No one right solution. I think the important thing to understand here is that no company is safe from a breach, and many companies that you interact on a daily basis have suffered breaches.
Black Market Prices Quiz
Black Market Prices Quiz Solution
I think the point here is not to remember the exact numbers, but rather to understand that this information can be purchased relatively cheaply. This makes sense given that millions of records can be retrieved in a single breach.
Since data breaches involve the disclosure of information to unauthorized parties, these breaches violate confidentiality.
Losses Due to Cyber Crime Quiz
Losses Due to Cyber Crime Quiz Solution
Security Mindset Quiz
Security Mindset Quiz Solution
Software Security
Stack Access Quiz
Stack Access Quiz Solution
Since allow_login, pwdstr and targetpwd are all local variables to main, any access of them will access memory locations inside the stack frame for main.
The only lines of code that don't access the stack frame for main are the calls to printf, (which create a new stack frame), and else.
Attacker Code Quiz
Attacker Code Quiz Solution
Remember that the stack pointer moves down in memory as space is allocated. This means that allow_login will receive memory starting at the highest feasible address, and pwdstr will receive memory starting at the next highest feasible address.
Suppose both int and char occupy 1 byte. allow_login may be allocated 1 byte of space starting at memory address 1000. pwdstr may be allocated 12 bytes of space starting at memory address 988.
If the user enters a password longer than 12 bytes, the remaining bytes will overflow into the memory allocated to allow_login, effectively overwriting its value.
Since login will succeed if allow_login is anything but 0 (i.e. not a fail-safe default), this overflow will almost certainly lead to access being granted.
Buffer Overflow Quiz
Buffer Overflow Quiz Solution
The first answer is wrong. The target password can be as long as you'd like, but if the attacker submits a longer password, the overflow will still happen.
The third answer is also wrong. Besides the fact that you shouldn't ever really add useless variables, these variables will only provide a finite amount of distance between the user-filled buffer and the return address. With a long enough password, the attacker can still overwrite the return address.
Only the second answer is correct. The overflow happens precisely because input larger than the space allocated for that input is not rejected by the program.
NVD Quiz
NVD Quiz Solution
Strongly Vs Weakly Typed Language Quiz
Strongly Vs Weakly Typed Language Quiz Solution
Buffer Overflow Attacks Quiz
Buffer Overflow Attacks Quiz Solution
Stack canaries do prevent return-to-libc buffer overflow attacks, because stack canaries prevent return address overwriting. Without overwriting the return address, a function can only return to the function that called it.
ASLR does not protect against read-only buffer overflow exploits. ASLR only makes it harder to supply key addresses in write-based buffer overflow exploits.
Heartbleed cannot be avoided by using a non-executable stack. Heartbleed is a read-based buffer overflow exploit, and the attack did not involve injecting any machine instructions onto the stack.
A system call requires control transfer from the calling process into the OS, which then must perform authentication/authorization checks before granting access and transferring control back.
This is more costly than a regular call, which incurs none of this overhead.
Secure OS Quiz 3
Secure OS Quiz 3 Solution
Processes run on behalf of users. Users must login to the system to run applications/processes.
User Isolation Quiz
User Isolation Quiz Solution
Revisiting Stack Overflow Quiz
Revisiting Stack Overflow Quiz Solution
Execution Privilege Level Quiz
Execution Privilege Level Quiz Solution
TCB Requirements Quiz
TCB Requirements Quiz Solution
In this case, we have tampered with the TCB by turning off the check. The access still proceeds through the operating system, and is still technically correct (i.e. the access wasn't permitted because of a bug).
Size of Security Code
Size of Security Code Solution
I think the point being made here is that the increase in complexity may be accompanied by an increase in vulnerability.
Hypervisor Code Size Quiz
Hypervisor Code Size Quiz Solution
Again, the argument being made here is that using a hypervisor as a TCB, with fewer lines of code than a full-fledged operating system, might be a more secure choice.
Authentication
Authentication Quiz
Authentication Quiz Solution
If someone steals your phone, you will be thankful for your lock screen/passcode.
Login Attacks Quiz
Login Attacks Quiz Solution
Remember, the positive event is gaining access to the system. A false positive is gaining access erroneously. An attacker authenticating as someone else is a false positive.
Implementation Quiz
Implementation Quiz Solution
Password Popularity Quiz
Password Popularity Quiz Solution
If we are attacking systems, we might get the best bang for our buck trying these passwords.
Password Quiz
Password Quiz Solution
A trusted path ensures that there is no application between the user and the operating system. Without this path, malicious programs may intercept login credentials.
