Welcome to the NSE Wiki of ASE


This wiki intends to support the course Network Security Essentials . The course is based on William Stallings's book entitled Network Security Essentials, 4ed., Pearson, 2012. Below is the answers to the review question of the book initially formulated by the class.

Answers to review questions from Ch. 1

http://en.wikipedia.org/wiki/OSI_model

What is the OSI security architecture?

Open Systems Interconnection (OSI).


What is the difference between passive and active security threats?

Passive attacks are of the form of eavesdropping, ie traffic analysis, and release of message contents. They are very hard to detect, as data is not altered in any way.
Active attacks involve data injection, creation, or alteration.

List and briefly define categories of passive and active security attacks

Passive attacks
Release of message contents: involves an eavesdropper listening in and reading data shared between two parties.
Traffic Analysis: involves an eavesdropper analysing the packets sent between two parties e.g. sniffing for passwords within those packets

Active Attacks
Masquerade: when an attacker/ entity pretends to be a different entity. It normally involves one of the other active attacks
Replay: to produce an unauthorized effect a passively captured packet is held and retransmitted
Modification of Messages: legitimate data packets are altered to produce an unauthorized effect
Denial of Service: prevents or inhibits the normal use or management of of communications facilities

List and briefly define categories of security services

Authentication: Assurance that the communication entity is the one it claims to be
Access Control: prevention of unauthorized entry or use of a resource
Data Confidentiality: The protection of data from unauthorized disclosure
Data Integrity: Data received is exactly the same as the data sent
Non-repudiation: protection against denial

List and briefly define categories of security mechanism