【Information Security】-Classic interview questions vomiting blood finishing

Others 2021-03-30 11:41:01 views: null

This article is written for bloggers to prepare for the postgraduate re-examination. It involves some key safety-related courses learned at the undergraduate level. The details are elaborated in other articles and can be consulted if necessary.

table of Contents

Three Elements of Information Security CIA

Firewall technology

Intrusion detection technology

Identity authentication technology

Physical layer security issues

Network layer security issues

Transport layer security issues

Application layer security issues

Access control

Cryptography

Security Protocol

Worms VS Trojans VS Viruses

honey jar

Session mechanism and token mechanism

Penetration test

Vulnerabilities and attacks

1.sql injection

2.XSS injection

3.CSRF attack

4. Vulnerabilities related to session

5. Clickjacking attack

6. File upload vulnerability

7. Pseudo-random number problem

8. Distributed denial of service attack DDOS

Security tools:

  • Three Elements of Information Security CIA

    • Confidentiality : To ensure that information is not leaked to unauthorized users.
    • Integrity : to ensure that the information is transmitted from the real sender to the real receiver without being added, deleted, or replaced by illegal users during the transmission process.
    • Availability (Availability) : to ensure that authorized users can access data in a timely and reliable manner.
    • Another: Controllability, Non-Repudiation

  • Firewall technology

    • A firewall is a border checkpoint in a computer network to protect the internal network. There are many forms of firewalls, generally a combination of software and hardware. The main function is to perform access control and content control. There are three main technologies, namely packet filtering technology, condition monitoring technology, and proxy service technology. In the system model of shielding the host, there is a gateway router at the boundary of the internal and external networks, which performs complex packet filtering, and the internal network has a bastion host responsible for proxy services, and the two cooperate with each other to realize the function of a firewall. At the same time, firewalls also have some limitations.
    • https://blog.csdn.net/qq_39328436/article/details/115054500

  • Intrusion detection technology

    • The Intrusion Detection System (IDS) in the network is like an automatic anti-theft alarm in the physical world , which monitors various activities in progress around it. There are two models, one is host-based IDS, and the other is network-based IDS. These two models are relatively similar. The core components are the communication flow collector, analysis engine, and feature database. The host-based IDS collects the log files and other key files of the machine, and the network-based IDS collects all the data packets flowing through the network segment. After the analysis engine obtains the data, it performs pattern matching with the records in the feature database to determine which behaviors are good and which behaviors are bad.
    • https://blog.csdn.net/qq_39328436/article/details/115084272

  • Identity authentication technology

    • Identity authentication technology is used to determine the legal identity of a user. There are password-based identity authentication technology, two-factor authentication, identity authentication based on x509 certificate, identity authentication based on USB key, identity authentication based on biometrics, and various identity authentication protocols, such as Kerberos, PAP for PPP protocol And CHAP etc.
    • https://blog.csdn.net/qq_39328436/article/details/115177458

  • Physical layer security issues

    • On a shared LAN, an attacker can sniff messages sent by other devices, and use the switch's self-learning function to initiate MAC address flooding attacks , which makes the switch's traffic isolation function invalid and can further expand the scope of sniffing

    • https://blog.csdn.net/qq_39328436/article/details/115118488

  • Network layer security issues

    • Regarding the ARP protocol , because the computer responds to each ARP response message received and updates its own ARP buffer table, an attacker can use this vulnerability to initiate a man-in-the-middle attack, or use an address conflict to make the target host unable to connect to the Internet. Regarding the ip protocol , because the source address of the ip is unreliable, attackers can use this vulnerability to launch blind flight attacks and use the source routing mechanism to launch man-in-the-middle attacks . This vulnerability can be prevented by unicast reverse verification. Regarding the ICMP protocol , a smurf attack can be initiated by using the echo message, and the route of the host can be changed by using the route redirection message.

    • https://blog.csdn.net/qq_39328436/article/details/115119347

  • Transport layer security issues

  • Application layer security issues

    • For the DHCP protocol , an attacker can forge a large number of DHCP discovery messages, consuming all the addresses in the address pool, or forge a DHCP release message to allow ip addresses to be allocated repeatedly, or forge a DHCP offer message to provide customers with invalid ip address. For the DNS protocol , an attacker can launch a DOS attack, forge a large number of DNS query messages, flood the DNS server, or flood the host, or forge DNS response messages, maliciously tamper with the address items corresponding to the domain name and ip, and initiate DNS hijacking. For the http protocol , SQL injection can be initiated.
    • https://blog.csdn.net/qq_39328436/article/details/115141362

  • Access control

    • Mainly learned 4 kinds of access control models. The characteristic of Discretionary Access Control (DAC) is that the creator of the object can grant other subjects access to the object, which is very flexible. The implementation methods include an access control matrix, an access control list, and an access control capability list. The access control matrix is ​​a triple, including subject, object and access authority; the access control list is created based on the file as the center, and the access control capability list is created based on the user as the center. The second type of access control strategy is strong access control (MAC), which is a type of access control based on security levels. Each subject and object is granted a different security level. Access is performed by judging the security level between the subject and the object. control. The third type of strategy is role-based access control (RBAC). The difference from the above two types of access control is that this strategy does not directly grant permissions to users, but instead gives users different roles, and each role has different permissions. Because role-based access control may bring about role explosions, there is a fourth type of access control, namely attribute-based access control (ABAC). Each user carries its own attributes, including subject attributes, resource attributes, and environmental attributes. To access the object, the authorization engine performs access control based on these attributes.
    • https://blog.csdn.net/qq_39328436/article/details/115277008

