Udacity Quizzes
Last updated
Last updated
No one right solution. I think the important thing to understand here is that no company is safe from a breach, and many companies that you interact on a daily basis have suffered breaches.
I think the point here is not to remember the exact numbers, but rather to understand that this information can be purchased relatively cheaply. This makes sense given that millions of records can be retrieved in a single breach.
Read more here
Since data breaches involve the disclosure of information to unauthorized parties, these breaches violate confidentiality.
Since allow_login
, pwdstr
and targetpwd
are all local variables to main
, any access of them will access memory locations inside the stack frame for main
.
The only lines of code that don't access the stack frame for main
are the calls to printf
, (which create a new stack frame), and else
.
Remember that the stack pointer moves down in memory as space is allocated. This means that allow_login
will receive memory starting at the highest feasible address, and pwdstr
will receive memory starting at the next highest feasible address.
Suppose both int
and char
occupy 1 byte. allow_login
may be allocated 1 byte of space starting at memory address 1000
. pwdstr
may be allocated 12 bytes of space starting at memory address 988
.
If the user enters a password longer than 12 bytes, the remaining bytes will overflow into the memory allocated to allow_login
, effectively overwriting its value.
Since login will succeed if allow_login
is anything but 0 (i.e. not a fail-safe default), this overflow will almost certainly lead to access being granted.
The first answer is wrong. The target password can be as long as you'd like, but if the attacker submits a longer password, the overflow will still happen.
The third answer is also wrong. Besides the fact that you shouldn't ever really add useless variables, these variables will only provide a finite amount of distance between the user-filled buffer and the return address. With a long enough password, the attacker can still overwrite the return address.
Only the second answer is correct. The overflow happens precisely because input larger than the space allocated for that input is not rejected by the program.
Stack canaries do prevent return-to-libc buffer overflow attacks, because stack canaries prevent return address overwriting. Without overwriting the return address, a function can only return to the function that called it.
ASLR does not protect against read-only buffer overflow exploits. ASLR only makes it harder to supply key addresses in write-based buffer overflow exploits.
Heartbleed cannot be avoided by using a non-executable stack. Heartbleed is a read-based buffer overflow exploit, and the attack did not involve injecting any machine instructions onto the stack.
A system call requires control transfer from the calling process into the OS, which then must perform authentication/authorization checks before granting access and transferring control back.
This is more costly than a regular call, which incurs none of this overhead.
Processes run on behalf of users. Users must login to the system to run applications/processes.
In this case, we have tampered with the TCB by turning off the check. The access still proceeds through the operating system, and is still technically correct (i.e. the access wasn't permitted because of a bug).
I think the point being made here is that the increase in complexity may be accompanied by an increase in vulnerability.
Again, the argument being made here is that using a hypervisor as a TCB, with fewer lines of code than a full-fledged operating system, might be a more secure choice.
If someone steals your phone, you will be thankful for your lock screen/passcode.
Remember, the positive event is gaining access to the system. A false positive is gaining access erroneously. An attacker authenticating as someone else is a false positive.
If we are attacking systems, we might get the best bang for our buck trying these passwords.
A trusted path ensures that there is no application between the user and the operating system. Without this path, malicious programs may intercept login credentials.
With ten options for the first digit, ten options for the second digit, and so on, the total number of four digit pins is 10 10 10 * 10, or 10^4
, or 10,000.
With 72 options for each other six characters, the total number of unique passwords is 72^6, which is the number of attempts the hacker will have to make in the very worst case.
Basically, the idea here is that attackers will likely not have to exhaustively search the space of possible patterns because biases exist that greatly shrink this space into a much smaller space of much more probable patterns.
Remember, a false positive occurs when a malicious user is granted access to the system as a valid user. The likelihood of this happening decreases when multiple authentication components are employed by the system.
As a basic example, consider someone recording your voice and playing it back to a voice-based authentication system.
