CSE 410 - Intro to Computer Security

Practice Midterm

1. List the three primary goals of computer security, along with a brief description for each.
a. Confidentiality - Ensuring information remains inaccessible by people who dont have the
permissions
b. Integrity - Making sure information hasnt been tampered with in either direction
c. Availability - Making sure that information is readily available to the people who have access to
it
2. Explain the concept of complete mediation. Give an example of it in practice.
a. Requires that all accesses to objects be checked t o ensure they are allowed
b. Every access to a resource should be checked, Timeouts, File handles
c. Example, transfer money, all the way up to the transfer button. Pause, drive to ATM, take out
all the money in the account, drive back home, click transfer
3. Describe a strong authentication scheme for VPN access that does not require a password. What
practical issues might such a scheme run into?
a. Type 1 - Something you know (password/PIN)
b. Type 2 - Something you have (token/badge)
c. Type 3 - Something you are (biometrics)
d. Type 4 - Someplace you are (GPS, IP address based geolocation, or point of sale for physical
transactions)
4. Describe the Chinese Wall access control module, and what problem it is trying to solve.
a. Designed to eliminate the possibility of conflicts of interest, resources are grouped into conflict
of interest classes.
b. For example, a banking consultant who accessed records from one bank could not access
records from other banks their firm was doing business with
5. Draw a threat tree at least three levels deep that explores the factors in executing a DoS attack. Show
how adding an estimated cost to the nodes can help pinpoint an area to focus security.

a.
6. Name one operating system, one network, and one social engineering attack we discussed this
semester. Give a brief description of each, and a potential countermeasure.
a. Operating system attack: Buffer overflow (overwriting existing code to execute a malicious
payload) - randomize memory addresses
b. Network attack: SYN Flood (flooding a TCP request without the intention of completing a three
way handshake) - SYN cookie activate! SYN -> SYN - ACK -> ACK
c. Social engineering attack: Threaten the bank guard (literally)
7. Look at the following code snippet. Is there a security issue with this program? If so, describe the
problem.
a. Calling system(command) allows for injection attack if you put a semicolon after the first
command, followed by malicious separate commands.
8. Why do you need to be on the same LAN as the victim to execute complete session hijacking in TCP?
a. Remember what you need to do complete session hijacking.
b. One, you need to be able to inject a packet into an existing session that the session recognizes
as valid. This means you need a good sequence number, host, and port. While you could
theoretically guess these things, it is a pretty tall order to do so without some insider information,
which you can get from a sniffer. You can only sniff traffic flowing to other machines on the LAN.
c. Second, once you can inject that packet, you need to be able to set up a man in the middle
scenario by poisoning the ARP cache and redirecting the packets from the server back to your
machine, rather than the victim's. The ARP cache is specific to the LAN - you can't send ARP
replies to another LAN.
9. Why is UDP protocol safe from the SYN Flood attack?
a. UDP doesnt use three-way handshake, which synflood relies on.
10. Describe a scenario where someone would want to spoof the source address of an IP packet
a. In order to cover up your track when performing a packet attack or to trick someone into thinking
a packet came from somewhere else.
11. What is a keylogger and what security risk does it pose?
a. A keylogger is a device that records keystrokes on a keyboard. This can pose a threat to
password confidentiality.
12. What command would you use to give full permissions to the owner of a file, but ONLY read and write
to group and read to world?
a. chmod 764
13. Describe one way to build a password cracking program
a. Build a dictionary that contains many common passwords and their hashes, then running a
lookup.
14. List the seven layers of the OSI (Open Systems Interconnection) model from highest to lowest.
a. Application > Presentation > Session > Transport > Network > Data > Physical

b.