CIS-2337 Chap 6

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Data in transit

Data that is in motion

Secure Real-time Transport Protocol (SRTP)

A network protocol for securely delivering audio and video over IP networks.

Pretty Good Privacy (PGP)

A popular program used to encrypt and decrypt email and files

Message integrity

A crucial component of message security

Digital signature

A cryptographic implementation designed to demonstrate authenticity and identity associated with a message

Bcrypt

A key stretching algorithm. It is used to protect passwords. Bcrypt salts passwords with additional bits before encrypting them with Blowfish. This thwarts rainbow table attacks.

Password-Based Key Derivation Function 2 (PBKDF2)

A key-derivation designed to produce a key derived from a password

DNSSEC (Domain Name System Security Extensions)

A set of extensions to the DNS protocol that, through the use of cryptography, enables origin authentication of DNS data, authenticated denial of existence, and data integrity, but does not extend to availability or confidentiality

Birthday Attack

A special type of brute-force attack that gets its name from something known as the birthday paradox, which states that in a group of at least 23 people, the chance that two individuals will have the same birthday is greater than 50 percent.

Simple Network Management Protocol version 3 (SNMPv3)

A standard for managing devices on IP-based networks. SNMPv3 was developed to specifically address the security concerns and vulnerabilities of SNMPv1 and SNMPv2.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

A standard for public key encryption and signing of Multipurpose Internet Mail Extensions data in e-mails. S/MIME is designed to provide cryptographic protections to e-mails and is built into the majority of modern e-mail software to facilitate interoperability.

3. Transport Layer Security consists of which two protocols? A. The TLS Record Protocol and TLS Handshake Protocol B. The TLS Record Protocol and TLS Certificate Protocol C. The TLS Certificate Protocol and TLS Handshake Protocol D. The TLS Key Protocol and TLS Handshake Protocol

A. The TLS Record Protocol and TLS Handshake Protocol

7. What makes a digitally signed message different from an encrypted message? A. The digitally signed message has encryption protections for integrity and nonrepudiation. B. A digitally signed message uses much stronger encryption and is harder to break. C. The encrypted message only uses symmetric encryption. D. There is no difference.

A. The digitally signed message has encryption protections for integrity and nonrepudiation.

Transport Layer Security (TLS)

An IETF standard for the employment of encryption technology and replaces SSL.

Cipher Suite

An arranged group of algorithms

Secure Shell (SSH)

An encrypted remote terminal connection program used for remote connections to a server

Steganography

An offshoot of cryptography technology, gets its meaning from the Greek word steganos, meaning covered.

5. Which of the following is a detailed standard for creating and implementing security policies? A. PKIX B. ISO/IEC 27002 C. FIPS D. X.509

B. ISO/IEC 27002

4. What is the advantage of using a crypto module? A. Custom hardware adds key entropy. B. It performs operations and maintains the key material in a physical or logical boundary. C. It performs encryption much faster than general-purpose computing devices. D. None of the above.

B. It performs operations and maintains the key material in a physical or logical boundary.

6. Why does ECC work well on low-power devices? A. Less entropy is needed for a given key strength. B. Less computational power is needed for a given key strength. C. Less memory is needed for a given key strength. D. None of the above.

B. Less computational power is needed for a given key strength.

1. Which of the following is used to strengthen passwords from brute force attacks? A. Bcrypt2 B. PBKDF2 C. DNSSEC D. SSH-enabled logins

B. PBKDF2

10. Transport Layer Security for HTTP uses what port to communicate? A. 53 B. 80 C. 143 D. 443

D. 443

2. Why is LSB encoding the preferred method for steganography? A. It uses much stronger encryption. B. It applies a digital signature to the message. C. It alters the picture the least amount possible. D. It adds no additional entropy.

C. It alters the picture the least amount possible.

9. Which of the following is not an advantage of TLS v1.3 over TLS v1.2 and earlier? A. Removal of RC4 B. Reduction in round trips during handshakes C. Use of AES D. Restriction to AEAD ciphers

C. Use of AES

7. The use of multiple nearly identical messages can lead to the _______________ cryptographic attack method.

Collision

5. A _______________ is a software library that implements cryptographic functions.

Cryotographic Service Provider

Ephemeral keys

Cryptographic keys that are used only once after they are generated

8. Which of the following is a secure e-mail standard? A. POP3 B. IMAP C. SMTP D. S/MIME

D. S/MIME

1. _______________ is a protocol used to secure DNS packets during transmission across a network.

DNSSEC

Meet-in-the-middle attack

Involves attacking the problem from two directions and looking for the match

SFTP (Secure File Transfer Protocol)

Involves the use of FTP over an SSH channel. This leverages the encryption protections of SSH to secure FTP transfers. Because of its reliance on SSH, it uses TCP port 22.

4. ___________ provide precomputed answers to a problem.

Rainbow tables

Rainbow tables

Precomputed tables or hash values associated with passwords

10. _______________ is a popular encryption program that has the ability to encrypt and digitally sign e-mail and files.

Pretty Good Privacy (PGP)

9. Reusing previous user input to bypass security is an example of a(n) _______________ attack.

Replay

8. The _______________ is a network protocol for securely delivering audio and video over IP networks.

Secure Real-time Transport Protocol (SRTP)

2. A common encryption method designed to encrypt above the network layer, enabling secure sessions between hosts, is called ______________.

Secure Sockets Layer (SSL)

3. _______________ is the use of special encoding to hide messages within other messages.

Steganography

Data in use

Term used to describe data that is stored in a nonpersistent state of either RAM, CPU caches, or CPU registers

Downgrade attack

The attacker takes advantage of a commonly employed principle to support backward compatibility to downgrade the security to a lower or nonexistent state.

Data at rest

The most prominent use of encryption and is typically referred to as data encryption

Digital rights management (DRM)

The process for protecting intellectual property from unauthorized use

6. E-mails and their attachments can be secured using _______________.

Transport Encryption

Collision Attack

Where two different inputs yield the same output of a hash function.

Replay attack

Work against cryptographic systems like they do against other systems.

Cryptographic Service Provider (CSP)

a software library that implements cryptographic functions

Session key

a symmetric key used for encrypting messages during a communication session

Secure IMAP

are basically POP3 and IMAP, respectively, over an SSL/TLS session. Secure IMAP uses TCP port 993.

Secure POP3

are basically POP3 and IMAP, respectively, over an SSL/TLS session. Secure POP3 utilizes TCP port 995

Crypto Modules

use a hardware, software, or hybrid cryptographic engine contained within the boundary, and cryptographic keys that do not leave the boundary, maintaining a level of security.

Transport encryption

used to protect data that is in motion


Kaugnay na mga set ng pag-aaral

6th grade science. Oceans composition and characteristics

View Set

chapter 1 homework- anatomy & physiology

View Set

Barron's GRE with sentences - Complete Wordlist

View Set

FDA Drug Approval Process and Regulations

View Set