wieerwill/Informatik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add some answers

Browse Source
This commit is contained in:
WieErWill 2021-07-30 19:27:34 +02:00
parent dfe1bb6814
commit 66016a453e
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Systemsicherheit - Questions.pdf
View File

Binary file not shown.

14
Systemsicherheit - Questions.tex
View File

@ -1,5 +1,5 @@
\documentclass[10pt]{exam} % Doc : https://mirrors.ircam.fr/pub/CTAN/macros/latex/contrib/exam/examdoc.pdf
%\printanswers % Comment this line to hide the answers
\printanswers % Comment this line to hide the answers
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage[german]{babel}
@ -25,7 +25,6 @@
\question \textbf{Risks in Electronic Payment:}\hfill
From your personal experience: Which risks are involved in electronic payment systems?
Start with thinking about the vulnerabilities of todays methods, procedures, and mechanisms you are familiar with. Here are two possible scenarios:
\begin{parts}
\part Paying with a debit card (e.g. EC Maestro): starting with its use in a shop and ending with the money withdrawal from your bank account.
@ -33,6 +32,11 @@
\end{parts}
What are the advantages of smart cards (such as your thoska), carrying a microprocessor for cryptographic computations?
\begin{solution}
Electronic payment involves theft of data or money. Hackers may get access to bank accounts and use it the same way as the normal user but with different intentions (get rich). To prevent hacking of accounts, banks use different ways of defense.
While paying with a debit card, the user must provide the card (physical item) and the pin code (knowledge). To prevent bruteforce attacks, a bank account is locked after a short number of invalid pin codes.
Home banking uses a password (knowledge) and a TAN via Mail/Phone to have the possibility of hackers minimized.
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@ -40,6 +44,8 @@
Which vulnerabilities are exploited by a buffer overflow attack? How can you counter buffer overflow attacks? How could you at least mitigate the effects of successful buffer overflow attacks?
\begin{solution}
Buffer overflow attacks aim to trick the softwar to execute futher attack code and exploit whatever the hacker needs. To prevent buffer overflow, one must check the maximum possible length of the input versus the users input. To mitigate any successfull attack, a programm should be contained and not have access to further information or programms but the necessary.
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@ -50,6 +56,8 @@
\part What are the consequences for systems security?
\end{parts}
\begin{solution}
Data is a collection of values like characters, numbers or other data types. Unprocessed data have little to no meaning to a human.
Information is processed data so a human can read, understand and use it.
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@ -57,6 +65,8 @@
Which special properties of root kits make them so extremely dangerous?
\begin{solution}
Invisible, total sustainable takeover of a complete IT system.
Root Kits are a comprehensive tool kit for fully automated attacks on all levels of the software stack.
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%