Hashed Passwords Quiz
Hashed Passwords Quiz Solution
Hash Function Characteristics Quiz
Hash Function Characteristics Quiz Solution
Unique PINS Quiz
Unique PINS Quiz Solution
With ten options for the first digit, ten options for the second digit, and so on, the total number of four digit pins is 10 10 10 * 10, or 10^4, or 10,000.
Brute Force Quiz
Brute Force Quiz Solution
With 72 options for each other six characters, the total number of unique passwords is 72^6, which is the number of attempts the hacker will have to make in the very worst case.
Touch Screen Passwords Quiz
Touch Screen Passwords Quiz Solution
Basically, the idea here is that attackers will likely not have to exhaustively search the space of possible patterns because biases exist that greatly shrink this space into a much smaller space of much more probable patterns.
Multi-factor Authentication Quiz
Multi-factor Authentication Quiz Solution
Remember, a false positive occurs when a malicious user is granted access to the system as a valid user. The likelihood of this happening decreases when multiple authentication components are employed by the system.
As a basic example, consider someone recording your voice and playing it back to a voice-based authentication system.
Access Control
Data Confidentiality Quiz
Data Confidentiality Quiz Solution
Controlling read access is connected to data confidentiality, while controlling write access is connected to data integrity.
Determining Access Quiz
Determining Access Quiz Solution
Access control conflicts can be securely resolved by denying access.
Discretionary Access Control Quiz
Discretionary Access Control Quiz Solution
Bob can write the contents of the file to a new file that he owns, and share that file with Charlie.
ACE Quiz
ACE Quiz Solution
The presentation of the ticket is sufficient to gain access to the theater. No other access checks are required. This is closest in functionality to a capability.
ACE Access Quiz
ACE Access Quiz Solution
Negative access rights supersede positive access rights, so you can't terminate as soon as you find a positive access right. You can terminate as soon as you find a negative access right, though.
NB: The third option can't be true if the second option is true.
Revocation of Rights Quiz
Revocation of Rights Quiz Solution
Time to Check vs Time to Use Quiz
Time to Check vs Time to Use Quiz Solution
As long as you had the permissions when you called open, you can access the file using the file descriptor.
Unix File Sharing Quiz
Unix File Sharing Quiz Solution
You would need to somehow add the descriptor to the per-process descriptor table for the process with which you wish to share the descriptor. Since the OS owns this table, mutating it is impossible.
SetUID Bit Quiz
SetUID Bit Quiz Solution
The effective UID of a process executing a file with the setuid bit set is the owner of the file, not the user who created the process.
RBAC Benefits Quiz
RBAC Benefits Quiz Solution
Access Control Policy Quiz
Access Control Policy Quiz Solution
From a security standpoint, denying access is a fail-safe default. It never fails to keep your system secure.
Mandatory Access Control
DAC Quiz
DAC Quiz Solution
DAC can't control information flow, so we must use MAC.
Health Data Quiz
Health Data Quiz Solution
BLP is concerned with military/governmental intelligence. HIPAA is concerned with health information.
Given any two real numbers, one number is always greater than the other.
Label Domination Quiz
Label Domination Quiz Solution
While secret < top-secret , {Asia, Europe} cannot be compared with {Europe, South-America}.
Sensitive Data Quiz
Sensitive Data Quiz Solution
In order for D1 to dominate D2, D1 must have a higher sensitivity level than D2.
In addition, the compartment of D1 must contain the compartment of D2 in order to be 'greater' (based on the ordering rules for sets). For this to be the case, the compartment of D2 must be a subset of ("narrower" than) the compartment of D1.
Unclassified Documents Quiz
Unclassified Documents Quiz Solution
Write-down says that individuals cannot write documents with a classification that is less than their security clearance. Therefore, unclassified documents cannot be written by individuals holding a security clearance of classified, secret, or top secret.
Classified Data Quiz
Classified Data Quiz Solution
Because of the write-up rule, individuals are allowed to write documents at a classification level that is greater than their clearance level. Individuals with unclassified security clearance are thus allowed to write top secret documents.
BLP Model Quiz
BLP Model Quiz Solution
For example, if a user is writing to a top secret document, and the classification level suddenly changes to secret, the write-up rule is violated and information is flowing in the wrong direction.
Clark Wilson Quiz
Clark Wilson Quiz Solution
In mandatory access control, sharing decisions are not made at the discretion of the user.
COI Quiz
COI Quiz Solution
Competition implies that there is a possibility for a conflict of interest. Chinese Wall is best at preventing these situations.
RBAC Quiz
RBAC Quiz Solution
In mandatory access control, the company decides who can share what.
MAC Support Quiz
MAC Support Quiz Solution
Least Privilege Quiz
Least Privilege Quiz Solution
The TCB provides high assurance, not certainty.
