Security

Question 1

List three problems with unsecured physical access.

Answer 1

• Poses risks for mobile devices (smartphones & laptops).
• When people don’t secure their physical devices, they leave them open to exploitation of trusted device status.
• This makes them vulnerable to sinkhole attacks, a type of attack that capitalizes on trust between personal accounts, compromising multiple accounts and allowing access to increasing amounts of personal information.

Question 2

List three categories of authentication and explain.

Answer 2

1. Knowledge (“something you know”):
   ▪ Using something only an authorized user knows reduces the number of entities that can access a system.
   ▪ Examples: Passwords, PINs, passphrases, and security questions.
2. Possession (“something you have”):
   ▪ The use of an object or device to verify the identity of an entity seeking access.
   ▪ Examples: Keys, physical access tokens, 2FA (2-Phase Authentication) using a bespoke device or a phone, access cards, and RFID tags.
3. Attribute (“something you are”):
   ▪ Involves identifying an entity using its unique attributes, for instance, identifying a person using their face or fingerprints.

Question 3

Explain a few unsafe habits and settings.

Answer 3

• Opening emails from unknown senders.
• Hiding file name extensions.
• Using outdated systems.
• OS Snobbery

Question 4

How could we mistake convenience for heightened security?

Answer 4

• Replacing a password with a fingerprint scan enhances convenience but may give the false impression that security has improved.
• Replacing one type of authentication with another.

Question 5

Explain how a buffer overflow attack works.

Answer 5

An array, from a memory perspective, is a reserved space with a fixed size.
* Buffer overflow occurs when there’s no bounds checking to ensure the array is large enough to contain the data stored in it.
* Data written to one array can overwrite data stored in the adjacent memory space of another process.
* This is common because the base language of many operating systems, like C, does not enforce strict array bounds.

Question 6

How do we defend against a buffer overflow attack?

Answer 6

• Stack canaries: Protect against attacks targeting the execution stack.
• Data Execution Prevention (DEP): Prevents code stored in the data area of a process’s memory from being executed as code.
• Address Space Layout Randomization (ASLR): Prevents attackers from reliably constructing malicious code using code already available in the victim process’s code area.