Schroeder & _______
Nothing but S3
Unrealistic Portrayals
Classic Crypto
Odds and Ends
100
________ Privilege : do not give more permissions than needed to any entity
What is Least Privilege
100
(T/F) AWS S3 permissions in a bucket apply to all objects on that bucket
What is TRUE
100
This is how assembly code was supposed to look in which 2001 movie ? http://theatln.tc/2BMSVe7
What is Swordfish
100
caesar(1,'ibm')
What is hal?
100
AWS RDS help you with (a) Sharding (b) Security upgrades (c) Injection Protection (d) nothing
What is b? minor version patching
200
Economy of ________ : A simpler design is easier to test and validate
What is Economy of Mechanism
200
(T/F) Read permissions on a bucket does not mean you can read an object it that bucket
What is TRUE
200
Before he was Neo, Keanu Reeves was this hacker: http://bit.ly/2iuXXnv
What is Johnny Mnemonic
200
The biggest success of WWII crypto was breaking this cipher used by german u-boats
What is enigma?
200
AWS Shared Credentials are bad for authorization. AWS Shared Master keys are bad for _____________
What is data protection
300
__________ defaults : if no choice is made, there is no problem
What are safe defaults?
300
The bucket name in this s3 object: https://s3.amazonaws.com/trend/micro/accounting/report.csv
What is trend?
300
In this movie a teenager hacking leads to world war III http://images2.static-bluray.com/reviews/6568_1.jpg
What is War Games?
300
Hiding information inside a plainly readable document rather than encrypting it
What is steganography
300
Reputation proves that an asset can be what attackers want to get, but also what you want to _____________
What is protect?
400
https://youtu.be/cP4d74Qk3ac Complete __________ : access rights are checked every time an access occurs, from all entry points
What is complete mediation
400
all of these are good ways to restrict access to s3 object except: (a) ip (b) iam role (c) user agent (d) specific user
What is c? user agent? (it can be spoofed)
400
In this movie we defeated aliens with intergalactic malware http://bit.ly/2iYMBf3
What is Independence Day?
400
ROT13('hi')
What is uv?
400
______ number of hertz, is an audio tone used in phreaking, also the name of a hacking magazine.
What is 2600?
500
________ Design : security mechanisms should not depend on the ignorance of the attacker
What is Open Design
500
You get an 503 "slow down" error from s3. Following the principle "fail securely" means: (a) retry (b) stop
What is a? retry , exponential backoff retry
500
"2 morons and a keyboard," is a scene from this show which has become the golden standard of bad hacking representations https://www.youtube.com/watch?v=u8qgehH3kEQ
What is NCIS?
500
Vignere cypher used different alphabets every few words, making it one of the first ________ ciphers
What is polyalphabetic
500
Several ciphers are based on the fact that it is easy to multiply two prime numbers but hard to _____ the result
What is factor?
M
e
n
u