  • Cryptography

    • The first is encryption and decryption algorithms , which are generally divided into symmetric encryption algorithms and asymmetric encryption algorithms. The difference between the two is that the symmetric encryption algorithm uses a secret key for encryption and decryption. The communication parties need to negotiate the secret key. The Diffle-Hellman protocol is used The secret key in the symmetric encryption system is negotiated, while the asymmetric encryption algorithm uses different secret keys for encryption and decryption. Symmetric encryption algorithms are divided into stream ciphers and block ciphers. The difference between the two is whether to block the plaintext. The representative of stream cipher is RC4. Block ciphers include DES and AES. The encryption and decryption process of DES needs to go through 16 rounds of Feistel structure. The encryption and decryption process of AES needs byte substitution, row shift, column mixing and so on. The two parties of symmetric encryption have to negotiate the secret key, and the pressure of secret key management is great, so asymmetric encryption is introduced. The representative of asymmetric encryption is the RSA and ECC algorithms. RSA is based on the difficult problem of large integer decomposition, and ECC is based on the elliptic curve discrete logarithm problem. Compared with RSA, ECC has a shorter secret key, which is more suitable for small buses such as bus cards. Capacity of hardware facilities. The second part talks about the hash function . The hash function in cryptography is different from the hash function in the data structure. A secure hash function requires three characteristics: first one-way, strong non-collision, Compressibility. At present, the mainstream hash functions include MD5, SHA-0, SHA-1, etc. The third part introduces the digital signature based on the hash function , its role is to perform identity authentication and protect the integrity of the data. Digital signature algorithms include RSA and DSS. RSA is an algorithm that can be used for both encryption and signature. The DSS algorithm is based on the difficulty of discrete logarithms. The last part introduces digital certificates , the purpose of which is to ensure that the public key will not be forged.
    • https://blog.csdn.net/qq_39328436/article/details/115269492

  • Security Protocol

    1. IPSEC : Located at the network layer, this is a security protocol suite. The main function is authentication and encryption. In order to achieve authentication and encryption, key management and exchange functions are required, which are implemented by three components, AH, ESP, and IKE;
    2. SSL/TLS : Located between the transport layer and the application layer, it can be subdivided into two sub-layers, namely the SSL record protocol layer and the SSL handshake protocol layer, which respectively encapsulate, compress and encrypt complete information, as well as the identity authentication and secret key of the communicating parties. For the management function, SSL can cooperate with the http protocol of the reference layer to form https, and it can also ensure the security of the mail protocol.
    3. Kerberos : Located at the application layer, this is an identity authentication protocol.
    4. MIME : Used on SMTP, in addition to the functions of encryption and decryption, MIME can also make the SMTP protocol that could only transmit ASCII codes more colorful
    5. PGP : Used on top of SMTP, it is an abbreviation of pretty good privacy, and a security application
    6. SET : This is a security protocol specifically for credit card electronic payment, ensuring consistency and security issues among banks, merchants and customers.

  • Worms VS Trojans VS Viruses

    • The difference between a Trojan horse and a virus worm is that the Trojan horse can be used to establish a remote connection and remotely control the victim's host.
    • The difference between a worm and a Trojan horse is that its principle is to use a buffer overflow vulnerability to modify the return value of a function to carry out an automatic attack.
    • https://blog.csdn.net/qq_39328436/article/details/115246804

  • honey jar

    • A honeypot is a trap. From the perspective of an attacker, what you see is a real network with vulnerabilities. From the perspective of a security officer, it is a software that simulates a real network. When an attacker attacks a honeypot, security personnel can analyze the behavior of the attacker, what he wants to do, what security tools he uses, etc., to better maintain network security.
    • https://blog.csdn.net/qq_39328436/article/details/115085028

  • Session mechanism and token mechanism

  • Penetration test

    • The penetration test of "China Settlement" mainly consists of three parts. The first part is information collection, including domain name information, real IP, commonly used port numbers, and so on. The second part is to use some penetration testing tools to scan for vulnerabilities, including SQLmap, BurpSiute, Nmap, etc. The third part is to write a penetration test report. Finally, we found 5 intermediate vulnerabilities and 8 light vulnerabilities.
    • https://blog.csdn.net/qq_39328436/article/details/114240902

  • Vulnerabilities and attacks

    • 1.sql injection

    • 2.XSS injection

    • 3.CSRF attack

    • 4. Vulnerabilities related to session

      • Cookie hijacking: The attacker obtains the cookie of the logged-in user and pretends to be the user's identity
      • Fixed session attack: the attacker forged a cookie, allowing the user to log in to the account based on the cookie, and then the attacker can impersonate the user's identity
      • Session retention: no expiration time is set for the session
      • https://blog.csdn.net/qq_39328436/article/details/114262076

    • 5. Clickjacking attack

      • The attacker uses a transparent, invisible iframe, overlaid on a web page, to entice users to click

    • 6. File upload vulnerability

      • The user uploaded an executable script file and obtained the ability to execute server-side commands through the script file.
      • Uploading a file itself is a normal business requirement. The problem is how the server handles the interpretation file after the file is uploaded. If the server processing logic is not secure enough, this will lead to serious consequences.

    • 7. Pseudo-random number problem

      • Pseudo-random numbers are random numbers generated by some mathematical algorithms. They are not true random numbers and can be predicted. Corresponding to "true random numbers" should be random numbers generated by some physical systems, such as voltage fluctuations, electromagnetic wave noise in the air, and so on.

    • 8. Distributed denial of service attack DDOS

      • The resources of the server are limited. If the resources are maliciously occupied by an attacker, the server cannot provide services to real users. The classic DDOS attacks include SYN Flood, UDP Flood, ICMP Flood, etc.

Security tools:

 

Guess you like

Origin blog.csdn.net/qq_39328436/article/details/112212534
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com