logo image

computer security 11, 12, 13

In the DAC model, ____________________ can create and access their objects freely.
owners
What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian?
Mandatory Access Control
Role Based Access Control
Discretionary Access Control
Rule Based Access Control
Mandatory Access Control
Select below the access control model that uses access based on a user’s job function within an organization:
Role Based Access Control
Rule Based Access Control
Discretionary Access Control
Mandatory Access Control
Role Based Access Control
To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?
Account expiration
Discuss the differences between DAP and LDAP.
-unlike X.500 DAP, LDAP was designed to run over TCP/IP, making it ideal for Internet and intranet applications. X.500 DAP requires special software to access the network.

-LDAP has simpler functions, making it easier and less expensive to implement.

-LDAP encodes its protocol elements in a less complex way than X.500 that enables it to streamline requests.

A shield icon warns users if they attempt to access any feature that requires UAC permission.
true
Entries within a Directory Information Base are arranged in a tree structure called the:
DIT
Which access control model can dynamically assign roles to subjects based on a set of defined rules?
Rule Based Access Control
Describe LDAP injection attacks.
They can occur when user input is not properly filtered. This may allow an attacker to construct LDAP statements based on user input statements. The attacker could then retrieve information from the LDAP database or modify its content. The defense against LDAP injection attacks is to examine all user input before processing.
Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.
false
Describe the two key elements of the MAC model.
labels: In a system using MAC, every entity is an object (laptops, files, projects, and so on) and is assigned a classification label.

levels: A hierarchy based on the labels is also used, both for projects and subjects.

The action that is taken by a subject over an object is called a(n):
operation
The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?
DAP
When using Role Based Access Control (RBAC), permissions are assigned to:
Roles
Which access control model is considered to be the least restrictive?
Discretionary Access Control
The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.
false
A RADIUS ____________________ is a computer that forwards RADIUS messages among RADIUS clients and RADIUS servers.
proxy
Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:
Kerberos
Describe the MAC lattice model.
Different levels on the MAC lattice model have different security levels, and subjects are assigned a “rung” on the lattice just as object are.There can even be multiple lattices placed beside each other to allow for different groups or labels
What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database’s information?
LDAP injection
Describe how Kerberos works.
Kerberos is an authentication system. It is typically used when user attempts to access a network service and that service requires authentication. The user is provided a ticket that is issued by the Kerberos authentication server. The user presents this ticket to the network for a service. The service then examines the ticket to verify the identity of the user.
What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?
TACACS
During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?
authentication request
Discuss the two significant weaknesses of DAC.
DAC poses risks in that it relies on decisions by the end user to set the proper level of security. As a result, incorrect permissions might be granted to a subject or permissions might be given to an unauthorized subject.

A subjects permissions will be inherited by any programs that the subject executes. Attackers often take advantage of this inheritance because end users frequently have a high level of privileges.

Providing only the minimum amount of privileges necessary to perform a job or function.?
least privilege
The least restrictive access control model in which the owner of the object has total control over it.?
DAC
?The practice of requiring that processes should be divided between two or more individuals.
separation of duties
The act of movinng individuals from one job responsibility to another.?
job rotation
?The process of setting a user’s account to expire
account expiration
?Limitation imposed as to when a user can log in to a system or access resources.
time-of-day restriction
?The most restrictive access control model, typically found in military settings in which security is of supreme importance.
MAC
An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content.
LDAP injection attack+
The current version of the Terminal Access Control Access Control System (TACACS) authentication service.?
TACACS+
The second version of the Terminal Access Control Access Control System (TACACS) authentication service.?
XTACACS
The capability to look up information by name under the X.500 standard is known as a(n) ____________________-pages service.
white
What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?
access control model
List the steps for RADIUS authentication with a wireless device in an IEEE 802.1x network.
1. A wireless device sends a request to an AP requesting permission to join the WLAN.

2. The AP creates a data packet from this information.

3. When an authentication packet request is received, the RADIUS server validates that the request is from an AP and then decrypts the data packet to access the user name and password information.

4. If the username and password are correct, the RADIUS server sends an authentication acknowledgement that includes information on the user’s network system and service requirements.

5. If accounting is also supported by the RADIUS server, an entry is started in the accounting database.

6. Once the server information is received and verified by the AP, it enables the necessary configuration to deliver the wireless services to the user.

Describe the Bell-LaPadula model.
It contains an additional restriction not found in the original lattice model. This protection prevents subjects from creating a new object or performing specific functions on objects that are lower level than their own.
A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
ACL
To prevent one individual from having too much control, employees can ____________ job responsibilities within their home department or across positions in other departments.
rotate
User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?
orphaned
What are the three broad categories on which authentication can be based?
what you know: Passwords

