csi-604 information security past paper subjective solved

 

Q2A) What is computer security?

Computer Security:

Computer security, also known as cybersecurity or information technology security, refers to the practices, technologies, and processes designed to protect computer systems, networks, programs, and data from unauthorized access, use, disclosure, disruption, modification, or destruction.

Key Objectives:

1. Confidentiality: Protect sensitive information from unauthorized access.

2. Integrity: Ensure data accuracy and prevent unauthorized modifications.

3. Availability: Ensure systems and data are accessible when needed.

Computer Security Threats:

1. Malware (viruses, worms, trojans)

2. Phishing and social engineering

3. Network attacks (DDoS, man-in-the-middle)

4. Password cracking and unauthorized access

5. Data breaches and theft

6. Ransomware and cyber extortion

7. SQL injection and cross-site scripting (XSS)

8. Zero-day exploits

Computer Security Measures:

1. Firewalls and intrusion detection/prevention systems

2. Encryption (data at rest and in transit)

3. Access control and authentication

4. Antivirus software and malware detection

5. Regular software updates and patches

6. Network segmentation and isolation

7. Backup and disaster recovery

8. Security awareness training

Types of Computer Security:

1. Application security

2. Network security

3. Data security

4. Cloud security

5. Endpoint security

6. Internet of Things (IoT) security

7. Cryptographic security

Importance of Computer Security:

1. Protects sensitive information

2. Prevents financial loss

3. Maintains reputation and trust

4. Ensures business continuity

5. Complies with regulations and laws

Q2 B What is the difference between passive and active security threats?

Passive security threats are unauthorized attempts to obtain or view sensitive information without altering or disrupting the system. These threats do not actively harm the system but can still compromise confidentiality.

Examples:

1. Eavesdropping (sniffing)

2. Social engineering (phishing, pretexting)

3. Shoulder surfing

4. Data interception (man-in-the-middle)

5. Unauthorized access (password guessing)

Active Security Threats:

Active security threats involve intentional actions to disrupt, modify, or destroy data, systems, or networks. These threats aim to cause harm, compromise integrity, or disrupt availability.

Examples:

1. Malware (viruses, worms, trojans)

2. Denial of Service (DoS) and Distributed Denial of Service (DDoS)

3. Hacking (unauthorized access)

4. Data tampering

5. Ransomware

6. SQL injection

7. Cross-Site Scripting (XSS)

8. Zero-day exploits

Key differences:

1. Intent: Passive threats aim to view or obtain information, while active threats intend to disrupt or harm.

2. Impact: Passive threats compromise confidentiality, while active threats compromise integrity and availability.

3. Detection: Passive threats can be harder to detect, as they don't alter system behavior.

Mitigation strategies:

1. Implement firewalls, intrusion detection, and encryption.

2. Conduct regular security audits and vulnerability assessments.

3. Enforce strong access controls and authentication.

4. Provide security awareness training.

5. Keep software up-to-date with patches.

A) What are the essential ingredients of a symmetric cipher?

A symmetric cipher is a cryptographic algorithm that uses a single key for both encryption and decryption. The essential ingredients of a symmetric cipher are:

1. Plaintext: The original, readable data that needs to be encrypted.
2. Ciphertext: The encrypted data that is unreadable without the correct key.
3. Encryption algorithm: The mathematical function used to transform plaintext into ciphertext.
4. Decryption algorithm: The inverse function used to convert ciphertext back into plaintext.
5. Key: A secret piece of information used for encryption and decryption.

The security of a symmetric cipher depends on the strength of the algorithm and the secrecy of the key.

In cryptography, the terms "private key" and "secret key" are often used interchangeably, but there is a subtle difference:

Private Key:

A private key is a cryptographic key used in asymmetric cryptography (public-key cryptography). It is:

1. Used for decryption and signing.

2. Kept secret by the owner.

3. Paired with a public key.

4. Used in algorithms like RSA, Elliptic Curve Cryptography (ECC), and Digital Signature Algorithm (DSA).

Example: In SSL/TLS, a server's private key is used to decrypt incoming data and sign responses.

Secret Key:

A secret key is a cryptographic key used in symmetric cryptography. It is:

1. Used for both encryption and decryption.

2. Shared between parties.

3. Not publicly known.

4. Used in algorithms like AES, DES, and Blowfish.

Example: In secure communication, two parties share a secret key to encrypt and decrypt messages.

Key differences:

1. Purpose: Private keys are used for decryption and signing, while secret keys are used for both encryption and decryption.

2. Pairing: Private keys have a corresponding public key, while secret keys do not.

3. Symmetry: Private keys are used in asymmetric cryptography, while secret keys are used in symmetric cryptography.

To summarize:

- Private key: Asymmetric cryptography, decryption, signing, paired with public key.

- Secret key: Symmetric cryptography, encryption and decryption, shared between parties.

Question #4

A) In general terms, what are four means of authenticating a user's identity?

There are four main means of authenticating a user's identity:

1. Something You Know (Knowledge-Based Authentication)

   - Passwords

    - PINs

    - Passphrases

    - Answers to security questions

1. Something You Have (Possession-Based Authentication)

 - Smart cards

    - Tokens (e.g., RSA tokens)

    - Mobile devices (e.g., SMS-based authentication)

    - Physical keys

 Something You Are (Biometric Authentication)

 - Fingerprint recognition

    - Facial recognition

    - Iris scanning

    - Voice recognition

    - Handwriting analysis

. Somewhere You Are (Location-Based Authentication)

  - GPS-based authentication

    - IP address-based authentication

    - Geofencing

    - Proximity-based authentication (e.g., Bluetooth)

Additionally, there are two other factors:

 Something You Do (Behavioral Biometrics)

 Keystroke dynamics

     Mouse movement analysis

     Gesture recognition

 Someone You Trust (Social Authentication)

 - Identity verification through trusted associates

Multifactor Authentication (MFA) combines two or more of these methods to provide enhanced security

Q4/b List and briefly describe the principal threats to the secrecy of passwords.

Here are the principal threats to password secrecy:

1. Password Guessing: Attempting to guess passwords using common words, phrases, or personal information.

1. Brute Force Attacks: Systematically trying all possible combinations of characters to crack passwords.

• . Dictionary Attacks: Using lists of words, phrases, and common passwords to crack passwords.
• . Rainbow Table Attacks: Precomputed tables of hash values for common passwords.
• . Phishing: Tricking users into revealing passwords through fake websites, emails, or messages.
• . Keyloggers: Malware that records keystrokes, capturing passwords.
• . Social Engineering: Manipulating users into divulging passwords.
• . Shoulder Surfing: Observing users typing passwords.
• Password Cracking Tools: Software designed to crack passwords (e.g., John the Ripper).
• . Weak Password Policies: Inadequate password requirements, leading to easily guessable passwords.
• . Password Reuse: Using the same password across multiple accounts.
• . Insider Threats: Authorized personnel accessing or disclosing passwords.
• 
  

 Physical Access: Unauthorized access to devices or written password records.

 Network Sniffing: Intercepting passwords transmitted over networks.

1. Database Breaches: Unauthorized access to password databases.

To mitigate these threats:

- Enforce strong password policies

- Use multifactor authentication

- Regularly update passwords

- Use password managers

- Educate users on security best practices

- Monitor for suspicious activity

- Implement secure password storage (e.g., hashing, salting)