Controlling read access is connected to data confidentiality, while controlling write access is connected to data integrity.
Access control conflicts can be securely resolved by denying access.
Bob can write the contents of the file to a new file that he owns, and share that file with Charlie.
The presentation of the ticket is sufficient to gain access to the theater. No other access checks are required. This is closest in functionality to a capability.
Negative access rights supersede positive access rights, so you can't terminate as soon as you find a positive access right. You can terminate as soon as you find a negative access right, though.
NB: The third option can't be true if the second option is true.
As long as you had the permissions when you called open
, you can access the file using the file descriptor.
You would need to somehow add the descriptor to the per-process descriptor table for the process with which you wish to share the descriptor. Since the OS owns this table, mutating it is impossible.
The effective UID of a process executing a file with the setuid bit set is the owner of the file, not the user who created the process.
From a security standpoint, denying access is a fail-safe default. It never fails to keep your system secure.
DAC can't control information flow, so we must use MAC.
BLP is concerned with military/governmental intelligence. HIPAA is concerned with health information.
Source: Washington Post
Given any two real numbers, one number is always greater than the other.
While secret < top-secret
, {Asia, Europe}
cannot be compared with {Europe, South-America}
.
In order for D1
to dominate D2
, D1
must have a higher sensitivity level than D2
.
In addition, the compartment of D1
must contain the compartment of D2
in order to be 'greater' (based on the ordering rules for sets). For this to be the case, the compartment of D2
must be a subset of ("narrower" than) the compartment of D1
.
Write-down says that individuals cannot write documents with a classification that is less than their security clearance. Therefore, unclassified documents cannot be written by individuals holding a security clearance of classified, secret, or top secret.
Because of the write-up rule, individuals are allowed to write documents at a classification level that is greater than their clearance level. Individuals with unclassified security clearance are thus allowed to write top secret documents.
For example, if a user is writing to a top secret document, and the classification level suddenly changes to secret, the write-up rule is violated and information is flowing in the wrong direction.
In mandatory access control, sharing decisions are not made at the discretion of the user.
Competition implies that there is a possibility for a conflict of interest. Chinese Wall is best at preventing these situations.
In mandatory access control, the company decides who can share what.
The TCB provides high assurance, not certainty.
Security by obscurity violates open design.
A fail-safe default is one that provides security unless otherwise specified. In this case, the default should be traffic encryption.
Testing can't show the absence of problems.
A primary key uniquely identifies a row.
Consider the case where one student from a region containing two students retrieves the grade information about that region.
Macro viruses run when an infected document is opened with a given application. Boot sector viruses run before the operating system is loaded.
Remember, the characteristics of DNS servers can be used to amplify the effects of DDoS attacks, not mitigate them.
The second answer is false. Bot code can have logic bombs or other triggers that enable bot to attack without contacting a C&C server.
The third answer is also false. A botnet is more likely to be found using custom communication protocols, as admins observing the network are more likely to detect strange types of traffic flowing from their system.
A single gmail account, hardcoded in bot code, is both easy to detect and easy to disrupt.
P2P traffic will easily stand out in an enterprise network where peer-to-peer communications are not typically allowed.
A news site can be hard to detect, because traffic to news websites is common. However, if the site is identified as being malicious, it can easily be blocked.
The first example follows the "default drop" rule, which is high security but requires new services to be expressly allowed. The second example follows the "default forward" rule, which is easier to use at the expense of security. The final approach sits in between the two in terms of security and ease of use.
If the device is not always protected by the corporate network, as is the case in scenarios 1 and 3, then the personal firewall is needed for additional security.
Read more here, here, and here.
In a brute-force attack, the attacker must try all potential keys. The only way to make this task more difficult is to increase the length of the key, thus increasing the size of the keyspace.
Since "A" maps to "D", "B" maps to "E", and so forth, we can just "rewind" each letter in the ciphertext by three to obtain the plaintext.
