Notes, summaries, assignments, exams, and problems for Computers

**CIA Triad: Core Security Principles**

The CIA Triad consists of Confidentiality, Integrity, and Availability. These are the fundamental goals of information security.

**Threat Modeling: Proactive Security**

Threat modeling involves system decomposition and emphasizes security by design.

**Kerckhoffs's Principle: System Security**

Kerckhoffs's Principle states that:

1. Security should not depend on the secrecy of the system's design, but only on the secrecy of the key.
2. The system should be usable.
3. Keys must be easy to change.

**One-Time Pad: Unbreakable Encryption**

A One-Time Pad is an algorithm that XORs the message with a randomly generated key of equal length. It is secure if:

1. The key is truly random.
2. The key is as long as the message.
3. Each key is used

Scene 1:

• Everyone shows up in a round table with computers thinking on what is the new game they will create.

• Poster: Brainstorm of ideas

• Carla: What game should we create now?

• Andrea: We can create a city!

• Bernardo: Yes! Let’s create a game that allows creating and simulating the life of your own avatar.

• Ines: That will be perfect! We can design clothes and accessories for the avatars

• Cuesta: That is a great idea, and it will not take too much time to code.

• Carla: We can also adapt the game so people can play using their smartphones.

• Everyone: Great let's call it... BIM’S!

Scene 2:

• Cuesta: You sit down in front of a computer and start typing codes. Let’s start with the coding

  • Question to Bernardo: Bernardo, do you remember the coding of how to make

Double DES

Use 2 keys to encrypt. Meet in the middle attack. Find E(M1) = D(C1).

ECB

Each block is encoded with the same key, information leakage can occur with repeated messages, parallelizable. Block replay attack – While monitoring. (Find and play repeated messages)

CBC

Used with a key – but not secret. Plaintext can produce different ciphers based on IV -> limits info leaks. Patterns still emerge for long messages. The problem – no integrity.

Diffie Hellman

1. Choose two large primes: p and g.
2. Choose a and b from [1, p-2].
3. Calculate A/B = g^[a/b] mod p.
4. Calculate s = B/A^[a/b] mod p.
5. k = SHA256(s)
6. Use k as the key for CBC.

Vulnerable to Man-in-the-Middle attack: Change A and B to p.

RSA

1. Generate 2 large distinct primes p and q.
2. n = pq, phi = (p-1)

CIA Triad

The CIA Triad consists of Confidentiality, Integrity, and Availability. Related concepts include Authentication, Accountability, and Auditability.

Types of Harm

• Interception
• Interruption
• Modification
• Fabrication

Web Technologies

HTML

• GET: Embeds parameters into the URL.
• POST: Sends data directly to the server; more secure.

PHP

• PUT: Used to create or replace a file at the specified URL. Sends data like POST, more suitable for uploading files.

Penetration Testing

5 Steps to Penetration Testing:

1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Clearing Tracks

Security Controls

• Prevention: Outright stopping an attack.
• Deterrence: Making an attack harder.
• Deflection: Making a target less attractive.
• Mitigation: Lessening the harm.
• Detection: Identifying

NETWORKING

1- Characteristics of Electronic Cables

Impedance, attenuation, and capacitance are crucial in electronic cables.

Impedance:

Resistance to electron movement in an AC circuit, measured in ohms (Ω).

Attenuation:

Resistance to electron flow, measured in db/m.

Capacitance:

Energy storage in a cable, measured in picofarads (pF).

2- Physical Description of Cables

Twisted Pair: Protects against crosstalk and noise.

Coaxial Cable: Consists of copper conductor, plastic insulation, and shielding.

Fiber-Optic Cable: Core, cladding, buffer, strengthening material, and outer jacket.

3- UTP vs. STP

Shielding reduces electrical noise in STP but makes installation complex.

4- Crimping RJ-45 UTP Cables

Creates straight-through and crossover cables for connecting... Continue reading "Understanding Networking: Cables, Protocols, and Topologies" »

Java Programming Fundamentals

This document provides a quick reference to fundamental Java programming concepts, including object-oriented programming basics, common data structures like ArrayLists, handling user input, string manipulation, type conversion, and file input/output operations.

Object-Oriented Programming: The Persona Class

Below is a basic definition of a Persona class, illustrating fields and a constructor. In a complete implementation, you would also include getter and setter methods for each field.

public class Persona {
    private String nombre;
    private int ojos;
    private int piernas; // Added for completeness based on constructor
    private int brazos; // Added for completeness based on constructor

    public Persona(

Customer Feedback and Catalog Request

Please fill out this form to provide feedback on the event and indicate your preferences for receiving our catalog.

Personal Information

Name:

[Name Field]

Surname:

[Surname Field]

Password:

[Password Field]

Event Feedback

Did you enjoy the event?

Please write your comments here.

Yes, I would like to receive the catalog.

Payment Method

Preferred Payment Method:

• Credit Card
• Postal Order
• Cash on Delivery (Unavailable)

Catalog Language

In which language would you like to receive the catalog?

• Spanish
• English
• German (Unavailable)

Address Details

Type of street:

Street Avenue Square Other

Preferred Means of Transport

Preferred Means of Transport:

Plane Train Ship Bus Van

Destination

Destination:

Athens Dublin Istanbul Lisbon London Oslo Paris... Continue reading "Customer Feedback and Catalog Request Form" »

Functions and Arguments

A function is a module of program code that takes input (arguments) and produces output (a return value).

• Arguments allow us to customize the operation performed by the function.
• The return value is often the result of executing the code.
• Calling a function causes the code in a function to execute. If called again, it will execute again.

To document a function, use a multi-line comment immediately after the def line.

Local Variables

Local variables are variables used inside functions.

• They are accessible/usable within that function only.
• This refers to the variable's scope.

Global Variables

Global variables are variables used outside of a function.

• Global variables' scope includes both inside and outside of functions.
• However, since

Understanding Computer Security

Common Threats

• Worm: Designed to replicate itself, a worm operates as a standalone application, unlike a virus.
• Trojan: Disguised as a legitimate program (e.g., a screensaver), a Trojan operates covertly to inflict damage.
• Phishing: Attackers impersonate trustworthy entities to steal sensitive information, exploiting social engineering tactics.

Network and Security Concepts

• Simple Mail Transfer Protocol (SMTP): A standard for email communication, SMTP is known for its lack of robust security.
• Sandboxes: Software environments that isolate programs to prevent them from harming the host system, commonly used in web browsers.

Wireless Security

• Wireless Internet (Wi-Fi): Enables wireless communication between devices, forming