Network Security Basics Practice Questions

Diffie-Hellman key exchange: (1) Public parameters: large prime p and generator g (publicly known). (2) Alice chooses private a, computes A = g^a mod p, sends A to Bob. (3) Bob chooses private b, computes B = g^b mod p, sends B to Alice. (4) Alice computes S = B^a mod p = g^(ab) mod p. (5) Bob computes S = A^b mod p = g^(ab) mod p. Both arrive at the same secret S = g^(ab) mod p. Security relies on the Discrete Logarithm Problem - given g, p, and g^a mod p, computing a is computationally infeasible. Vulnerability: susceptible to man-in-the-middle attack without authentication of the exchange.

DNS cache poisoning: A: TRUE - attacker injects false (A/AAAA record) mappings into a DNS resolver's cache. Future clients querying that resolver receive the attacker's IP instead of the legitimate one, redirecting to phishing/malware sites. The classic Kaminsky attack (2008) exploits the 16-bit transaction ID randomness - by racing to respond before the legitimate authoritative server with a forged response matching the transaction ID. C: TRUE - on-path attackers can intercept DNS queries (unencrypted UDP) and inject fake responses (if they can match the transaction ID and source port). Mitigation: DNSSEC (DNS Security Extensions) - digitally signs DNS records, allowing resolvers to verify authenticity. DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt DNS queries.

AES (Advanced Encryption Standard, FIPS 197): A: TRUE - fixed block size = 128 bits; key sizes = 128 (10 rounds), 192 (12 rounds), 256 bits (14 rounds). B: TRUE - AES was selected by NIST in 2001 to replace DES (which had only 56-bit keys, breakable by brute force). The selection was based on a 5-year public competition won by Rijndael. D: TRUE - AES uses a substitution-permutation network (SPN): each round consists of SubBytes (S-box substitution), ShiftRows (permutation), MixColumns (diffusion), and AddRoundKey (XOR with round key). C: FALSE - AES is a block cipher (operates on 128-bit blocks), NOT a stream cipher. Stream ciphers (RC4, ChaCha20) encrypt data one bit/byte at a time.

Nonces (numbers used once) or timestamps in authentication messages prevent replay attacks. If an attacker resends a captured message, the nonce/timestamp will be stale or duplicate, and the receiver rejects it.

TLS uses all three cryptographic primitives in complementary roles: A: Asymmetric (RSA, ECDH): TLS handshake - server's RSA certificate authenticates the server; ECDH (Elliptic Curve Diffie-Hellman) establishes a shared secret without transmitting it. B: Symmetric (AES-GCM, ChaCha20): bulk data encryption - after the handshake derives session keys, all application data is encrypted symmetrically because it is ~1000x faster than asymmetric. C: Hash functions (SHA-256, SHA-384): HMAC for record integrity, PRF (Pseudo-Random Function) for key derivation, digital signatures in certificates. D is FALSE - TLS specifically uses hybrid encryption (asymmetric for key exchange, symmetric for data) precisely because asymmetric alone would be too slow for bulk data.

RSA (Rivest-Shamir-Adleman) public key cryptosystem: Key generation: choose two large primes p, q; n = p×q; φ(n) = (p-1)(q-1); choose e such that gcd(e, φ(n)) = 1; compute d such that e×d ≡ 1 (mod φ(n)). Public key = (e, n); Private key = (d, n). Encryption: C = M^e mod n (using receiver's public key). Decryption: M = C^d mod n (using receiver's private key). Security relies on the difficulty of factoring large numbers n = p×q. RSA is slow for large data - in practice, RSA encrypts a symmetric session key which then encrypts the actual data (hybrid encryption).

The birthday paradox states that in a group of ~√(2^n) = 2^(n/2) people, there is a ~50% probability that two share the same birthday (hash value). For an n-bit hash function: a brute-force pre-image attack requires ~2^n operations (finding m given H(m)). A birthday (collision) attack requires only ~2^(n/2) operations - generate 2^(n/2) random messages, sort their hashes, and find a collision. This is why MD5 (128-bit) is broken - 2^64 operations for collision vs 2^128 for pre-image. SHA-256 (256-bit) requires 2^128 for birthday attack - computationally infeasible. Hash functions must have sufficient output length (≥160 bits for collision resistance).

IPsec protocols: AH (Authentication Header, Protocol 51): provides authentication and integrity for the entire IP packet (including IP header) but NO confidentiality (no encryption). Adds an authentication header with HMAC. ESP (Encapsulating Security Payload, Protocol 50): provides confidentiality (encryption of payload), authentication, and integrity. Does not protect the outer IP header in tunnel mode. IPsec modes: Transport mode - protects the payload between two hosts. Tunnel mode - encapsulates the entire original packet in a new IP packet, used for VPNs between gateways. IKE (Internet Key Exchange) negotiates security associations (SAs) and keys for IPsec.

