Private key: This is a pair of keys that have been
selected so if one is used for encryption, the other is used for
decryption.
• Cipher Text: This is the encrypted message produced as output.
• Decryption Algorithm: transform the cipher text to the original
text (plaintext)

6. Do digital signatures provide confidentiality ?

• The digital signature does not provide confidentiality. That is, the
message being sent is safe from alteration, but not safe from
eavesdropping ‫التنصت‬.

7. What is a public-key certificate?

• A certificate consists of a public key plus a user ID of the key


owner, with the whole block signed by a trusted third party.

You might also like