The avalanche effect states that a small change in the input to a hash function causes a large change to the output. We want this in place as a way to obscure similar passwords. Without the avalanche effect, an attacker may be able to deduce password A
from its hash value if he knows that the hash of a string B
is similar to A
's hash.
"H" has an ASCII code of 72, which maps to 0b01001000
, and "i" has an ASCII code of 105, which maps to 0b01101001
. "F" maps to 15 (0b1111
) and "A" maps to 11 (0b1001
), so "FA" maps to 0b11111001
and "F2" maps to 0b11111001
.
We XOR two numbers bit-by-bit, and we return 0 when the bits match and 1 otherwise. Therefore 0b0100100001101001
XOR 0b1111100111110010
is 0b1011000110011011
.
In modular addition, a number $k$ has an inverse $k'$ such that $k + k' \pmod M = 0$. In this case, $M = 20$ and $k = 8$. Therefore, $k' = 12$ because $8 + 12 \pmod{20} = 0$.
In modular multiplication, a number $k$ has an inverse $k'$ such that $k k' \pmod M = 1$. In this case, $M = 17$ and $k = 3$. Therefore, $k' = 6$ because $3 6 \pmod{17} = 18 \pmod{17} = 1$.
If $n = p q$ and $p$ and $q$ are prime, then $\phi(n) = (p - 1) (q - 1)$. For $n = 21$, $p = 3$ and $q = 7$, $\phi(n) = (3 - 1) (7 - 1) = 2 6 = 12$.
We know that $x^y \pmod n = x^{y \pmod{\phi(n)}} \pmod n$. For $x = 7$, $y = 27$ and $n = 30$, $7^{27} \pmod{30} = 7^{27 \pmod{\phi(30)}} \pmod{30}$. We can calculate $\phi(30)$ as follows: $\phi(30) = \phi(3) \phi(10) = \phi(3) \phi(2) \phi(5) = 2 1 * 4 = 8$. Thus, $7^{27} \pmod{30} = 7^{27 \pmod 8} \pmod{30}$. If we divide 27 by 8, we are left with a remainder of 3, so $7^{27} \pmod{30} = 7^3 \pmod{30}$. $7^3 = 343$, which yields a remainder of 13 when divided by 30.
$n = p q = 11 3 = 33$ and $\phi(n) = (p - 1) (q - 1) = 2 10 = 20$. $e$ and $d$ must be multiplicative inverses $\pmod{\phi(n)}$, so for $e = 7$, $d = 3$, since $21 \pmod{20} = 1$. Finally, public key ${e, n}$ is equal to ${7, 33}$, and private key, ${d, n}$ is equal to ${3, 33}$.
Encrypting message $m$ involves computing $m^e \pmod n$, which is equivalent to $2^7 \pmod{33} = 128 \pmod{33} = 29$. Decrypting ciphertext $C$ involves computing $C^d \pmod n$, which is equivalent to $29^3 \pmod{33} = 24389 \pmod{33} = 3$.
Always use standard libraries, as they have been reviewed and tested by experts in the field.
Alice sends $\alpha^a \pmod q$ to Bob, which is equivalent to $5^6 \pmod{23} = 8$. Bob sends $\alpha^b \pmod q$ to Alice, which is equivalent to $5^{15} \pmod{23} = 19$.
Given a hash length $n$, an attacker needs to hash $2^{n / 2}$ messages to find a collision. For $n = 128$, an attacker needs to compute $2^{64}$ hashes.
If you spoof your IP address, responses to your packets will not reach you. Therefore, IP spoofing is only useful for unidirectional communication.
While transport layer protocols do rely on the IP layer, TLS does not specifically rely on IPSec.
Betcha thought it was gonna be all Microsoft, didn't you? Read more here.
Read more here.
Read more here.
Cookies are just strings of text. They are not compiled code, and therefore cannot infect a system the way a virus can.
NOTE: answers 1 and 3 are correct.
Read more here.
Read more here.
Read more here