A7005E Final Exam Version 2 2013-10-30 PDF

Preview

Summary

TENTAMEN...

Description

EXAMINATION Luleå University of Technology

Course: A7005E Course name: Client Security Architecture Date: October 30th Time: 9:00 – 14:00 (5 hours) Aid: Bilal Charif, 073-705 8501

Teacher on duty (complete telephone number): Todd Booth, 076-346 3459

Teacher on duty (complete telephone number): Bilal Charif, 073-705 8501

Grade scale: U, G, and VG Total number of questions and score:

Other information:

Copy all answers to the pages and the end of the exam.

General instructions: Check that you have received all the tasks/questions. All new answers begin on a separate page. Print, write clearly. After examination

The result of your examination are posted on “ My pages” on the Student web Due to the large class size, for this exam, the examination results will be posted within 20 workdays after the examination. Uppgifter till tryckeriet för tentor campus Luleå Project number SRT: 341980 Hur många sidor: 14

Hur många ex: 8 (6 plus 2 extra, just in case) Dubbel eller enkelsidigt: single sided

Good Luck !!! Todd and Moutaz

Page 1 of 14

Part 1 T

F

1. Data integrity assures that information and programs are changed only in a specified and authorized manner.

T

F

2 The “A” in the CIA triad stands for “authenticity”.

T

F

3. X.800 architecture was developed as an international standard and focuses on security in the context of networks and communications.

4. __________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. A. Availability

C. System Integrity

B. Privacy

D. Data Integrity

5. A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. A. attack

C. countermeasure

B. adversary

D. protocol

6. An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user. A. masquerade

C. interception

B. repudiation

D. inference

7. Long Answer question or problem. Please answer all of these questions or problems, on a separate page (or pages).

What is the OSI security architecture?

T

F

8. Public-key cryptography is asymmetric.

Page 2 of 14

9. __________ is the scrambled message produced as output. A. Plaintext

B. Ciphertext

C. Secret key

D. Cryptanalysis

10. How many keys are required for two people to communicate via a symmetric cipher? (Please copy and write all answers, at the end of the exam (after the questions)) Do not write here.

Page 3 of 14

Part 2 T

F

11. Symmetric encryption is used primarily to provide confidentiality.

T

F

12. Public-key cryptography is asymmetric.

13. On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack. A. one-fourth

B. half

C. two-thirds

D. three-fourths

14. How can public-key encryption be used to distribute a secret key?

T

F

15. User authentication is the fundamental building block and the primary line of defense.

T F 16. User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic. 17. Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the ___________. A. identification step

C. verification step

B. authentication step

D. corroboration step

18. A __________ is a password guessing program. A. password hash

C. password cracker

B. password biometric

D. password salt

Page 4 of 14

19. A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored. A. eavesdropping attack

C. denial-of-service attack

B. client attack

D. host attack

20. Explain the suitability or unsuitability of the following passwords: a. AP987

b. mfpiny (for “my favorite place is new York”)

c. Jacqueline d. New South Wales e. Newton

f. Hj9kst

g. 555666777 h. laminallams

(Please copy and write all answers, at the end of the exam (after the questions)) Do not write here.

Page 5 of 14

Part 3 T

F

21. Keylogging is a form of host attack.

T

F

22. Access control is the central element of computer security.

T F 23. Security labels indicate which system entities are eligible to access certain resources. 24. __________ controls access based on comparing security labels with security clearances. A. MAC

B. DAC

C. RBAC

D. MBAC

25. __________ is based on the roles the users assume in a system rather than the user’s identity. A. DAC

B. RBAC

C. MAC

D. URAC

26. Assume a system with 10 job positions. For job position i, the number of individual users in that position is Ui and the number of permissions required for the job position is Pi. a. Define the total number of relationships between users and permissions for a DAC, as a product form. b. Define the total number of relationships between users and permissions for an RBAC, as a sum form.

T

F

27. Software security is closely related to software quality and reliability.

Page 6 of 14

T

F

28. Metamorphic code is software that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics.

T

F 29. A logic bomb is the event or condition that determines when the payload is activated or delivered.

T

F 30. Many forms of infection can be blocked by denying normal users the right to modify programs on the system.

T F payload.

31. In addition to propagating, a worm usually carries some form of

T F 32. A Trojan horse is an apparently useful program containing hidden code that, when invoked, performs some harmful function. T F 33.. A bot propagates itself and activates itself, whereas a worm is initially controlled from some central facility. T

F

34.. Every bot has a distinct IP address.

T

F

35. The buffer overflow type of attack is one of the least commonly seen attacks.

Page 7 of 14

Part 4 36.__________ are used to send large volumes of unwanted e-mail.

