ISA3100 Chapter 8 Review, HS 155 Final (Chapter 8), Information Security Management Chapter 8,, Chapter 8: Information Security, Principles of Info Security (6th Ed.) -

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

__________ are encrypted messages that can be mathematically proven to be authentic. A) Digital signatures B) MAC C) Message certificates D) Message digests

A) Digital signatures

The CA periodically distributes a(n) _________ to all users that identifies all revoked certificates. A) CRL B) RA C) MAC D) RDL

A) CRL

Digital signatures should be created using processes and products that are based on the __________. A) DSS B) NIST C) SSL D) HTTPS

A) DSS

A __________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

MAC

Two basic processing methods are used to convert plaintext data into encrypted data

bit stream and block ciphering.

In a book cipher, the key consists of a list of codes representing the page number, line number, and word number of the plaintext word.

false

Digital Certificates

• Electronic document/container file containing key value and identifying information about entity that controls key. • Distinguished name (DN): uniquely identifies a certificate entity.

Public-Key Infrastructure (PKI)

• Integrated system of software, encryption methodologies, protocols, legal agreements, and thirdparty services enabling users to communicate securely

Substitution Cipher

• Substitutes or exchanges one value for another

Steganography

• The process of hiding messages; for example, hiding a message within the digital encoding of a picture or graphic so that it is almost impossible to detect that the hidden message even exists • Also known as the art of secret writing

Book-Based Ciphers

• Uses text from a predetermined book as a key to decrypt a message. • Book cipher: ciphertext consists of a list of codes representing page, line, and word numbers of plaintext word.

Cryptography = The process of making and using codes to secure information Cryptanalysis = The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption

1. What are cryptography and cryptanalysis?

> Digital signatures are encrypted message components that can be mathematically proven as authentic > Digital certificates are public-key container files that allow PKI system components and end users to validate a public key and identify its owner. > Difference: A digital certificate is a wrapper for a key value. A digital signature is a combination of a message digest and other information used to assure nonrepudiation.

10. What is the difference between a digital signature and a digital certificate?

The Diffie-Hellman exchange uses session keys, which protects data from exposure to third parties, which is sometimes a problem when keys are exchanged out of band.

11. What critical issue in symmetric and asymmetric encryption is resolved by using a hybrid method like Diffie-Hellman?

> Steganography is the process of hiding messages. > Used to hide a message in the digital encoding of a picture/graphic so it's impossible to detect that the hidden message even exists / protects confidentiality of information in transit. Steganography is a process used to hide messages within digital encoding of pictures and graphics. It is a concern for security professionals because hidden messages can contain sensitive information that needs to be protected.

12. What is steganography, and what can it be used for?

> Secure HTTP (S-HTTP): An extended version of HTTP that provides for the encryption of protected web pages transmitted via the internet between a client and server > Secure Sockets Layer (SSL): A security protocol developed by Netscape to use public key encryption to secure a channel over the internet. > Secure Electronic Tansactions (SET): A protocol developed by credit card companies to protect against electronic payment fraud.

13. Which security protocols are predominantly used in Web-based electronic commerce?

> S/MIME (Secure Multipurpose Internet Mail Extensions): Security protocol that builds on the encoding format of the multipurpose internet mail extensions protocol and uses digital signatures based on public key cryptosystems to secure email. > PEM (Privacy-Enhanced Mail): A standard proposed by the internet engineering task force that uses 3des symmetric key encryption and RSA for key exchanges and digital signatures > PGP (Pretty Good Privacy): Hybrid cryptosystem that combines some of the best available cryptographic algorithms.

14. Which security protocols are used to protect e-mail?

> Modes: Transport and Tunnel > Transport: Only packet's IP data is encrypted, NOT the IP headers; this allows intermediate nodes to read source and destination addresses. > Tunnel: ENTIRE IP packet is encrypted and inserted as the payload in another IP packet. Systems at the ends of the tunnel must act as proxies to send and receive the encrypted packets and transmit the packets to their destination

15. IPSec can be implemented using two modes of operation. What are they?

> Uses pre-identified terms: Dictionary attack > All possible key combinations: Brute force attack (?)

