InfoSec at TU Kaiserslautern | Flashcards & Summaries

Select your language

Suggested languages for you:
Log In Start studying!

Lernmaterialien für InfoSec an der TU Kaiserslautern

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen InfoSec Kurs an der TU Kaiserslautern zu.

TESTE DEIN WISSEN

Give at least two possible expressions for each of the six security assesment characteristics!

Lösung anzeigen
TESTE DEIN WISSEN

● Information

  • Black-Box
  • White-Box

● Intensity

  • Passive
  • Cautious
  • Balancing
  • Aggressive

● Extent

  • Complete
  • Partial
  • Focused

● Strategy

  • Covered
  • Open

● Technique

  • Network acc.
  • Other comm.
  • Physical
  • Soc. Eng.

● Perspective

  • External
  • Internal
Lösung ausblenden
TESTE DEIN WISSEN

What are the responsibilities for red teams and for blue teams?

Lösung anzeigen
TESTE DEIN WISSEN

Red teaming
• Originally rooted in military security assessment
• Probing security from an adversarial perspective, threat emulation
• Outside experts
• Goal: Assessing an organization's incident response
• Output: List of attack vectors and possible countermeasures


Blue teaming
• Defense group against real or simulated attacks
• Often as opponent to Red Team
• Internal security group, optional aid by external experts
• Goal: Reacting to attacks and preventing expected attack vectors
• Output: Strengthening defensive and investigative procedures

Lösung ausblenden
TESTE DEIN WISSEN

Map the following techniques to the phases in which they are typically
used!
a) Use a search engine, e.g. Yahoo, to collect data about the target.
b) Prepare an e-mail with malicious payload
c) Send an e-mail with malicious payload

d) Install a backdoor
e) Identify further systems in the network
f) Execute a kernel exploit
g) Install a software keylogger

Lösung anzeigen
TESTE DEIN WISSEN

a) Use a search engine, e.g. Yahoo, to collect data about the target.
Passive Reconnaissance
b) Prepare an e-mail with malicious payload
Weaponization
c) Send an e-mail with malicious payload
Delivery

d) Install a backdoor
Persistence
e) Identify further systems in the network
Discovery
f) Execute a kernel exploit
Privilege Escalation
g) Install a software keylogger
Credential Access

Lösung ausblenden
TESTE DEIN WISSEN

Describe the difference between reconnaissance and scanning!

Lösung anzeigen
TESTE DEIN WISSEN

reconnaissance = passive
scanning = active

Lösung ausblenden
TESTE DEIN WISSEN

Name three exemplary techniques for Reconnaissance and Scanning! 

Lösung anzeigen
TESTE DEIN WISSEN

Examples Reconnaissance

  • Open Source Intelligence
  • Dumpster diving
  • DNS information
  • Network ranges

Examples Scanning

  • TCP Port scanning
  • UDP Port scanning
  • OS identification
  • Banner grabbing
Lösung ausblenden
TESTE DEIN WISSEN

Name the four characteristics for the exploitability metrics and the
three characteristics of the impact metrics of the base score metrics of
the CVSS v3.0.

Lösung anzeigen
TESTE DEIN WISSEN

Exploitability metrics

  • Attack vector (AV)
  • Attack complexity (AC)
  • Privileges Required (PR)
  • User Interaction


Scope
Impact metrics

  • Confidentiality Impact (C)
  • Integrity Imapct (I)
  • Availability Impact
Lösung ausblenden
TESTE DEIN WISSEN

Describe the difference between reverse and bind shell!

Lösung anzeigen
TESTE DEIN WISSEN

Bind shell
With a bind shell the target system opens a socket that listens on a TCP port that wait for a
connection and sends the shell on a connection
Reverse shell
With a reverse shell the attacker opens a local socket that listens on a TCP port and waits
for the target machine to send a shell (using the command execution vulnerability)

Lösung ausblenden
TESTE DEIN WISSEN

Name and explain three defense evasion techniques!

Lösung anzeigen
TESTE DEIN WISSEN

● Proxy servers

  • Intermediate systems
  • Used to obfuscate network addresses

● Living off the land

  • Tactic of using tools that are already installed in the target environment instead of installing own software.

● DLL injection

  • A technique that forces a process to load and execute code from an arbitrary shared library.
Lösung ausblenden
TESTE DEIN WISSEN

Explain dead drop resolvers!

Lösung anzeigen
TESTE DEIN WISSEN

Post content that is interpreted as command or encoded/obfuscated address

Lösung ausblenden
TESTE DEIN WISSEN

Briefly explain the three authentication factors and name one example
each!

Lösung anzeigen
TESTE DEIN WISSEN

 Knowledge

  • Examples:
    • Password
    • Pin
    • Challenge response
    • Security questions
  • The person have to know this fact out of his memory


Ownership

  • Examples
    • ID card
    • Security token
    • Implanted device
    • Cell phone
    • Dongles
  • One have to own this object, or have access to it


Inherence

  • Examples
    • Fingerprints
    • Retinal pattern
    • Implanted device
    • Face
    • Signature
    • DNA sequence
    • Bio-electric signals
  • Some information, which depends on the person itself
Lösung ausblenden
TESTE DEIN WISSEN

Would you recommend the usage of biometric authentication? Give 2
arguments which support your opinion!

Lösung anzeigen
TESTE DEIN WISSEN

No because:

  • Current technologie is not safe enough to recognize a face and can be tricked
    therefore
  • Some parts, like fingerprints may be lost by accidents (losing fingers)
  • Signature can be faked


Maybe some further arguments:

  • False acceptance rate (FAR): Probability that a system incorrectly matches an input pattern to an actually non-matching template in a database. This is a type II error
  • False rejection rate (FRR): Probability that a system does not recognize an actual match between an input pattern and a matching template in a database. This is a type I error
  • Equal error rate (EER): The rate at which FAR and FER are equal
Lösung ausblenden
TESTE DEIN WISSEN

Name six characteristics of a security assessment!