A. Rootkits

B. Spammer programs

C. Downloaders

D. Auto-rooter

37. A __________ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met. A. logic bomb

B. trapdoor

C. worm

D. Trojan horse

38. The __________ is what the virus “does”. A. infection mechanism

B. trigger

C. logic bomb

D. payload

39.. The __________ is when the virus function is performed. A. dormant phase

B. propagation phase

C. triggering phase

D. execution phase

40. During the __________ the virus is idle. A. dormant phase

B. propagation phase

C. triggering phase

D. execution phase

41.. Unsolicited bulk e-mail is referred to as __________. A. spam

B. propagating

C. phishing

D. crimeware

Page 8 of 14

42. __________ is malware that encrypts the user’s data and demands payment in order to access the key needed to recover the information. A. Trojan horse

B. Ransomware

C. Crimeware

D. Polymorphic

43. A __________ attack is a bot attack on a computer system or network that causes a loss of service to users. A. spam

B. phishing

C. DDoS

C. sniff

44. The first widely used occurrence of the buffer overflow attack was the _______. A. Code Red Worm

B. Morris Internet Worm

C. Sasser Worm

D. Slammer Worm

45. A ______ is a structure where data are usually saved on the stack. A. guard page

B. stack frame

C. heap

D. NOP sled

46. _________ aim to prevent or detect buffer overflows by instrumenting programs when they are compiled. A. Stack buffers

B. Guard pages

C. Compile-time defenses

D. Library functions

47. An essential component of many buffer overflow attacks is the transfer of execution to code, known as _______, supplied by the attacker and often saved in the buffer being overflowed. A. NOP code

B. stack code

C. heap code

D. shellcode

48. Incorrect handling of program _______ is one of the most common failings in software security. A. lines

B. input

C. output

D. disciplines

Page 9 of 14

49. “Incorrect Calculation of Buffer Size” is in the __________ software error category. A. Porous Defenses B. Allocation of Resources C. Risky Resource Management D. Insecure Interaction Between Components 50. Defensive programming is sometimes referred to as _________.

T

T

F

A. variable programming

B. secure programming

C. interpretive programming

D. chroot programming

51. Buffer overflow attacks result from careless programming in applications.

F 52. To exploit any type of buffer overflow the attacker needs to understand how that buffer will be stored in the processes memory.

T

F

53. The JAVA programming language is extremely vulnerable to buffer overflows.

T

F

54. To counter XSS attacks a defensive programmer needs to explicitly identify any assumptions as to the form of input and to verify that any input data conform to those assumptions before any use of the data.

T

F

55. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values.

End of Questions

Please copy your answers to the following sheets.

Page 10 of 14

Part 1 Student Answer Sheet First Name _______________________________ Last Name ________________________________ LTU Student ID _______________ Swedish Personal Number: ____________________ Final Grade Goal (G or VG)? ________________ If your grade goal is a G and you get a VG on the final exam, of course your final exam grade will be the VG. This question is for research purposes only. Q Answer

1. T/F

2. T/F

3. T/F

4. MCQ

5. MCQ

6. MCQ

7 Long N/A

8 T/F

9 MCQ

10 Long N/A

Long questions/problems answers go here. Use more pages as needed.

Page 11 of 14

Part 2 Student Answer Sheet First Name _______________________________ Last Name ________________________________ LTU Student ID _______________

Q Answer

11. T/F

12. T/F

13. MCQ

14. Long N/A

15. T/F

16. T/F

17 MCQ

18 MCQ

19 MCQ

20 Long N/A

Long questions/problems answers go here. Use more pages as needed.

Page 12 of 14

Part 3 Student Answer Sheet First Name _______________________________ Last Name ________________________________ LTU Student ID _______________

Q Answer

Q Answer

21. T/F

22. T/F

23. T/F

24. MCQ

25. MCQ

26. Long N/A

27 T/F

28 T/F

29 T/F

30 T/F

31 T/F

32 T/F

33 T/F

34 T/F

35 T/F

Long questions/problems answers go here. Use more pages as needed. If possible, start all answers, on a new page.

Page 13 of 14

Part 4 Student Answer Sheet First Name _______________________________ Last Name ________________________________ LTU Student ID _______________

Q Answer

36 MCQ

37 MCQ

38 MCQ

39 MCQ

40 MCQ

41 MCQ

42 MCQ

43 MCQ

44 MCQ

45 MCQ

48 MCQ

49 MCQ

50 MCQ

51 T/F

52 T/F

53 T/F

54 T/F

55 T/F

Part 4, continued Q Answer

46 MCQ

47 MCQ

Long questions/problems answers go here. Use more pages as needed. If possible, start all answers, on a new page.

End of Exam

Page 14 of 14...