Top 10 Computer System Security Questions AKTU

the topics covered in the CSS are:-

Computer System Security Introduction: Introduction, What is computer security and what to l earn? , Sample Attacks, The Marketplace for vulnerabilities, Error 404 Hacking digital India part 1 chase

Hijacking & Defense: Control Hijacking ,More Control Hijacking attacks integer overflow ,More Control Hijacking attacks format string vulnerabilities, Defense against Control Hijacking - Platform Defenses, Defense against Control Hijacking - Run-time Defenses, Advanced Control Hijacking attacksConfidentiality Policies: Confinement Principle ,Detour Unix user IDs process IDs and privileges , More on confinement techniques ,System call interposition ,Error 404 digital Hacking in India part 2 chase , VM based isolation ,Confinement principle ,Software fault isolation , Rootkits ,Intrusion Detection SystemsSecure architecture principles isolation and leas: Access Control Concepts , Unix and windows access control summary ,Other issues in access control ,Introduction to browser isolation .
Web security landscape : Web security definitions goals and threat models , HTTP content rendering .Browser isolation .Security interface , Cookies frames and frame busting, Major web server threats ,Cross site request forgery ,Cross site scripting ,Defenses and protections against XSS , Finding vulnerabilities ,Secure development
Basic cryptography: Public key cryptography ,RSA public key crypto ,Digital signature Hash functions ,Public key distribution ,Real world protocols ,Basic terminologies ,Email security certificates ,Transport Layer security TLS ,IP security , DNS security
Internet Infrastructure: Basic security problems , Routing security ,DNS revisited ,Summary of weaknesses of internet security ,.Link layer connectivity and TCP IP connectivity , Packet filtering firewall ,Intrusion detection.

Get ready for your computer system security exams with our top 10 questions guide. From common attacks to cryptography, we cover all the essential topics to help you succeed.

Description: Computer system security is a critical aspect of modern technology, and understanding its principles and practices is essential for anyone working in the field. Whether you are a student taking courses or preparing for an exam, it can be challenging to know where to start. That's why we have put together this guide featuring the top 10 computer system security questions that students may encounter in their studies. Our expertly crafted questions cover essential topics such as control hijacking, access control, web security, and cryptography, to name a few.

Introduction: In this guide, we aim to help students prepare for computer system security courses and exams by presenting the top 10 most commonly asked questions in the field. We will cover a range of essential topics, including the basics of computer security, common attacks, and their prevention, access control, cryptography, web security, and more. Our expertly crafted questions are designed to help students develop a strong foundational knowledge of computer system security and enhance their chances of success in exams. So, whether you are a beginner or an experienced student, read on to learn more about the critical aspects of computer system security.

Top 10 Computer System Security Questions AKTU

What is computer security and why is it important?

Ans. :Computer security is an essential aspect of information technology that ensures the confidentiality, integrity, and availability of computer systems and their data. With the increasing reliance on computers and the internet in our daily lives, the need for effective security measures has become more important than ever. In this context, understanding the common types of attacks on computer systems and how to prevent them is crucial.

The ultimate goal of information security is to maintain the CIA triad within an organization. The elements of the CIA triad are:

Confidentiality: This means ensuring that only the authorized users have access to information. Whenever a company suffers from a data breach or data leak and individuals’ information is accessed by criminals, the public or employee’s that don’t have the proper authorization, confidentiality has been compromised. Some of the key security controls that you can use to maintain confidentiality are:

Encription : Encrypting information ensures that even if an unauthorized user is able to get access to the information, without the decryption key the information will be in an unreadable format and therefore confidentiality will be maintained.
Strong Passwords : By having strong passwords it reduces the chances of someone being able to access accounts or resources by guessing the password.
Two factor authentication: 2FA supplements traditional login information (username and password) by requiring an additional code before granting someone access to a resource.
Identity Access Management : IAM is the practice of ensuring that only the correct individuals are given access to resources. It follows something called the “least privilege model”, this means that users should only be given access to the resources needed to do their job and nothing more. This helps to enforce the confidentiality of information.
Proper Technical Controls: Technical controls include things like firewalls and security groups. These controls prevent people from accessing the company’s network and prevents them from obtaining company information without authorization.
Physical Locks and Doors: Physical security measures like cabinet locks, vaults, biometric scanners and door locks prevents people from physically sneaking into the company and taking company documents.

Integrity: To protect information from being modified by unauthorized people and ensures that the information is trustworthy and accurate. Anytime information is modified by someone that isn’t authorized to do so, whether it was someone inside the company or outside, it is a violation of the information’s integrity. An example would be if the CFO sends a document to be examined or reviewed by the director of finance. The director of finance may try to manipulate the information without the CFO knowing in order to make his/her department look better, launder money etc. You need to have a means of knowing whether or not a document has been modified without your knowledge so that you can trust that document’s integrity. Also, in the event data is lost, you need to be able to recover all of that data or at least most of it from a trusted source. Some controls you can use to maintain integrity are:

Hashes: A hash is the output of a hashing algorithm such as MD5 or SHA. A hash algorithm takes a message of any size and creates a fixed sized value called a hash (eg 12 characters long). If any character in the original message is changed, it will result in a different hash being generated. By creating a hash of a message when you first receive it, you can later test to see if that message has been altered in any way.
For example, say I have a word document on March 10th 2020, I use a hash algorithm to generate the hash 123456789. Then on March 15th, I want to check if anyone has modified that file, I can use the hash algorithm again and if the hash created is not the same, I know someone changed the contents of that file.
Secure Backups: By creating secure backups if you ever have doubts about the integrity of the data on a system you can reboot that system using the information you have in your backups. Hashes can be used with your backups to ensure that they have not been altered in any way. This way you can be confident that the information you are using to reboot your systems is accurate. A good example of when you will need this is if your company ever suffers a ransomware attack and is unable to recover your data.
User access controls: By controlling what information users have edit access to, you limit the potential for users to edit information without permission.