Replay attack: an attacker captures a legitimate authentication message (e.g., a login packet, encrypted session token) and re-sends (replays) it later to authenticate as the legitimate user, even without knowing the actual credentials or encryption key. The replayed message is valid because it was genuinely sent before. Prevention techniques: (1) Timestamps - messages include current time; recipient rejects messages older than a threshold (e.g., 5 minutes). Requires synchronized clocks (NTP). (2) Nonces (Number used ONCE) - server sends a fresh random challenge; client includes it in response; each nonce accepted only once. (3) Sequence numbers - each message has an incrementing sequence number; duplicates are rejected. TLS uses sequence numbers; Kerberos uses timestamps.

Symmetric key (shared key) algorithms use the same key K for encryption E_K(plaintext) = ciphertext and decryption D_K(ciphertext) = plaintext: AES - current standard, key sizes 128/192/256 bits, block cipher, replaced DES. DES - 56-bit key, 64-bit block cipher, now considered insecure (brute-forceable). 3DES - applies DES three times (Encrypt-Decrypt-Encrypt with 2 or 3 keys), 112/168 effective bits. These are all symmetric. RSA is an asymmetric (public key) algorithm - uses a public key for encryption and a private key for decryption (or vice versa for signatures). Symmetric algorithms are faster than asymmetric but have the key distribution problem.

SSL/TLS operates between the Transport Layer and Application Layer, providing a secure channel for application protocols like HTTP (making HTTPS), FTP, SMTP, etc.

IDS (Intrusion Detection System): passively monitors network traffic or host activity, comparing against known attack signatures (signature-based) or baseline behavior (anomaly-based). Generates alerts when suspicious activity is detected but does NOT take action to block traffic. Acts as a security camera - records and alerts. IPS (Intrusion Prevention System): sits inline in the network path (like a firewall), actively inspects traffic and can DROP, RESET, or BLOCK malicious packets in real time. Acts as a security guard - detects AND prevents. IDS is less disruptive (no false-positive blocking), but IPS provides active protection. Network-based (NIDS/NIPS) vs Host-based (HIDS/HIPS). Modern NGFW often includes integrated IPS functionality.

The four fundamental network security goals are: (1) Confidentiality - ensuring information is accessible only to authorized parties; achieved through encryption. (2) Integrity - ensuring data is not altered in transit (accidentally or maliciously); achieved through message authentication codes (MACs) and digital signatures. (3) Availability - ensuring systems and data are accessible to authorized users when needed; threatened by DoS/DDoS attacks. (4) Authentication - verifying the identity of communicating parties; achieved through passwords, certificates, digital signatures. Non-repudiation is sometimes added as a fifth goal: a sender cannot deny having sent a message.

Diffie-Hellman key exchange is vulnerable to MITM attacks because it provides no authentication - neither party can verify they are communicating with the intended party, so an attacker can impersonate both sides.

In asymmetric encryption for confidentiality: Alice uses Bob's PUBLIC key to encrypt the message. Only Bob can decrypt it using Bob's PRIVATE key (which only Bob possesses). The public key is freely distributed; the private key is kept secret. This solves the key distribution problem of symmetric cryptography. For digital signatures (authentication): the sender uses their OWN private key to sign; receivers verify using the sender's public key. Mnemonic: Encrypt with receiver's public key (confidentiality); Sign with sender's private key (authentication).

In RSA, encryption uses the public key: $C = M^e \mod n$. Decryption uses the private key: $M = C^d \mod n$. The security relies on the difficulty of factoring $n = p \times q$.

A SYN flood attack sends many SYN packets with spoofed source addresses. The server allocates resources for half-open connections, exhausting memory/connection tables and causing denial of service.

Certificate Revocation List (CRL): a CA periodically publishes a signed list of serial numbers of certificates that have been revoked (invalidated) before their expiration date. Why needed: if a private key is compromised, the organization changes, or the CA issued the certificate in error, the certificate must be revoked. Without revocation, a compromised certificate remains valid until its expiry. Clients download CRLs and check whether a certificate's serial number appears before trusting it. Limitations: CRLs can be large and may be stale (revocation latency). OCSP (Online Certificate Status Protocol) provides real-time certificate status check per certificate, addressing CRL limitations. OCSP Stapling has the server include the OCSP response to reduce client latency.

WEP vulnerabilities: A: TRUE - WEP uses a static shared key (40 or 104 bits) that never changes, making it vulnerable to long-term attacks if enough traffic is captured. B: TRUE - WEP uses RC4 with a 24-bit IV prepended to the key. With 2^24 = 16 million possible IVs, on a busy network IV reuse is guaranteed. The FMS attack (2001) and later tools like Aircrack-ng can recover the WEP key from ~40,000-85,000 captured packets in minutes. D: TRUE - WPA (2003) introduced TKIP (per-packet key mixing, longer IVs); WPA2 (2004) uses AES-CCMP for strong encryption and integrity. C: FALSE - WEP does include a CRC-32 integrity check, but it is not cryptographically secure (linear and can be manipulated).