what you have: tokens, cards, and cellphones

what you are: biometrics

Using one authentication credential to access multiple accounts or applications.?
single sign-on
?Five elements that can prove the genuineness of a user: what you know, what you have, what you are, what you do, and where you are.
authentication factors
?A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.
token
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file.?
brute force attack
A password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest.?
key stretching
A popular key stretching password hash algorithm?
bcrypt
?A random string that is used in hash algorithms.
salt
?A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly mispelling words, or including special characters.
hybrid attack
?A hash used by modern Microsoft Windows operating systems for creating password digests.
NTLM (New Technology LAN Manager) hash
A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file.?
dictionary attack
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
true
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:
password
Explain how an attacker can use a resetting attack.
The attacker can gain access to the user’s computer and erase the existing password and reset it to a new password.
The most common type of authentication today is a(n) ____________________.
password
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.?
true
Why do passwords place a heavy load on human memory?
because humans can only memorize a limited number of items.
____________________ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
openID
?What federated identity management (FIM) relies on token credentials?
OAuth
Explain why the LAN Manager (LM) hash is vulnerable.
Because the LN hash encrypts the password with a key that is the password itself. Also it is not case sensitive so it is way easier for an attacker to guess your password. Lastly, the hash splits passwords into two 7 character parts. So if you have a password that is longer than 14 characters, the extra letters are dropped.
The use of a single authentication credential that is shared across multiple networks is called:
identity management
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?
hybrid
What is the center of the weakness of passwords?
human memory
OpenID is an example of a web-based federated identity management (FIM) system.?
true
Discuss the weaknesses of OpenID.
OpenID depends on the URL identifier routing to the correct server, which depends on a domain name server (DNS) that may have its own security weaknesses.
?Which hashing algorithm below is used with NTLMv2’s Hashed Message Authentication Code?
SHA-1
?SHA-256
?MD4
MD5
?MD5
What is the difference between multifactor authentication and single-factor authentication??
multifactor authentication uses more than one type of authentication, while single-factor authentication just uses one type of authentication.
What kind of biometrics utilizes a person’s unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person’s face?
Standard biometrics
Describe how rainbow tables work.
First you have to create the table itself. The table is used to crack a password. The password that is going to be broken is hashed and run through the same procedure used to create the initial table. This results in the initial password of the chain. Then the process is repeated, starting with this initial password until the original digest is found. The password used at the last iteration is the cracked password.
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?
Brute force
Discuss the types of shortcuts that users take to help them recall their passwords.
User’s will use a common password, a short password, or personal information. Even when a user attempts to create a stronger password, they generally follow predictable patterns of appending and replacing.
The use of one authentication credential to access multiple accounts or applications is referred to as?
Single Sign On
?A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
?Common Access Card (CAC)
What are the three advantages of a rainbow table over other password attacks?
1. A rainbow table can be used repeatedly for attacks on other passwords.
2. Rainbow tables are much faster than dictionary attacks.
3. The amount of memory needed on the attacking machine is greatly reduced.
Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.
false
?A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
charmap.exe
A token ____________________ is a unique random string of characters that is encrypted to protect the token from being used by unauthorized parties.
identifier
What can be used to increase the strength of hashed passwords??
salt
In most systems, a user logging in would be asked to ____________________ herself.
identify
?What type of one-time password (OTP) changes after a set time period?
?Time-based one-time password (TOTP)
Which term below describes the time it takes for a key to be pressed and then released?
dwell time
Passwords that are transmitted can be captured by what type of software?
protocol analyzer
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?
offline cracking
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?
OAuth
Windows stores files on a hard drive in 512-byte blocks called ____________________.
sectors
A snapshot of the current state of a computer that contains all current settings and data is known as what option below:
system standard
system view
system image
system baseline
system image
What are the steps in damage control?
-report the incident to security or the police
-confront any suspects (if the situation allows)
-neutralize the suspected perpetrator from harming other(if necessary)
-secure physical security features
-quarantine electronic equipment

-contact the response team

What does Windows do if a file being saved is not long enough to fill up the last sector on the disk?
Windows pads the remaining cluster space with data that is currently stored in RAM.
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it’s operational and financial position, what should be performed?
Business impact analysis (BIA)
Most metadata about a file is generated and recorded automatically without the user’s knowledge.
true
RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted.
true
Multiple sectors on a disk, when combined, are referred to as a:
cluster
Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:
symmetric network
symmetric server
asymmetric network
asymmetric server
asymmetric server
RAID 0 technology is based on ____________________.
striping
Explain how to best capture volatile data.
Capturing volatile information can best be performed by capturing the entire system image, which is a snapshot of the current state of the computer that contains all current settings and data.
A metallic enclosure that prevents the entry or escape of an electromagnetic field.?
faraday cage
Combining two or more servers to appear as one single unit.?
clustering
?The ability of a business to continue to function in the even of a disaster.
continuity of operations
The ability of an organization to maintain its operations and services in the face of a disruptive event.?
business continuity
A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.?
mean time between failure (MTBF)
Using technology to search for computer evidence of a crime.?
computer forensics
?The process of identifying threats.
risk assessment
A process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence.?
chain of custody
A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.?
hot site
The maximum length of time that an organization can tolerate between backups.?
recovery point objective
Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?
recovery site
recovery point
single point of failure
cascade point of failure
single point of failure
Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene.
false
In what type of server cluster can services fail over from downed servers to functional servers?
symmetric server
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?
RAM slack
What are the objectives of disaster exercises?
-test the efficiency of interdepartmental planning and coordination in managing a disaster
-test current procedures of the DRP
-determine the strengths and weaknesses in responses
When creating a data backup plan or policy, what five basic questions should be answered?
-what information should be backed up?
-how frequently should it be backed up?
-what media should be used?
-where should the backup be stored?
-what hardware or software should be used?
The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:
Business continuity planning and testing
?What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?
RAID 5
What is required upon completion of an evidence examination?
a detailed report is required that lists the steps that were taken and any evidence that was uncovered in the forensic investigation.
____________________ is data about data.
metadata
What kind of data can be lost when a computer is turned off?
volatile
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:
service level agreement
Generally, ____________________ focuses on restoring computing and technology resources to their former state.
DRP
What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?
mirror image
What term is used to describe a documentation of control over evidence, which is used to ensure that no unauthorized person was given the opportunity to corrupt the evidence?
chain of custody

Need essay sample on "computer security 11, 12, 13"? We will write a custom essay sample specifically for you for only $ 13.90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy