Emmett's Integration Security Quiz o' Doom
Security and integration are far from mutually exculsive. Which is why it might help to know a little something about password authentication, asymmetric cryptography, server security, IPsec...
Integration and security are often seen as opposites of each other. In fact, many think the easiest way to enable integration between operating systems is to remove the security measures that get in the way.
This is sort of like mowing your yard without a mower deck and just carrying a 15-horsepower motor with a sharp blade whirring.
Frankly, security is one of the most important items to focus on when it comes to integration -- hence this little test. Following are 10 questions on generic security features and tools you should know if you're working with multiple operating systems. Scroll down to the end for the answers. And good luck!
1. What type of virus changes its own code?
B. Boot sector
2. When IPsec is operating in tunnel mode, which portions (if any) of each packet traversing the link are encrypted?
A. Both the header and the payload
B. Only the header
C. Only the payload
D. Neither the header nor the payload
3. When deploying a server to function as a single-role system, which of the following is the best rule of thumb to follow in order to maximize security?
A. Deploy a second NIC.
B. Install RAID 1.
C. Disable all unnecessary services.
D. Remove the CD drive.
4. What ports does FTP use?
A. 20 and 21
B. 23 and 143
C. 25 and 110
D. 67 and 68
5. When using symmetric cryptography, how many different keys are required to encrypt and decrypt communications?
6. Which of the following determines the strength of a hash algorithm?
A. It produces the longest hash value.
B. It uses a reversible function.
C. All produced hashes are unique.
D. It uses key escrow.
7. Which of the following is an asymmetric cryptography system?
8. If password authentication alone isn't secure enough for your organization's needs, which of the following represents an increase in authentication security?
A. Biometric authentication
B. Decentralized authentication
C. Logical location authentication
D. Two-factor authentication
9. The fact that a message's sender cannot deny sending that message is the definition of...
10. Which of the following describes a certificate found on a CRL?
A. Currently time-valid but unused for three weeks
B. Not time-valid
C. Not time-valid but renewed
D. Currently time-valid but revoked for use violations
A polymorphic virus is a virus that has a mutation engine for the purpose of rewriting its own code to avoid detection. A stealth virus performs its malicious actions subtly in order to avoid detection. A boot sector virus infects the master boot record so it's loaded into memory each time the drive is accessed. A macro virus is part of productivity suite documents and can be cross-platform.
2. A: When IPsec is operating in tunnel mode, both the header and the payload of each packet traversing the link are encrypted.
3. C: Disabling all unnecessary services is the best rule of thumb to follow when imposing security on a single-role system. Adding a second NIC is not usually a security decision. RAID 1 is disk mirroring; while a good idea, it is not the best idea for a single-role system from this list of options. Removing the CD drive might be an option to consider, but it is definitely not the best idea for a single-role system from this list of options.
4. A: FTP uses ports 20 and 21. Telnet uses port 23, while IMAP uses port 143. SMTP uses port 25, while POP3 uses port 110. DHCP uses ports 67 and 68.
5. B: Only one key is needed to encrypt and decrypt communications using symmetric cryptography.
6. C: A strong hash algorithm will always produce unique hashes. A longer hash value isn't always stronger. Hashes are never reversible. Hashes don't employ key escrow.
7. A: RSA is an asymmetric cryptography system. DES and AES are symmetric cryptography systems. SHA is a hashing algorithm.
8. D: Two-factor authentication is an increased security concept beyond that of a sole password. Biometric authentication alone is no more secure than password authentication alone. Decentralized authentication is usually less secure than a centralized authentication system, especially for large networks. Logical location authentication alone is weak and easily spoofed; therefore, it should only be used as additional security hurdles rather than as a standalone solution.
9. C: Non-repudiation refers to the fact that a message's sender cannot deny sending that message. Authentication is the process of proving one's identity. Confidentiality is prevention of unauthorized access. Integrity is prevention of unauthorized changes.
10. D: The CRL only contains the IDs of certificates that are currently time-valid but revoked for use violations. Idle certificates are still valid and not on the CRL. Certificates that are not time-valid are automatically rejected by PKI systems and thus are not retained on the CRL.
Emmett Dulaney is the author of several books on Linux, Unix and certification,
including the Security+ Study Guide, Fourth Edition. He can be reached at [email protected].