-
Infrastructure Security Viva Questions 6
-
Lecture1.1
-
Lecture1.2
-
Lecture1.3
-
Lecture1.4
-
Lecture1.5
-
Lecture1.6
-
Introduction
1. What are the Type of Security Attacks ?
Ans: a). Malware: Malware is a term used to describe malicious software,
including spyware, ransomware, viruses, and worms. Malware breaches a network through a
vulnerability, typically when a user clicks a dangerous link or email attachment that then
installs risky software.
b). Phishing: Phishing is the practice of sending fraudulent communications that
appear to come from a reputable source, usually through email. The goal is to steal sensitive
data like credit card and login information or to install malware on the victim’s machine.
Phishing is an increasingly common cyberthreat.
c). Man-in-the-middle attack: Man-in-the-middle (MitM) attacks, also known as
eavesdropping attacks, occur when attackers insert themselves into a two-party transaction.
d). Denial-of-service attack(DDoS): A denial-of-service attack floods systems,
servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is
unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to
launch this attack.
e). SQL injection: SQL Injection (SQLi) is an injection attack where an attacker
executes malicious SQL statements to control a web application’s database server, thereby
accessing, modifying and deleting unauthorized data. SQL Injection attack is one of the popular
ways of targeting databases.
f). Zero-day exploit: A zero-day exploit hits after a network vulnerability is
announced but before a patch or solution is implemented. Attackers target the disclosed
vulnerability during this window of time. Zero-day vulnerability threat detection requires
constant awareness.
g). Cross Site Scripting: XSS attacks occur when a web app sends malicious code in
the form of a side script to another user thus bypassing access controls of the site to same as
the origin.
h). Cryptojacking: It is a specialized attack that involves getting someone else's
computer to do the work of generating cryptocurrency for you.
2. What do you mean by Vulnerabilities ?
Ans:Vulnerability is a weakness which can be exploited by an attacker to perform unauthorized actions within a computer system. It is a flaw in a system that can leave it open to attack.
3.what are the Defense Strategies and Techniques ?
Ans:Prevent it: by blocking the attack or closing the vulnerability.
Deter it: by making the attack harder but not impossible
Deflect it: by making another target more attractive
Detect it: either as it happens or some time after the fact
Recover from its effects.
4.What Is Access Control ?
Ans:The process by which resources or services are granted or denied on a computer system or network.
5.What are the Access Control Terminology ?
Ans:
Computer access control can be accomplished by one of three entities: hardware, software, or a
policy Access control can take different forms depending on the resources that are being
protected
a). Identification: A user accessing a computer system would present credentials or
identification, such as a username
b). Authentication: Checking the user’s credentials to be sure that they are
authentic and not fabricated
c). Authorization: Granting permission to take the action
d). Granted access: To only certain services or applications in order to perform
their duties
6. What is the Access control models ?
Ans:Provides a predefined framework for hardware and software developers who need to
implement access control in their devices or applications
a). Discretionary Access Control (DAC): A subject has total control over any objects
that he or she owns, Along with the programs that are associated with those objects. In the DAC
model, a subject can also change the permissions for other subjects over objects
b). Mandatory Access Control (MAC): The end user cannot implement, modify, or
transfer any controls The owner and custodian are responsible for managing access controls. It
is based on security labels. Subjects are given security clearance and objects are classified
into (secret, top secret, confidential, etc.) . The benefits of MAC based access control is that
it cannot be over written or bypassed and it strongly enforces all requests.
c). Role Based Access Control (RBAC): Also called the Rule-Based Role-Based Access
Control (RB-RBAC) model or automated provisioning Can dynamically assign roles to subjects based
on a set of rules defined by a custodian Each resource object contains a set of access
properties based on the rules. it is also called as Non-Discretionary Access Control Considered
a more “real world” approach than the other models . Assigns permissions to particular roles in
the organization, and then assigns users to that role Objects are set to be a certain type, to
which subjects with that particular role have access.
d). Bell LaPadula Model: The Bell-LaPadula security model deals with the
preservation of confidentiality. It was originally defined by Department of Defense in Trusted
Computer System Evaluation Criteria which is US Government standard that sets basic requirements
for assessing the effectiveness of computer security controls.
e). Attribute-based access control (ABAC): A methodology that manages access rights
by evaluating a set of rules, policies and relationships using the attributes of users, systems
and environmental conditions.
f). Remote Authentication Dial-In User Service (RADIUS): a networking protocol,
operating on port 1812 that provides centralized Authentication, Authorization, and Accounting
(AAA or Triple A) management for users who connect and use a network service.
g). Terminal Access Controller Access-Control System (TACACS):
1). Extended TACACS (XTACACS) is a proprietary extension to TACACS introduced
by Cisco Systems in 1990 without backwards compatibility to the original protocol. TACACS and
XTACACS both allow a remote access server to communicate with an authentication server in order
to determine if the user has access to the network.
2). Terminal Access Controller Access-Control System Plus (TACACS+) is a
protocol developed by Cisco and released as an open standard beginning in 1993. Although derived
from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and
accounting (AAA) services. TACACS+ and other flexible AAA protocols have largely replaced their
predecessors.