245. What are the Bell-LaPadula access control model and mandatory access control policy examples of?

a. Identity-based access controls (IBAC)

b. Attribute-based access controls (ABAC)

c. Role-based access controls (RBAC)

d. Rule-based access controls (RuBAC)

245. d. The rule-based access control (RuBAC) is based on specific rules relating to the nature of the subject and object. A RuBAC decision requires authorization information and restriction information to compare before any access is granted. Both Bell-LaPadula access control model and mandatory access control policy deals with rules. The other three choices do not deal with rules.

246. Which of the following security solutions for access control is simple to use and easy to administer?

a. Passwords

b. Cryptographic tokens

c. Hardware keys

d. Encrypted data files

246. c. Hardware keys are devices that do not require a complicated process of administering user rights and access privileges. They are simple keys, similar to door keys that can be plugged into the personal computer before a person can successfully log on to access controlled data files and programs. Each user gets a set of keys for his personal use. Hardware keys are simple to use and easy to administer.

Passwords is an incorrect answer because they do require some amount of security administrative work such as setting up the account and helping users when they forget passwords. Passwords are simple to use but hard to administer.

Cryptographic tokens is an incorrect answer because they do require some amount of security administrative work. Tokens need to be assigned, programmed, tracked, and disposed of.

Encrypted data files is an incorrect answer because they do require some amount of security administrative work. Encryption keys need to be assigned to the owners for encryption and decryption purposes.

247. Cryptographic authentication systems must specify how the cryptographic algorithms will be used. Which of the following authentication systems would reduce the risk of impersonation in an environment of networked computer systems?

a. Kerberos-based authentication system

b. Password-based authentication system

c. Memory token-based authentication system

d. Smart token-based authentication system

247. a. The primary goal of Kerberos is to prevent system users from claiming the identity of other users in a distributed computing environment. The Kerberos authentication system is based on secret key cryptography. The Kerberos protocol provides strong authentication of users and host computer systems. Further, Kerberos uses a trusted third party to manage the cryptographic keying relationships, which are critical to the authentication process. System users have a significant degree of control over the workstations used to access network services, and these workstations must therefore be considered not trusted.

Kerberos was developed to provide distributed network authentication services involving client/server systems. A primary threat in this type of client/server system is the possibility that one user claims the identity of another user (impersonation), thereby gaining access to system services without the proper authorization. To protect against this threat, Kerberos provides a trusted third party accessible to network entities, which supports the services required for authentication between these entities. This trusted third party is known as the Kerberos key distribution server, which shares secret cryptographic keys with each client and server within a particular realm. The Kerberos authentication model is based upon the presentation of cryptographic tickets to prove the identity of clients requesting services from a host system or server.

The other three choices are incorrect because they cannot reduce the risk of impersonation. For example: (i) passwords can be shared, guessed, or captured and (ii) memory tokens and smart tokens can be lost or stolen. Also, these three choices do not use a trusted third party to strengthen controls as Kerberos does.

248. What do the weaknesses of Kerberos include?

1. Subject to dictionary attacks.

2. Works with existing security systems software.

3. Intercepting and analyzing network traffic is difficult.

4. Every network application must be modified.

a. 1 and 2

b. 2 and 3

c. 1 and 4

d. 3 and 4

248. c. Kerberos is an authentication system with encryption mechanisms that make network traffic secure. Weaknesses of Kerberos include (i) it is subject to dictionary attacks where passwords can be stolen by an attacker and (ii) it requires modification of all network application source code, which is a problem with vendor developed applications with no source code provided to users. Kerberos strengths include that it can be added to an existing security system and that it makes intercepting and analyzing network traffic difficult. This is due to the use of encryption in Kerberos.

249. Less common ways to initiate impersonation attacks on the network include the use of which of the following?

a. Firewalls and account names

b. Passwords and account names

c. Biometric checks and physical keys

d. Passwords and digital certificates

249. c. Impersonation attacks involving the use of physical keys and biometric checks are less likely due to the need for the network attacker to be physically near the biometric equipment. Passwords and account names are incorrect because they are the most common way to initiate impersonation attacks on the network. A firewall is a mechanism to protect IT computing sites against Internet-borne attacks. Most digital certificates are password-protected and have an encrypted file that contains identification information about its holder.

250. Which of the following security services can Kerberos best provide?

a. Authentication

b. Confidentiality

c. Integrity

d. Availability

250. a. Kerberos is a de facto standard for an authentication protocol, providing a robust authentication method. Kerberos was developed to enable network applications to securely identify their peers and can be used for local/remote logins, remote execution, file transfer, transparent file access (i.e., access of remote files on the network as though they were local) and for client/server requests. The Kerberos system includes a Kerberos server, applications which use Kerberos authentication, and libraries for use in developing applications which use Kerberos authentication. In addition to secure remote procedure call (Secure RPC), Kerberos prevents impersonation in a network environment and only provides authentication services. Other services such as confidentiality, integrity, and availability must be provided by other means. With Kerberos and secure RPC, passwords are not transmitted over the network in plaintext.

In Kerberos two items need to prove authentication. The first is the ticket and the second is the authenticator. The ticket consists of the requested server name, the client name, the address of the client, the time the ticket was issued, the lifetime of the ticket, the session key to be used between the client and the server, and some other fields. The ticket is encrypted using the server’s secret key and thus cannot be correctly decrypted by the user. If the server can properly decrypt the ticket when the client presents it and if the client presents the authenticator encrypted using the session key contained in the ticket, the server can have confidence in the user’s identity. The authenticator contains the client name, address, current time, and some other fields. The authenticator is encrypted by the client using the session key shared with the server. The authenticator provides a time-validation for the credential. If a user possesses both the proper credential and the authenticator encrypted with the correct session key and presents these items within the lifetime of the ticket, then the user’s identity can be authenticated.