16. Which kind of attack on cryptosystems involves using a collection of pre-identified terms? Which kind of attack involves sequential guessing of all possible key combinations?

SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm.

160

> Key size: 128+ > Why: The current "gold standard" is to ensure that all computing device are capable of AES 256 bit encryption. The more bits, the better. 128 gives you 19 sextillion years, so...

17. If you were setting up an encryption-based network, what key size would you choose and why?

> Key size: WPA used 128-bit keys, and NextGen Wireless Protocols such as RNS uses up to 256

18. What is the typical key size of a strong encryption system used on the Web today?

> Standard: Advanced Encyption Standard (AES): Current federal standard for the encryption of data, as specified by NIST. Based on Rijndael algorithm, developed by VINCENT RIJMEN an JOAN DAEMEN - should be unclassified, publicly disclosed, and available royalty-free worldwide - implements Rijndael Block Cipher with variable block length and key length of 128, 192, 256 bits

19. What encryption standard is currently recommended by NIST?

Concealing military and political secrets while they were transported from place to place Julius Caesar (50 B.C)

2. What was the earliest reason for the use of cryptography?

> SET, SSL, S-HTTP, Secure Shell (SSH-2), and IP Security (IPSec) > SET (Secure Electronic Transactions): --Developed by MasterCard and Visa in 1997 to protect against electronic payment fraud --Uses DES to enrcypt card info transfers and RSA for key exchange --Internet-based AND in-store swipes > SSL (Secure Sockets Layer): --Developed by Netscape to use a public-key encryption to secure a channel over the Internet --Most popular browsers use it --Provides 2 protocols in TCP framework: SSL Record Protocol and Standard HTTP > S-HTTP (Secure HTTP): --Extended version of HTTP --Provides for encryption of protected Web pages transmitted via Internet between client and server --Application of SSL over HTTP, protected and secure virtual connection --Designed for sending indiv messages over the Internet, so session must be established --Provides confidentiality, authentication, and data integrity > IPSec (IP Security): --PRIMARY and DOMINANT cryptographic authentication and encryption product --Created by IETF's IP Protocol Security Working Group --Made for TCP/IP family of protocol standards --Provides application support for all users in TCP/IP, including VPNs --Protect data integiryt, user confidentiality, and authenticity at IP level --Defined in REquest for Comments (RFC) 1825, 1826, 1827 --Widely used to create VPNs --Open framework --Includes IP Sec protocol itself --Used to secure comms across IP-based networks such as LANs, WANs, and Internet

20. What are the most popular encryption systems used over the Web?

Cryptographic key = Information used in conjunction with the algorithm to create the ciphertext from plaintext or derive the plaintext from ciphertext. Can be a series of bits used in a math algorithm of the knowledge of how to manipulate the plaintext. Formal name: Cryptovariable

3. What is a cryptographic key, and what is it used for? What is a more formal name for a cryptographic key?

> Substitution Cipher: One value is substituted for another > Transposition Cipher: Block values are rearranged based on an established pattern. AKA permutation cipher > Exclusive OR operation (XOR): Two bits are compared; identical = 0, not identical = 1

4. What are the three basic operations in cryptography?

> Out of band: Using a channel or band other than the one carrying ciphertext > Importance: The primary challenge of symmetric key encryption is getting the key to the receiver, and it mus be done OUT OF BAND. Key exchange must either be done OUT OF BAND or using a secured method so that the key is not intercepted and used to read the secret message.

6. What does it mean to be "out of band"? Why is it important to exchange keys out of band in symmetric encryption?

In symmetric encryption, the key that is used to encrypt/decrypt is the same and anyone that is in possession of the key can decrypt an encrypted transmission. In asymmetric encryption, there is an "A" key and a "B" key. Either key can be used to encrypt, but only the opposite key can be used to decrypt the message.

7. What is the fundamental difference between symmetric and asymmetric encryption?

PKI makes the use of cryptographic systems more convenient and cost-effective. Enable the protection of information assets by making verifiable digital certificates readily available to business applications Greatest value when one key serves as a private key and the other serves as a public key

8. How does public-key Infrastructure add value to an organization seeking to use cryptography to protect information assets?