TCB High Assurance Quiz
TCB High Assurance Quiz Solution
Security by obscurity violates open design.
Design Principle Quiz
Design Principle Quiz Solution
A fail-safe default is one that provides security unless otherwise specified. In this case, the default should be traffic encryption.
Remember, the characteristics of DNS servers can be used to amplify the effects of DDoS attacks, not mitigate them.
C&C Design Quiz
C&C Design Quiz Solution
The second answer is false. Bot code can have logic bombs or other triggers that enable bot to attack without contacting a C&C server.
The third answer is also false. A botnet is more likely to be found using custom communication protocols, as admins observing the network are more likely to detect strange types of traffic flowing from their system.
Botnet C&C Quiz
Botnet C&C Quiz Solution
A single gmail account, hardcoded in bot code, is both easy to detect and easy to disrupt.
P2P traffic will easily stand out in an enterprise network where peer-to-peer communications are not typically allowed.
A news site can be hard to detect, because traffic to news websites is common. However, if the site is identified as being malicious, it can easily be blocked.
APT Quiz
APT Quiz Solution
Malware Analysis Quiz
Malware Analysis Quiz Solution
Firewalls
Firewalls Quiz
Firewalls Quiz Solution
Firewall Features Quiz
Firewall Features Quiz Solution
Firewall Filtering Quiz
Firewall Filtering Quiz Solution
The first example follows the "default drop" rule, which is high security but requires new services to be expressly allowed. The second example follows the "default forward" rule, which is easier to use at the expense of security. The final approach sits in between the two in terms of security and ease of use.
Packet Filtering Quiz
Packet Filtering Quiz Solution
Filtering Quiz
Filtering Quiz Solution
Personal Firewalls Quiz
Personal Firewalls Quiz Solution
If the device is not always protected by the corporate network, as is the case in scenarios 1 and 3, then the personal firewall is needed for additional security.
Statistical & Knowledge Based Approaches Quiz Solution
Machine Learning Quiz
Machine Learning Quiz Solution
Anomalous Behavior Quiz
Anomalous Behavior Quiz Solution
Zero Day Market Place Quiz
Zero Day Market Place Quiz Solution
Attacks Quiz
Attacks Quiz Solution
NIDS Quiz
NIDS Quiz Solution
IDS Quiz
IDS Quiz Solution
NIDS Sensor Deployed Quiz
NIDS Sensor Deployed Quiz Solution
Snort Quiz
Snort Quiz Solution
Honeypot Quiz
Honeypot Quiz Solution
IDS Quiz
IDS Quiz Solution
IDS Attack Quiz
IDS Attack Quiz Solution
Introduction to Cryptography
Encryption Attack Quiz
Encryption Attack Quiz Solution
In a brute-force attack, the attacker must try all potential keys. The only way to make this task more difficult is to increase the length of the key, thus increasing the size of the keyspace.
Simple Ciphers Quiz
Simple Ciphers Quiz Solution
Since "A" maps to "D", "B" maps to "E", and so forth, we can just "rewind" each letter in the ciphertext by three to obtain the plaintext.
Monoalphabetic Cipher Quiz
Monoalphabetic Cipher Quiz Solution
Vigenere Cipher Quiz
Vigenere Cipher Quiz Solution
Hash Function Quiz
Hash Function Quiz Solution
The avalanche effect states that a small change in the input to a hash function causes a large change to the output. We want this in place as a way to obscure similar passwords. Without the avalanche effect, an attacker may be able to deduce password A from its hash value if he knows that the hash of a string B is similar to A's hash.
Symmetric Encryption Quiz
Symmetric Encryption Quiz Solution
Asymmetric Encryption Quiz
Asymmetric Encryption Quiz Solution
Encryption Quiz
Encryption Quiz Solution
Symmetric Encryption
Block Cipher Quiz
Block Cipher Quiz Solution
XOR Quiz
XOR Quiz Solution
"H" has an ASCII code of 72, which maps to 0b01001000, and "i" has an ASCII code of 105, which maps to 0b01101001. "F" maps to 15 (0b1111) and "A" maps to 11 (0b1001), so "FA" maps to 0b11111001 and "F2" maps to 0b11111001.
We XOR two numbers bit-by-bit, and we return 0 when the bits match and 1 otherwise. Therefore 0b0100100001101001 XOR 0b1111100111110010 is 0b1011000110011011.
S Box Quiz
S Box Quiz Solution
DES Quiz
DES Quiz Solution
AES Encryption Quiz
AES Encryption Quiz Solution
CBC Quiz
CBC Quiz Solution
Public-Key Cryptography
Additive Inverse Quiz
Additive Inverse Quiz Solution
In modular addition, a number $k$ has an inverse $k'$ such that $k + k' \pmod M = 0$. In this case, $M = 20$ and $k = 8$. Therefore, $k' = 12$ because $8 + 12 \pmod{20} = 0$.
