csi-604 information security past paper subjective solved internal

 

Question 1

Q1. List and briefly define categories of security mechanisms?

Here are categories of security mechanisms:

1. Preventive Mechanisms

- Firewalls: block unauthorized access

- Intrusion Detection/Prevention Systems (IDPS): detect and prevent intrusions

- Access Control Lists (ACLs): regulate network traffic

- Encryption: protect data confidentiality

2. Detective Mechanisms

- Auditing and Logging: monitor system activity

- Intrusion Detection Systems (IDS): detect intrusions

- Anomaly Detection Systems: identify unusual behavior

- Security Information and Event Management (SIEM) systems: analyze logs

3. Reactive Mechanisms

- Incident Response Plans: respond to security incidents

- Backup and Recovery: restore systems after breaches

- Patch Management: update software vulnerabilities

- Disaster Recovery Plans: recover from disasters

4. Deterrent Mechanisms

- Authentication mechanisms (e.g., passwords, biometrics)

- Authorization mechanisms (e.g., access control)

- Penalties for unauthorized access

- Security awareness training

5. Corrective Mechanisms

- Configuration Management: ensure secure configurations

- Vulnerability Management: identify and remediate vulnerabilities

- Patch Management: update software vulnerabilities

- Security updates and upgrades

6. Physical Security Mechanisms

- Biometric access control

- Smart cards

- Physical locks and barriers

- Surveillance systems

7. Cryptographic Mechanisms

- Encryption (symmetric, asymmetric)

- Digital signatures

- Hash functions

- Key management

6. Physical Security Mechanisms

- Biometric access control

- Smart cards

- Physical locks and barriers

- Surveillance systems

7. Cryptographic Mechanisms

- Encryption (symmetric, asymmetric)

- Digital signatures

- Hash functions

- Key management

8. Network Security Mechanisms

- Virtual Private Networks (VPNs)

- Secure Sockets Layer/Transport Layer Security (SSL/TLS)

- Secure Shell (SSH)

- Network segmentation

These categories overlap, and effective security requires a combination of mechanisms.

- Virtual Private Networks (VPNs)

- Secure Sockets Layer/Transport Layer Security (SSL/TLS)

- Secure Shell (SSH)

- Network segmentation

These categories overlap, and effective security requires a combination of mechanisms.

Q2. Briefly define the difference between hashing and digital signatures?

Hashing

- A one-way mathematical function

- Transforms data into a fixed-size string (hash value or digest)

- Ensures data integrity and detects tampering

- Examples: SHA-256, MD5, CRC

Digital Signatures

- A cryptographic mechanism combining hashing, encryption, and authentication

- Verifies authenticity, integrity, and non-repudiation

- Uses public-key cryptography (asymmetric encryption)

- Examples: RSA, DSA, ECDSA

Key differences:

1. Purpose: Hashing (integrity) vs. Digital Signatures (authenticity, integrity, non-repudiation)

2. Direction: Hashing (one-way) vs. Digital Signatures (encryption and decryption)

3. Keys: Hashing (no keys) vs. Digital Signatures (public-private key pairs)

Q3. What do you mean by cryptography? Explain symmetric key cryptography.

Cryptography

Cryptography is the practice and study of techniques for secure communication by transforming plaintext (readable data) into ciphertext (unreadable data) to protect it from unauthorized access. It involves algorithms and protocols to ensure confidentiality, integrity, and authenticity.

Symmetric Key Cryptography

Symmetric key cryptography, also known as secret key cryptography, uses the same secret key for both encryption and decryption.

Key Characteristics:

1. Same key for encryption and decryption

2. Fast and efficient

3. Secure key exchange is challenging

How Symmetric Key Cryptography Works:

1. Key generation: Generate a shared secret key.

2. Encryption: Use the secret key to encrypt plaintext.

3. Transmission: Send ciphertext over an insecure channel.

4. Decryption: Use the same secret key to decrypt ciphertext.

Types of Symmetric Key Algorithms:

1. Block ciphers (AES, DES): Divide data into fixed-size blocks.

2. Stream ciphers (RC4): Encrypt continuous data streams.

Advantages:

1. Fast encryption/decryption

2. Low computational overhead

3. Efficient key management

Disadvantages:

1. Key exchange challenges

2. Limited security (compared to asymmetric cryptography)

Examples of Symmetric Key Algorithms:

1. AES (Advanced Encryption Standard)

2. DES (Data Encryption Standard)

3. 3DES (Triple Data Encryption Algorithm)

4. Blowfish

5. Twofish

Real-World Applications:

1. Secure online transactions (HTTPS)

2. Data encryption (files, databases)

3. Secure communication protocols (SSL/TLS)

4. Cryptographic protocols (IPsec, PGP)

Q4a) List and briefly define categories of passive and active security attacks.

Passive Security Attacks

1. Eavesdropping: Intercepting communication without altering it.

2. Sniffing: Capturing and analyzing network traffic.

3. Traffic analysis: Analyzing communication patterns.

4. Shoulder surfing: Observing users' screens or keyboards.

5. Social engineering: Manipulating users for information.

Active Security Attacks

1. Malware: Injecting malicious software (viruses, worms, trojans).

2. Phishing: Tricking users into revealing sensitive information.

3. Spoofing: Impersonating legitimate entities (IP, DNS, email).

4. Denial of Service (DoS)/Distributed DoS (DDoS): Overwhelming systems.

5. Man-in-the-middle (MitM): Altering communication between parties.

6. Replay attacks: Reusing captured data.

7. SQL injection: Injecting malicious SQL code.

8. Cross-site scripting (XSS): Injecting malicious scripts.

Other categories:

Physical Attacks

1. Theft or loss of devices

2. Physical destruction of infrastructure

3. Unauthorized access to facilities

Insider Threats

1. Data breaches by authorized personnel

2. Unauthorized access or modifications

Cryptography Attacks

1. Brute-force attacks

2. Dictionary attacks

3. Side-channel attacks

Q4/b What is the difference between differential and linear cryptanalysis?

Differential and linear cryptanalysis are two types of cryptanalytic attacks used to break block ciphers.

Differential Cryptanalysis (DC):

1. Exploits differences in plaintext-ciphertext pairs.

2. Analyzes how changes in plaintext affect ciphertext.

3. Focuses on finding high-probability differentials.

4. Effective against ciphers with weak diffusion.

Linear Cryptanalysis (LC):

1. Exploits linear relationships between plaintext and ciphertext.

2. Uses linear approximations to construct equations.

3. Focuses on finding high-probability linear masks.

4. Effective against ciphers with weak confusion.

Key differences:

1. Approach: DC (difference-based) vs. LC (linear-relationship-based).

2. Focus: DC (high-probability differentials) vs. LC (high-probability linear masks).

3. Weakness exploited: DC (weak diffusion) vs. LC (weak confusion).

To summarize:

Differential Cryptanalysis = Exploiting differences → Weak diffusion

Linear Cryptanalysis = Exploiting linear relationships → Weak confusion

Examples:

1. Differential cryptanalysis: Broken AES-like ciphers (e.g., FEAL).

2. Linear cryptanalysis: Broken DES variants (e.g., 8-round DES).

Mitigation:

1. Use strong cipher designs (e.g., AES).

2. Implement sufficient rounds.

3. Ensure good diffusion and confusion.

4. Use secure key schedules.