> Certificate authority: third party that manages users' digital certificates / issues, manages, authenticates signs, and revokes users' digital signatures > Registration authority: third party that operates under the trusted collaboration of the certificate authority and handles day-to-day certification functions / verifying registration information , generating end-user keys, revoking certificates, and validating user certificates > Certificate directories: Central locations for certificate storage that provide a single access point for administration and distribution > Management protocols: Organize and manage communications among CAs, RAs, and end users / functions and procedures for setting up new users, issuing keys, updating keys, revoking keys, and enabling transfer of certificates and status > Policies and procedures: Assist an organization in the application and management of certificates / legal liabilities and limitations

9. What are the components of PKI?

Asymmetric Encryption

A cryptographic method that incorporates mathematical operations involving two different keys (commonly known as the public key and the private key) to encipher or decipher a message.

Vernam Cipher

A cryptographic technique developed at AT&T and known as the "one-time pad." • This cipher uses a set of characters for encryption operations only one time and then discards it.

__________ is the process of converting an original message into a form that is unreadable to unauthorized individuals. A) Encryption B) Decryption C) Cryptology D) Cryptography

A) Encryption

_________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications. A) PGP B) DES C) AH D) ESP

A) PGP

A(n) distinguished name uniquely identifies a certificate entity, to a user's public key. _________________________ A) True B) False

A) True

AES implements a block cipher called the Rijndael ​Block Cipher. _________________________ A) True B) False

A) True

Bluetooth is a de facto industry standard for short-range wireless communications between devices. A) True B) False

A) True

Ciphertext or cryptogram is the encoded message, or a message that has been successfully encrypted. _________________________ A) True B) False

A) True

Hash algorithms are public functions that create a message digest by converting variable-length messages into a single fixed-length value. _________________________ A) True B) False

A) True

In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher. A) True B) False

A) True

Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocol. A) True B) False

A) True

Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level. _________________________ A) True B) False

A) True

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny. A) True B) False

A) True

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message. A) True B) False

A) True

PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities. A) True B) False

A) True

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms. A) True B) False

A) True

Pretty Good Privacy (PGP) uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted. _________________________ A) True B) False

A) True

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the MIME protocol and uses digital signatures based on public key cryptosystems to secure e-mail. _________________________ A) True B) False

A) True

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images. A) True B) False

A) True

The encapsulating security payload protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. A) True B) False

A) True

The most common hybrid system is based on the Diffie-Hellman key exchange, which is a method for exchanging private keys using public key encryption. A) True B) False

A) True

The most popular modern version of steganography involves hiding information within files that contain digital pictures or other images. _________________________ A) True B) False

A) True

The permutation cipher simply rearranges the values within a block to create the ciphertext. A) True B) False

A) True

When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message. A) True B) False

A) True

Transposition Cipher

Also known as a permutation cipher; involves simply rearranging the values within a block based on an established pattern.

The __________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. A) ESP B) AH C) HA D) SEP

B) AH

At the World Championships in Athletics in Helsinki in August of 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting. A) Ipad tablets B) Bluetooth mobile phones C) WiFi routers D) laptop Macintosh computers

B) Bluetooth mobile phones

3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time. A) True B) False

B) False

A brute force function is a mathematical algorithms that generate a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity. A) True B) False

B) False

A cryptovariable is a value representing the application of a hash algorithm on a message. A) True B) False

B) False

A multipart authentication code (MAC) is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. _________________________ A) True B) False

B) False

Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key. A) True B) False

B) False

As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES. _________________________ A) True B) False

B) False

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood. _________________________ A) True B) False

B) False

Hashing functions require the use of keys. A) True B) False

B) False

In 1953, Giovan Batista Bellaso introduced the idea of the passphrase (password) as a key for encryption. A) True B) False

B) False

In a book cipher, the key consists of a list of codes representing the page number, line number, and word number of the plaintext word._________________________ A) True B) False