Modular Multiplication Quiz
Modular Multiplication Quiz Solution
In modular multiplication, a number $k$ has an inverse $k'$ such that $k k' \pmod M = 1$. In this case, $M = 17$ and $k = 3$. Therefore, $k' = 6$ because $3 6 \pmod{17} = 18 \pmod{17} = 1$.
Totient Quiz
Totient Quiz Solution
If $n = p q$ and $p$ and $q$ are prime, then $\phi(n) = (p - 1) (q - 1)$. For $n = 21$, $p = 3$ and $q = 7$, $\phi(n) = (3 - 1) (7 - 1) = 2 6 = 12$.
Modular Exponentiation Quiz
Modular Exponentiation Quiz Solution
We know that $x^y \pmod n = x^{y \pmod{\phi(n)}} \pmod n$. For $x = 7$, $y = 27$ and $n = 30$, $7^{27} \pmod{30} = 7^{27 \pmod{\phi(30)}} \pmod{30}$. We can calculate $\phi(30)$ as follows: $\phi(30) = \phi(3) \phi(10) = \phi(3) \phi(2) \phi(5) = 2 1 * 4 = 8$. Thus, $7^{27} \pmod{30} = 7^{27 \pmod 8} \pmod{30}$. If we divide 27 by 8, we are left with a remainder of 3, so $7^{27} \pmod{30} = 7^3 \pmod{30}$. $7^3 = 343$, which yields a remainder of 13 when divided by 30.
RSA Quiz
RSA Quiz Solution
$n = p q = 11 3 = 33$ and $\phi(n) = (p - 1) (q - 1) = 2 10 = 20$. $e$ and $d$ must be multiplicative inverses $\pmod{\phi(n)}$, so for $e = 7$, $d = 3$, since $21 \pmod{20} = 1$. Finally, public key ${e, n}$ is equal to ${7, 33}$, and private key, ${d, n}$ is equal to ${3, 33}$.
RSA Encryption Quiz
RSA Encryption Quiz Solution
Encrypting message $m$ involves computing $m^e \pmod n$, which is equivalent to $2^7 \pmod{33} = 128 \pmod{33} = 29$. Decrypting ciphertext $C$ involves computing $C^d \pmod n$, which is equivalent to $29^3 \pmod{33} = 24389 \pmod{33} = 3$.
RSA in Practice Quiz
RSA in Practice Quiz Solution
Always use standard libraries, as they have been reviewed and tested by experts in the field.
Diffie-Hellman Quiz
Diffie-Hellman Quiz Solution
Alice sends $\alpha^a \pmod q$ to Bob, which is equivalent to $5^6 \pmod{23} = 8$. Bob sends $\alpha^b \pmod q$ to Alice, which is equivalent to $5^{15} \pmod{23} = 19$.
RSA, Diffie-Hellman Quiz
RSA, Diffie-Hellman Quiz Solution
Hashes
Hash Size Quiz
Hash Size Quiz Solution
Given a hash length $n$, an attacker needs to hash $2^{n / 2}$ messages to find a collision. For $n = 128$, an attacker needs to compute $2^{64}$ hashes.
Hash Function Quiz
Hash Function Quiz Solution
Security Protocols
Mutual Authentication Quiz
Mutual Authentication Quiz Solution
Security Protocols Quiz
Security Protocols Quiz Solution
Session Key Quiz
Session Key Quiz Solution
Kerberos Quiz
Kerberos Quiz Solution
IPSec and TLS
Spoofing Quiz
Spoofing Quiz Solution
If you spoof your IP address, responses to your packets will not reach you. Therefore, IP spoofing is only useful for unidirectional communication.
IPSec Quiz
IPSec Quiz Solution
ESP Modes Quiz
ESP Modes Quiz Solution
ESP and AH Quiz
ESP and AH Quiz Solution
IPSec Quiz
IPSec Quiz Solution
Diffie Hellman Quiz
Diffie Hellman Quiz Solution
IKE Quiz
IKE Quiz Solution
TLS and SSL Quiz
TLS and SSL Quiz Solution
While transport layer protocols do rely on the IP layer, TLS does not specifically rely on IPSec.
Wireless and Mobile Security
Wifi Quiz
Wifi Quiz Solution
Wifi Security Standards Quiz
Wifi Security Standards Quiz Solution
Operating System Vulnerabilities Quiz
Operating System Vulnerabilities Quiz Solution
Betcha thought it was gonna be all Microsoft, didn't you? Read more here.