Availability: To ensure that the information is accessible to authorized people whenever it is needed. An example of this would be a website like Netflix. For most companies they want availability of at least 99.99%, which means that 99.99% of the time you go to Netflix you should be able to access the services that you want. In order to do this there are several practices you can implement to ensure that your company will have a high uptime:

Off site backups: Having off site backups ensures that if something happens you have a copy of data to restart your systems and keep your business going.
Disaster Recovery: These plans outline how your company should respond to certain types of situations such as earthquakes, floods, fires, hurricanes etc
Redundancy: This is when you make multiple instances of network devices and lines of communication so that if one device or line fails it doesn’t cause a loss of availability.
Failover: This is a backup node (system) that automatically switches into production in the event that the primary system fails.
Virtualization: This is the process of creating a software (virtual) version of something that physically exists. Usually this takes one piece of hardware and enables it to run multiple operating systems in virtual machines (VMs), this way you can have redundancy even though you only have 1 physical machine.
Proper Monitoring of the environment: You want to have proper monitoring through tools like a SIEM. This way you will know as soon as there is a problem in your environment and you can address the issue asap.

What are the common types of attacks on computer systems, and how can they be prevented?

Ans.

types of cyber attacks

DNS Spoofing

Domain Name Server (DNS) spoofing is a cyber attack that alters DNS to redirect online traffic to a fake website that emulates a legitimate one. In this type of cyber attack, the victim introduces their username and password to log in, thus giving this data to hackers.

Cross-site scripting

Cross-site scripting makes a vulnerable site return malicious JavaScript to the user so that the code is executed in the user's browser. When this happens, the attacker gets control and compromises the interaction with the application, allowing cybercriminals to perform any action the affected user can achieve. If the victim has privileged access, the attackers could even obtain total control of the data stored there.

Rootkits

Rootkits refer to a group of software tools that allow criminals to get unauthorized access to a system without being detected. A rootkit hides malicious programs that reach into devices through spam or other ways. When the rootkit is activated, a backdoor is set up, and criminals might install other forms of malware such as ransomware or trojans.

DoS and DDoS attacks

A Denial of Service (DoS) attack is meant to crash a network by flooding it with traffic. The site receives many requests, and the resources get overwhelmed. Consequently, the website cannot respond, shutdowns and becomes inaccessible to users.

A Distributed Denial of Service (DDoS) attack is a DoS attack that uses multiple machines to flood the targeted network. This attack employs various remote devices, bots, or zombies, allowing the attacker to send vast amounts of traffic from different locations simultaneously. The server is overloaded more rapidly than in a regular DoS attack.

Malware

The first type of cyber attack is one that you're surely familiar with. Malware is a broad term that includes different types of malicious software, including viruses, worms, and spyware. Malware attacks exploit a vulnerability and break into the network to plant the malicious code.

How to prevent cyber attacks

1. Use complex passwords

Passwords should be eight characters long and combine numbers, letters, symbols, and cases. You shouldn't use the same passwords in all your accounts; they should be changed every time. Since remembering so many different passwords could be a real mess, you could resort to password generators.

2. Enable multi-factor authentication

Passwords are only the first layer of protection and can be easily attacked and deciphered. You should also enable multi-factor authentication on all your accounts with an authenticator app or a physical security key. Using SMS is not recommended because attackers might intercept this information.

What is control hijacking, and what are some examples of control hijacking attacks?

How can control hijacking attacks be defended against through platform defenses and runtime defenses?

Ans. A control hijack attack is done by overwriting some of the data structures in a victim program that affects its control flow and eventually hijacks the control of the program and possibly the underlying system. Attacks like these eventually pave way for corrupting or overwriting the data that they were storing.

Control Hijacking Download

What is the confinement principle, and how can it be used to enhance security?

Ans. The confinement principle is another important aspect of computer security. It involves limiting the actions that a user or program can perform to prevent unintended consequences. This principle is implemented using confinement techniques, such as VM-based isolation and software fault isolation, to enhance security.

Confinement Principle : Download

What are the different types of access control, and how are they implemented in Unix and Windows?

Ans. Access control is about creating small siloes where restricted parts of businesses are off-limits to all except specific groups or subsets of members of the workforce. The primary principle of all the 3 types of access control systems, being role-based, attribute-based, and policy-based access control, is that people should only have access to what they need to carry out their duties.

The Three Main Types of Access Control

1. Role-Based Access Control (RBAC)

RBAC is the most traditionally well-known and popular type of access control. The RBAC model allows owners to assign access to the network based on defined user profiles. These profiles are based on their roles, such as managers, temporary contractors, and heads of departments.

2. Attribute-Based Access Control (ABAC)

ABAC stems from RBAC but provides access control on a more granular level. The ABAC model allows application or line managers to use attributes, or characteristics about the access request, entitlement, or user. These attributes can be based on desired outcomes for what an identity will do with said access, what the resource or system being requested is, the location of the request, and more.

3. Policy-Based Access Control (PBAC)

PBAC evaluates access rights and entitlements that can be adjusted based on new corporate policies. As organizations change, they often will write new policies to ensure that access rights are consistent, appropriate, and secure. While PBAC and ABAC are very similar, but the key difference is that policies inform the IGA solution what to do and how to enforce access, and attributes look reactively to the IGA solution and inform the engine how to provide access.

What is web security, and what are some common threats to web servers and clients?

Ans. Web security is an essential area of computer security that involves protecting web servers and clients from various threats, such as cross-site scripting (XSS) and cross-site request forgery (CSRF). Various defenses and protections against XSS and CSRF are also discussed in detail.