Lösung anzeigen
TESTE DEIN WISSEN

● Information
● Intensity
● Extent
● Strategy
● Technique
● Perspective

Lösung ausblenden
  • 45410 Karteikarten
  • 1065 Studierende
  • 78 Lernmaterialien

Beispielhafte Karteikarten für deinen InfoSec Kurs an der TU Kaiserslautern - von Kommilitonen auf StudySmarter erstellt!

Q:

Give at least two possible expressions for each of the six security assesment characteristics!

A:

● Information

  • Black-Box
  • White-Box

● Intensity

  • Passive
  • Cautious
  • Balancing
  • Aggressive

● Extent

  • Complete
  • Partial
  • Focused

● Strategy

  • Covered
  • Open

● Technique

  • Network acc.
  • Other comm.
  • Physical
  • Soc. Eng.

● Perspective

  • External
  • Internal
Q:

What are the responsibilities for red teams and for blue teams?

A:

Red teaming
• Originally rooted in military security assessment
• Probing security from an adversarial perspective, threat emulation
• Outside experts
• Goal: Assessing an organization's incident response
• Output: List of attack vectors and possible countermeasures


Blue teaming
• Defense group against real or simulated attacks
• Often as opponent to Red Team
• Internal security group, optional aid by external experts
• Goal: Reacting to attacks and preventing expected attack vectors
• Output: Strengthening defensive and investigative procedures

Q:

Map the following techniques to the phases in which they are typically
used!
a) Use a search engine, e.g. Yahoo, to collect data about the target.
b) Prepare an e-mail with malicious payload
c) Send an e-mail with malicious payload

d) Install a backdoor
e) Identify further systems in the network
f) Execute a kernel exploit
g) Install a software keylogger

A:

a) Use a search engine, e.g. Yahoo, to collect data about the target.
Passive Reconnaissance
b) Prepare an e-mail with malicious payload
Weaponization
c) Send an e-mail with malicious payload
Delivery

d) Install a backdoor
Persistence
e) Identify further systems in the network
Discovery
f) Execute a kernel exploit
Privilege Escalation
g) Install a software keylogger
Credential Access

Q:

Describe the difference between reconnaissance and scanning!

A:

reconnaissance = passive
scanning = active

Q:

Name three exemplary techniques for Reconnaissance and Scanning! 

A:

Examples Reconnaissance

  • Open Source Intelligence
  • Dumpster diving
  • DNS information
  • Network ranges

Examples Scanning

  • TCP Port scanning
  • UDP Port scanning
  • OS identification
  • Banner grabbing
Mehr Karteikarten anzeigen
Q:

Name the four characteristics for the exploitability metrics and the
three characteristics of the impact metrics of the base score metrics of
the CVSS v3.0.

A:

Exploitability metrics

  • Attack vector (AV)
  • Attack complexity (AC)
  • Privileges Required (PR)
  • User Interaction


Scope
Impact metrics

  • Confidentiality Impact (C)
  • Integrity Imapct (I)
  • Availability Impact
Q:

Describe the difference between reverse and bind shell!

A:

Bind shell
With a bind shell the target system opens a socket that listens on a TCP port that wait for a
connection and sends the shell on a connection
Reverse shell
With a reverse shell the attacker opens a local socket that listens on a TCP port and waits
for the target machine to send a shell (using the command execution vulnerability)

Q:

Name and explain three defense evasion techniques!

A:

● Proxy servers

  • Intermediate systems
  • Used to obfuscate network addresses

● Living off the land

  • Tactic of using tools that are already installed in the target environment instead of installing own software.

● DLL injection

  • A technique that forces a process to load and execute code from an arbitrary shared library.
Q:

Explain dead drop resolvers!

A:

Post content that is interpreted as command or encoded/obfuscated address

Q:

Briefly explain the three authentication factors and name one example
each!

A:

 Knowledge

  • Examples:
    • Password
    • Pin
    • Challenge response
    • Security questions
  • The person have to know this fact out of his memory


Ownership

  • Examples
    • ID card
    • Security token
    • Implanted device
    • Cell phone
    • Dongles
  • One have to own this object, or have access to it


Inherence

  • Examples
    • Fingerprints
    • Retinal pattern
    • Implanted device
    • Face
    • Signature
    • DNA sequence
    • Bio-electric signals
  • Some information, which depends on the person itself
Q:

Would you recommend the usage of biometric authentication? Give 2
arguments which support your opinion!

A:

No because:

  • Current technologie is not safe enough to recognize a face and can be tricked
    therefore
  • Some parts, like fingerprints may be lost by accidents (losing fingers)
  • Signature can be faked


Maybe some further arguments:

  • False acceptance rate (FAR): Probability that a system incorrectly matches an input pattern to an actually non-matching template in a database. This is a type II error
  • False rejection rate (FRR): Probability that a system does not recognize an actual match between an input pattern and a matching template in a database. This is a type I error
  • Equal error rate (EER): The rate at which FAR and FER are equal
Q:

Name six characteristics of a security assessment!

A:

● Information
● Intensity
● Extent
● Strategy
● Technique
● Perspective

InfoSec

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten InfoSec Kurse im gesamten StudySmarter Universum

InfoSec Folien

Technische Universität Graz

Zum Kurs
Info

Université Libre de Bruxelles

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden InfoSec
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen InfoSec