Question | Answer |
Freshness | assurance to a principal that a message has not been used previously and originated within an acceptably recent timeframe |
Liveness | an assurance that a principal sent a particular message within an acceptably recent timeframe |
ISO-7498-2 Security Services (5) | Authentication (entity Auth. & Data origin Auth.) Access Control Confidentiality Integrity Non-Repudiation |
ISO 7498-2 Confidentiality | categorize Confidentiality as; Connection Confidentiality (all connections) Connection-less confidentiality (single session/packet) Selection Field Confidentiality (some fields encryption) Traffic Flow Confidentiality (Traffic type protection) |
ISO-7498-2 Integrity (against active threats) | Integrity with Recovery (detects violation & trying to recover) Integrity without Recovery (detects violation without trying to recover) Selective field Integrity (part of data has integrity) Connection-less Integrity (validation of SW download) Selective Field Connection-less (as above but selective) |
ISO 7498-2 Non-Repudiation | Non Repudiation of Origin (Denying Data Sent) Non Repudiation of Delivery (Denying date received) |
Security Mechanisms (13) that implements the Security Services (5) | Specific Security Services (8) Pervasive Security Services (5) [ support provision of other sec services] |
Specific Security Mechanisms (8) | Encipher Data Integrity Digital Signatures Access Control Authentication exchange Traffic Padding Routing Control Notarization (3rd party) |
Pervasive Security Mechanisms | Trusted Function Security Labels Event Detection Audit Trail Recovery |
Layers vs. Servcies | |
ARP | Translate Specific IP Address to MAC |
ARP Spoofing | Falsify IP (Send G-ARP to direct traffic to attacker PC) MAC Flooding (makes switch act like a hub by filling ARP Table, or DOS for the switch ) |
Defenses Against ARP Spoofing | Static Translation between Port & MAC Prevent GARP to be sent limit the number of MAC at each port |
WAN Security Measures | Partition networks physically Partition networks logically Data Confidentiality & Encryption |
ISO 7498-2 Network Management Security | Management of Security Security of Management |
SNMP | at least 1X network management station & number of network elements they support; configuration management event logging accounting |
SNMP Operations | SET GET TRAP |
SNMP Threat | Possibility that one device might act with the authority of another device |
SNMP Security Security services | Authentication Service (Community name) Access Control (Defines Community access rights) |
SNMP V3 | Network managers should have UN & PSW for Authentication each SNMP entity has Identity Confidentiality |
Fundamental Threats | Data Leakage Integrity Violation DOS illegitimate use |
Primary enabling Threats | Masquerading (Entity claims itself another entity) Trojan Horse Trapdoor (software function hidden to pass security policy) Bypass Control Authorized violation (e.g. XSS) |
OSI 7 layers | Application, Presentation, Session, Transport, Network, Data link & Physical |
Session layer function | establishes session, control session parameters (half duplex, full duplex...), synch done at this layer |
Presentation Layer Function | Prepares the data to be ready for other layers and recipient Compression & Encryption is done here |
Transport Layer | responsible for moving the App from one PC to another, establishes virtual connection to specify which application to be used Guarantee messages revival |
OSI Layering Advantages | Allows protocol designers and implementers to divide up the problem and focus on solving one piece of the problem at a time. |
Services vs. Protocols | Service is provided by one layer to the other one above it Protocol is specifying how service is implemented |
ISO 7498-2 | Dealing specifically with the security of communications networks |
ISO-7498-2 stages life cycle | Define a security policy. Analyze the security threats according to the policy. Define the security services to meet threats. Define the security mechanisms to provide services. Provide on-going management of security. |
Rules | Describes how the system should work and configured, there are two types; identity based (based on the identity) & rule based (based on the configured rules) |
Want to create your own Flashcards for free with GoConqr? Learn more.