Exam 1 Preparation
Terms you should know
October 3, 2019
We covered quite a lot of terminology in the class lectures and assignments. What follows is a list of terms that should now be familiar to you. You don’t necessarily need to have a deep knowledge of some of them but you should be able to define them or, at the very least, recognize a definition of them.
Lecture 1: Introduction
- CIA
- Confidentiality
- Integrity
- Availability
- Privacy
- Secrecy
- Systems issue
- Social engineering
- Pretexting
- Prevention
- Detection
- Recovery
- Forensics
- Policy
- Mechanism
- Security engineering
- Risk analysis
- Vulnerability
- Threat
- Attack
- Attack vector
- Attack surface
- Disclosure
- Exposure
- Interception
- Interference
- Intrusion
- Deception
- Disruption
- Usurpation
- Botnet
- Denial of Service (DoS)
- Asymmetric power
- Opportunistic attacks
- Targeted attacks
- Script kiddies
- Advanced Persistent Threat (APT)
- Advanced Targeted Attack (ATA)
- Lateral movement
- Threat model
- Trust boundary
- Trusted computing base (TCB)
- Trusted system
- Trustworthy system
- Security theater
Lecture 2: Access Control
- Protection
- Mechanism, policy
- Access control
- Hardware timer
- Process scheduler
- Starvation
- Availability
- Memory Management Unit
- Virtual memory
- Page table
- User mode
- Kernel mode, privileged mode, supervisor mode
- Trap
- Violation
- Protection rings
- Call gates
- Subject
- Principal
- Object
- Authentication
- Protection domain
- Access Control matrix
- Access Control List (ACL)
- Owner
- Group
- umask
- Extended attributes
- Capability List
- Capability
- Access token
- UNIX permissions
- User ID
- Access Control Entry
- setuid
- setgid
- Privilege separation
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
- Multi-level security
- Bell-LaPadula Model (BLP)
- No read up; no write down
- Type Enforcement Model (TE)
- Role-Based Access Control (RBAC)
- Roles
- Biba Model
- Mandatory Integrity Control
- No write up; no read down
- Multilateral security (Lattice Model)
- Compartmentization
- Chinese Wall Model
- Separation of duty
Lecture 3: Hijacking and Injection
- Hijacking
- Code injection
- Stack smashing
- Social engineering
- Assumptions
- Vulnerabilities
- Exploit
- Privileged programs
- Buffer overflow
- Zero-day vulnerability
- Bounds checking
- Stack buffer overflow
- Base pointer
- Stack pointer
- Benign overflow
- Malicious overflow
- NOP slide
- Landing zone
- Off-by-one overflow
- Safe functions
- Stack
- Heap
- Text
- Heap overflow
- Printf format string
- Fuzzing
- Data Execution Protection
- No Execute (NX)
- Return-to-libc
- system function
- Return Oriented Programming (ROP)
- Gadgets
- Address Space Layout Randomization (ASLR)
- Position independent code
- Canaries
- Command injection
- SQL Injection
- Escaping, sanitizing input
- Function interposition
- LD_PRELOAD
- File descriptor
- Pathname parsing
- Unicode
- TOCTTOU: Time of Check to Time of Use
- Race condition
Lecture 4: Confinement
- chroot
- chroot jail
- Jailkit
- Escaping a jail
- FreeBSD Jail
- Linux namespaces
- Linux capabilities
- Limited elevation of privileges
- Control groups (croups)
- Lightweight process virtualization
- Comprehension problem
- Container
- Copy on write
- AppArmor
- Docker
- Container Orchestration
- Kubernetes
- Hypervisor
- Virtual Machine Monitor (VMM)
- Virtual Machine
- Privileged instructions
- Unprivileged instructions
- Trap and emulate
- Host OS
- Guest OS
- Root mode (root level)
- Native VM
- Hosted VM
- Covert channel
- Side channel attack
- Sandbox
- System call interposition
- Janus sandbox
- System call hooks
- seccomp-BPF
- Chromium Native Client (NaCl)
- Inner sandbox
- Outer sandbox
- Java sandbox
- Bytecode verifier
- Class loader
- Security manager