CS System Security 2nd-Half Semester Review

Similar documents
CS System Security Mid-Semester Review

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Security+ SY0-501 Study Guide Table of Contents

Ethical Hacking and Prevention

CTS2134 Introduction to Networking. Module 08: Network Security

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Network Security. Thierry Sans

Curso: Ethical Hacking and Countermeasures

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Operating Systems. Engr. Abdul-Rahman Mahmood MS, PMP, MCP, QMR(ISO9001:2000) alphapeeler.sf.net/pubkeys/pkey.htm

Chapter 19 Security. Chapter 19 Security

Network Security - ISA 656 Review

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Chapter 9. Firewalls

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Syllabus: The syllabus is broadly structured as follows:

Unit 5. System Security

INF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Certified Ethical Hacker (CEH)

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Access Controls. CISSP Guide to Security Essentials Chapter 2

CompTIA Security+ (Exam SY0-401)

CIH

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Computer Security: Principles and Practice

CompTIA Security+ Certification

Language-Based Protection

Understanding Cisco Cybersecurity Fundamentals

Chapter 3: User Authentication

Security and Authentication

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

CompTIA Security+ (2008 Edition) Exam

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Advanced Diploma on Information Security

The following chart provides the breakdown of exam as to the weight of each section of the exam.

AIT 682: Network and Systems Security

CS 356 Operating System Security. Fall 2013

COMPUTER NETWORK SECURITY

SANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.

Implementing Cisco Network Security (IINS) 3.0

Securing Information Systems

Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing. International Standard Book Number:

GCIH. GIAC Certified Incident Handler.

CSci 530 Final Exam. Fall 2007

CS 356 Internet Security Protocols. Fall 2013

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

Chapter 15: Security. Operating System Concepts 8 th Edition,

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Firewalls, Tunnels, and Network Intrusion Detection

Software Development & Education Center Security+ Certification

Network Security and Cryptography. December Sample Exam Marking Scheme

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats


CHAPTER 8 SECURING INFORMATION SYSTEMS

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Lecture 9 User Authentication

CSE 565 Computer Security Fall 2018

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

Information Security: Principles and Practice Second Edition. Mark Stamp

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

2. INTRUDER DETECTION SYSTEMS

IDS: Signature Detection

The Security Problem

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Applied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.

Introduction to Network Security Missouri S&T University CPE 5420 Exam 2 Logistics

Computer Security. 12. Firewalls & VPNs. Paul Krzyzanowski. Rutgers University. Spring 2018

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

5. Execute the attack and obtain unauthorized access to the system.

Course 831 Certified Ethical Hacker v9

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

Home Computer and Internet User Security

Intruders, Human Identification and Authentication, Web Authentication

The Protocols that run the Internet

Scanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.

Endpoint Security - what-if analysis 1

Introduction and Overview. Why CSCI 454/554?

Security Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)

Chapter 4. Network Security. Part I

Lecture 12 Malware Defenses. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Bailey s ECE 422

CompTIA. SY0-501 EXAM CompTIA Security+ m/ Product: Demo. For More Information:

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

POST GRADUATE DIPLOMA IN CYBER SECURITY (PGDCS)

Gladiator Incident Alert

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Chapter 15: Security. Operating System Concepts 9 th Edition

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users

CSCE 813 Internet Security Final Exam Preview

19.1. Security must consider external environment of the system, and protect it from:

Implementing Cisco Cybersecurity Operations

Configuring attack detection and prevention 1

Transcription:

CS 356 - System Security 2nd-Half Semester Review Fall 2013

Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This is to assess your understanding of the material covered. There will be concepts, terminology and problems to be solved. The final exam will cover topics discussed all semester, but emphasis will be on topics from the 2nd half of the class. 2

3

Chapter 2: Cryptographic Tools introduced cryptographic algorithms symmetric encryption algorithms for confidentiality message authentication & hash functions public-key encryption digital signatures and key management random numbers

Chapter 3: User Authentication the four means of authenticating user identity are based on: something the individual knows password, PIN, answers to prearranged questions something the individual possesses (token) smartcard, electronic keycard, physical key something the individual is (static biometrics) fingerprint, retina, face something the individual does (dynamic biometrics) voice pattern, handwriting, typing rhythm

Chapter 3: User Authentication four means of authenticating a user s identity something the individual knows something the individual possesses something the individual is something the individual does vulnerability of passwords offline dictionary attack specific account attack popular password attack password guessing against single user workstation hijacking exploiting user mistakes exploiting multiple password use electronic monitoring hashed password and salt value password file access control password selection strategies user education computer generated passwords reactive password checking proactive password checking Bloom filter token based authentication memory cards smart cards biometric authentication remote user authentication password protocol token protocol static biometric protocol dynamic biometric protocol