B) False

In transport mode the entire IP packet is encrypted and is then placed as the content portion of another IP packet. _________________________ A) True B) False

B) False

SSL builds on the encoding format of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on public key cryptosystems to secure e-mail. A) True B) False

B) False

Sequence encryption is a series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor, and this process continues until the message reaches the final destination. A) True B) False

B) False

Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. _________________________ A) True B) False

B) False

The AES algorithm was the first public key encryption algorithm to use a 256 bit key length. A) True B) False

B) False

The S-HTTP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, and key management. A) True B) False

B) False

The application header (AH) protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification. _________________________ A) True B) False

B) False

The number of horizontal and vertical pixels captured and recorded is known as the image's contrast. _________________________ A) True B) False

B) False

To encipher means to decrypt, decode, or convert, ciphertext into the equivalent plaintext. _________________________ A) True B) False

B) False

To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent the plaintext that needs to be encrypted. A) True B) False

B) False

UltraViolet wireless (UVW) is a de facto industry standard for short-range wireless communications between devices. _________________________ A) True B) False

B) False

Usually, as the length of a crytpovariable increases, the number of random guesses that have to be made in order to break the code is reduced. A) True B) False

B) False

Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information. _________________________ A) True B) False

B) False

You cannot combine the XOR operation with a block cipher operation. A) True B) False

B) False

__________ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding. A) PEM B) PGP C) S/MIME D) SSL

B) PGP

__________ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely. A) MAC B) PKI C) DES D) AES

B) PKI

The __________ algorithm, developed in 1977, was the first public key encryption algorithm published for commercial use. A) DES B) RSA C) MAC D) AES

B) RSA

A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption. A) asymmetric B) symmetric C) public D) private

B) symmetric

• Plaintext can be encrypted through:

Bit stream - Block cipher

SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. A) 48 B) 56 C) 160 D) 256

C) 160

__________ is the current federal information processing standard that specifies a cryptographic algorithm used within the U.S. government to protect information in federal agencies that are not a part of the national defense infrastructure. A) DES B) 2DES C) AES D) 3DES

C) AES

__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet. A) PEM B) SSH C) IPSec D) SET

C) IPSec

__________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. A) Password B) Cipher C) Key D) Passphrase

C) Key

More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions. A) multialphabetic B) monoalphabetic C) polyalphabetic D) polynomic

C) polyalphabetic

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version. A) timing matrix B) agile scrum C) rainbow table D) smurf list

C) rainbow table

The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. A) Standard HTTP B) SFTP C) S-HTTP D) SSL Record Protocol

D) SSL Record Protocol

__________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown. A) Code B) Algorithm C) Key D) Work factor

D) Work factor

human error

Human errors are usually defined as circumstances in which planned actions, decisions or behaviors reduce — or have the potential to reduce — quality, safety and security

Hash Functions

Mathematical algorithms that create a message summary or digest to confirm message identity and integrity Message authentication code (MAC) may be attached to a message

protocols designed to enable secure communications across the Internet.

S-HTTP (Secure Hypertext Transfer Protocol), Secure Electronic Transactions (SET), and SSL (Secure Sockets Layer)

protocols that are used to secure e-mail.

Secure Multipurpose Internet Mail Extensions (S/MIME), Privacy Enhanced Mail (PEM), and Pretty Good Privacy (PGP)

examples of human errors

System misconfiguration; Poor patch management; Use of default usernames and passwords or easy-to-guess passwords; Lost devices; Disclosure of information via an incorrect email address; Double-clicking on an unsafe URL or attachment;

most modern Wi-Fi networks are now protected with

WPA2.

> Hash function: Mathematical algorithms > Use: Generates a message summary/digest to confirm message identity and integrity

What is a hash function, and what can it be used for?

Bit stream methods commonly use algorithm functions like the exclusive OR operation (__________).

XOR

misfeasor

a legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges.

intrusion detection

a security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner.

unintentional threats to information systems

acts performed without malicious intent that never less represent a serious threat to information security

common vulnerability and exposures (CVE) list

aims to provide common names and indentifies for all publicly known software vulnerabilites

masquerader

an individual who is not authorized to use the computer and who penetrates a system's access controls to exploit a legitimate user's account.

clandestine user

an individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection.

