CySec Foundations Teil 2
CySec Foundations Teil 2
CySec Foundations Teil 2
Kartei Details
| Karten | 210 |
|---|---|
| Sprache | Deutsch |
| Kategorie | Informatik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 31.07.2020 / 10.08.2020 |
| Weblink |
https://card2brain.ch/box/20200731_cysec_foundations_teil_2
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20200731_cysec_foundations_teil_2/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Lernkarteien erstellen oder kopieren
Mit einem Upgrade kannst du unlimitiert Lernkarteien erstellen oder kopieren und viele Zusatzfunktionen mehr nutzen.
Melde dich an, um alle Karten zu sehen.
How does HMAC work?
The message is hashed twice.
First, message is hashed with one part of the key and then with another part of the key
A CA has received a CSR from a webserver.
What does the CSR include?
- public key
- unsigned signature
- signature hash algorithm
A CA has received a Certificate Signing Request from a webserver.
Once verification is completed, what is the CA going to do with that CSR?
- CA creates a x509 cert with
- valid period
- key usage
- signed signature
- and send the cert back to the server
How is a root cert signed and why is it trustworthy?
- it is self signed
- turstworthy because already preinstalled
How can a client trust the issuer of a x509 cert?
by autiding the best practices of the issuer
Give two examples of authenticated encryption with associated data (AEAD) protocols.
- AES Galois Counter Mode (GCM)
- ChaCha20_Poly1305
In which situation whould ChaCha20 be prefered over AES?
in mobile phones -> CPUs don't have AES instruction set -> ChaCha20 is faster than AES
What is the problem with ciphertexts that haven't been secured with a MAC?
The integrity cannot be guaranteed
What is the problem with protocols that don't use the PKI for authentication?
vulnerable to man-in-the-middle attacks
During the TLS handshake, the server sends the client a signature in the ServerKeyExchange packet. How can the client decrypt that signature?
client has to use public key contained in the digital certificate of the server
What parts of a certificate are confidential and should be encrypted?
the private key with which the encryption happens
How does a data assurance package (e.g. Tripwire) provide some secondary virus detection capabilities?
they hash values for each file stored on a protectd system
-> filechange results in hashchange
-> triggers integrity alert
Which character is dangerous in context of SQL Injection attacks?
the single quote: '
Consider an adversary sniffing the network (where a Kerberos v5 auth system is implemented) and seeing the ticket that the ticket granting server (TGS) sent to client C. The adversary knows the identity of C. What prevents the adversary from using the ticket to obtain the service in place of C?
The timestamp makes certain that replay attacks do not work. The ticket itself cannot be modified since he does not know the respective key for decryption and re-encryption of any eventual new ticket.
Given g, p, b as Bobs private key and a as Alices private key, what is the formula for the shared secret?
shared secret = g ^ ( b * a ) mod p
Steps of the NIST Cyber Security Framework?
1. Identify
2. Protect
3. Detect
4. Respond
5. Recover
What is technical vulnerability management?
a security practise designed to proactively mitigate or prevent the exploitation of vulnerabilities
Which 4 things does the process of technical vulnerability management involve?
1. Identification
2. classification
3. remediation
4. mitigation
of vulnerabilities
What is a security event?
occurrence to have potential security implications
What is a security incident?
occurrence that actually or potentially jeopradizes confidentiality, integrity or availability of information
Sources of security events
- OS logs
- applications logs
- security tool logs
- outbound proxy logs
What does APT stand for?
Advanced Persistent Threat
What is an Advanced Persistent Threat (APT)?
network attack in which unauthorized personell gains access to a network and stays there, undetected for a long time
intention is to steal data
often targets orgs in high-value information sectors
Which 7 phases does the 'Cyber Attack Kill Chain' include?
1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploit
5. Installation
6. Command and Control
7. Actions
What does AAA stand for?
Authentication
Authorization
Accounting
What are the 7 authentication scheme classifications?
1. Basic Authentication
2. One Time Passwords
3. Challenge / Response
4. Anonymous Key Exchange
5. Zero-Knowledge Password Proofs
6. Server certificates plus user authentication
7. Mutual Public Key Authentication
What does MIME stand for?
Multipurpose Internet Mail Extension
What does SPF stand for?
Sender Policy Framework
What does DKIM stand for?
Domain Keys Identified Mail
What is the Sender Policy Framework?
SPF records are TXT records in DNS
a mailserver may check for a SPF records
-
- 1 / 210
-