DNS & DNSSEC DNS is essential internet service Very little security Cache Poisoning Kaminsky attack DNSSEC - security extensions for DNS adds authentication to existing DNS protocol via new record types employing crypto RRSIG, DNSKEY, NSEC DNS Signing DNS Validating Trust Anchor (root of trust) Chain of Trust: DS record 7

Chapter 4: Access Control introduced access control principles subjects, objects, access rights discretionary access controls access matrix, access control lists (ACLs), capability tickets UNIX traditional and ACL mechanisms role-based access control case study

Chapter 5 Data Base Security not discussed, not on exam 9

Chapter 6: Malicious Software types of malicious software (malware) terminology for malicious software viruses infected content infection mechanism, trigger, payload dormant, propagation, triggering, and execution phases boot sector infector, file infector, macro virus, and multipartite virus encrypted, stealth, polymorphic, and metamorphic viruses worms vulnerability exploit replicates via remote systems e-mail, file sharing, remote execution, remote file access, remote login capability scanning/fingerprinting spam e-mail/trojans social engineering payload system corruption data destruction, real world damage ramsomware, logic bomb payload attack agent bots remote control facility payload information theft credential theft, keyloggers, spyware phishing, identity theft payload stealthing backdoor/trapdoor rootkit kernel mode rootkits virtual machine/external rootkits countermeasures prevention detection, identification, removal host based scanners/behavior blocking software digital immune system

IP Hijacking If this is on the exam, the ONLY area I will consider as valid for questions are in the first 5 slides: definition of IP hijacking Consequences of IP hijacking: blackhole, eavesdrop, impersonation, spam, etc.

Chapter 7: Denial of Service introduced denial of service (DoS) attacks classic flooding and SYN spoofing attacks ICMP, UDP, TCP SYN floods distributed denial of service (DDoS) attacks reflection and amplification attacks defenses against DoS attacks responding to DoS attacks

Midterm Slides after this are from 2nd half of semester 13

Intrusion Detection intruders masquerader misfeasor clandestine user intruder behavior patterns hacker criminal enterprise internal threat security intrusion/intrusion detection intrusion detection systems host-based network-based sensors, analyzers, user interface host-based anomaly detection signature detection audit records distributed host-based intrusion detection network-based sensors: inline/passive distributed adaptive intrusion detection intrusion detection exchange format honeypot SNORT

Firewalls firewalls need for characteristics of techniques capabilities/limitations types of firewalls packet filtering firewall stateful inspection firewalls application proxy firewall circuit level proxy firewall bastion host host-based firewall personal firewall firewall location and configurations DMZ networks virtual private networks distributed firewalls intrusion prevention systems (IPS) host-based IPS (HIPS) network-based IPS (NIPS) Snort Inline UTM products

Application Security software security issues defensive/secure programming handling program input key concern for input: size /interpretation injection attack command /SQL /code cross-site scripting attacks XSS reflection validating input syntax input fuzzing handling program output writing safe program code correct algorithm implementation ensuring machine language corresponds to algorithm correct interpretation of data values correct use of memory preventing race conditions interacting with the operating system and other programs environment variables

Buffer Overflow buffer overflow (buffer overrun) more input placed into a buffer than the allocated capacity stack buffer overflows targeted buffer is located on the stack function call mechanisms stack frame stack overflow vulnerabilities shellcode shellcode development position independent cannot contain NULL values compile-time defenses resist attacks in new programs run-time defenses detect and abort attacks in existing programs stack protection mechanisms replacement stack frame off-by-one attacks return to system call heap overflows global data area overflows

OS Security system security planning operating systems hardening initial setup and patching remove unnecessary services configure users and groups test system security application security application configuration encryption technology security maintenance data backup virtualization security virtualization alternatives Linux/Unix security patch management application configuration users, groups, permissions remote access security testing windows security patch management users administration and access controls application and service configuration security testing

Internet Security Protocols secure E-Mail and S/MIME DomainKeys Identified Mail Internet mail architecture DKIM strategy Secure Sockets Layer (SSL) and Transport Layer Security (TLS) SSL architecture SSL record protocol change cipher spec protocol alert protocol handshake protocol HTTPS connection initiation connection closure Virtual Private Networks (VPN) IPv4 and IPv6 security IP security overview scope of IPsec security associations encapsulating security payload transport and tunnel modes

Internet Authentication Applications Kerberos Kerberos protocol Kerberos realms Kerberos versions 4 and 5 Kerberos performance issues X.509 public-key infrastructure PKIX management functions PKIX management protocols federated identity management

Wireless Security wireless security overview wireless network threats wireless security measure IEEE 802.11 wireless LAN overview Wi-Fi alliance IEEE 802 protocol architecture IEEE 802.11 network components and architectural model IEEE 802.11 services IEEE 802.11i IEEE 802.11i Services IEEE 802.11i Phases of Operation Discovery Phase Authentication Phase Key Management Phase Protected Data Transfer Phase the IEEE 802.11i Pseudorandom Function

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback