Computer security
- What is OSI security architecture?
The OSI Security Architecture is a setting that offers an organized means of defining the necessities for security and unfolding the methods to supporting those requirements; while still establishing security attacks, devices, and facilities and the associations among these modules.
- What is the difference between passive and active security threats?
Passive Attacks involve eavesdropping or monitoring of transmissions. In contrast, active attacks relate to the modification of the data stream or development of an untruthful flow; it may entail units such as replay, masquerade, denial of service, and adjustment of messages.
- List and briefly define categories of passive and active security attacks.
The categories of active attacks are replay, masquerade, modification of messages and denial of service; Denial of service- this is the suppression of communication services in a network. Masquerade- a situation whereby one party pretends to be another to access information. Modification of messages is the alteration, reordering, or delay of sections or portions of a message to yield unofficial results. Replay: involves passively capturing data and retransmitting it to yield an unauthorized result. The categories of passive security attacks are the release of message contents and traffic analysis; Release of message contents- this involves unauthorized capturing, accessing, and reading of the contents of the message. Traffic analysis involves observing the pattern, frequency, and length of communication as well as determining the location and individuality of the parties communicating.
- List and briefly define categories of security services.
Access control: The inhibition of unauthorized use of a resource in terms of controlling parties accessing the resources, conditions under which the access is made, and the authorization these parties have regarding the resource. Authentication: The guarantee that the communicating party is the one that it claims to be. Availability service: this is the accessibility and usability of a system's resource upon its demand by an authorized party as per the performance provisions of the particular system. Data confidentiality: this is the protection of data from unofficial exposure. Data integrity guarantees that the data being received is precisely how an authorized party sent it. Non-repudiation: This is protection against denial of access to communication by one or all of the parties involved in a connection.
- List and briefly define categories of security mechanisms.
Access Control: this is a series of techniques that impose access privileges to resources. Authentication Exchange: A mechanism envisioned to confirm the identity of a party employing evidence exchange. Data Integrity: a series of techniques used to ensure the integrity of data. Digital Signature: this is the cryptographic conversion of a data unit to prove the truthfulness of the data source and the data itself to protect it against imitation or alteration. Encipherment involves using an algorithm, mostly a mathematical one, to transmute data into a state that is incomprehensible while simultaneously using an algorithm together with several encryption keys to recover the data. Notarization: this is the use of a reliable third-party to guarantee specific properties of data exchange are met. Routing controls: this is the selection of a specific substantially secure route for a particular data stream and further routing changes in case of data security breach suspicion. Traffic padding: this is the addition of bits into openings in a data stream to exasperate traffic analysis efforts.
- List and briefly define the fundamental security design principles.
Complete mediation: Every access attempt must be evaluated against the set access control techniques. The economy of mechanism: ensures the simplicity of the security design. Encapsulation: an explicit form of seclusion built on object-oriented functionality Fail-safe default ensures that access to systems is permission-based. Isolation: the impression that systems, procedures, documents, and security techniques should be distinct from one other and as accessible as required. Layering: the use of several, overlying protections Least astonishment: the security should be designed in a way that limits user confusion. Least common mechanism: the strategy should lessen the roles shared by diverse users to ensure system security. Least privilege: each procedure and operator should work using the minimum set of rights required to complete the task. Modularity: refers to the creation of security techniques as distinct, protected units, and the use of an integrated architecture for security plan and employment Open design: the security strategy should not be secretive but open. Psychological acceptability: security procedures should not affect users' operations, but must meet the requirements of persons who approve access. Separation of privilege: incorporation of multiple distinct access attributes to get access to a service in the system.
- Explain the difference between an attack surface and an attack tree.
Attack Surface consists of the reachable and utilizable weaknesses in a system such as staffs, interfaces, and networks. In contrast, an attack tree is a deviating, well-organized data structure representing a set of credible procedures for manipulating security vulnerabilities in a system.