Internet Protocol Security (IPSec)

an open-source protocol framework for security development within the TCP/IP family of protocol standards.

threat

any danger to which a system may be exposed

untrusted network

any network external to your organization

trusted network

any network within your organization

invisibility

assets in IS are not tangible artifacts that can be seen or felt, instead they are binary types of data (0s and 1s)

four components of the information security model

assets, vulnerability, threats, controls

social engineering

attack in which the perpetrator uses social skills to track or manipulate legitimate employees into providing confidential company information such as passwords

scanning

attack that occurs when an attacker probes a target network or system by sending different kinds of packets. Using the responses received from the target, the attacker can learn many of the sytem's characteristics and vulnerabilities. This attack acts as a target identification tool for an attacker.

most common type of social engineering

attacker impersonates someone else on the telephone, claiming that he forgot his password

false positive

authorized users identified as intruders

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood.

false

Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called public-key encryption.

false

Hashing functions require the use of keys.

false

data safeguards

data rights and responsibilities passwords encryption backup and recovery physical security

resource or information that is to be protected

data, hardware, and software

honeypot

decoy system designed to lure a potential attacker away from critical systems. Designed to divert an attacker from accessing critical systems, collect information about attacker's activity, and encourage the attacker to stay on the system long enough for administrators to respond.

• Secure Sockets Layer (SSL) protocol

developed by Netscape; uses public-key encryption to secure channel over public Internet.

- Bit stream

each plaintext bit is transformed into a cipher bit one bit at a time.

what causes the most data breaches

employee negligence

Digital signatures

encrypted messages that are independently verified by a central facility, and which provide nonrepudiation.

__________ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

encryption

availability

ensuring timely and reliable access to and use of information

payload

examples of payloads include data destruction, managers with insulting text or spurious e-mail messages sent to a large number of people

• Secure Hypertext Transfer Protocol (S-HTTP)

extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet.

3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time.

false

A brute force function is a mathematical algorithm that generates a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity.

false

Asymmetric encryption systems use a single key to both encrypt and decrypt a message.

false

S-HTTP is an extended version of Hypertext Transfer Protocol that provides for the encryption of protected e-mail transmitted via the Internet between a client and server.

false

Standard HTTP (S-HTTP) is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages transmitted via the Internet between a client and server.

false

Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message

false

To encipher means to decrypt, decode, or convert ciphertext into the equivalent plaintext.

false

To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent the plaintext that needs to be encrypted.

false

UltraViolet wireless (UVW) is a de facto industry standard for short-range wireless communications between devices.

false

Usually, as the length of a cryptovariable increases, the number of random guesses that have to be made in order to break the code is reduced.

false

Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information.

false

integrity

guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity

exposure

harm, loss, or damage that can result if a threat compromises that resource

_________ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

hash

why is information security important to small businesses

have fewer resources and therefore can be destroyed by a data breach

human safeguards

hiring training education procedure design administration assessment compliance accountability

rule-based anomaly detection

historical audit records are analyzed to identify usage patterns and to generate automatically rules that describe these patterns. Rules may represent past behavior patterns of users, programs, privileges, time slots, terminals, and so on. Current behavior is observed and each transaction is matched against the set of rules to determine if it conforms to any historically observed pattern of behavior.

loss of infrastructure

human error malicious attacks natural disaster

technical safeguards

identification and authorization encryption firewalls malware protection application design

inline sensor

inserted into a network segment so that the traffic that it is monitoring must pass through the sensor.

• Public-key infrastructure (PKI)

integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services. PKI includes digital certificates and certificate authorities

false negative

intruders are not identified as intruders

two differences between conventional and information assets

invisibility and duplicability

anomaly detection

involves the collection of data relating to the behavior of legitimate users over a period of time. Then statistical tests are applied to observed behavior to determine with a high level of confidence whether that behavior is not legitimate user behavior. Two approaches: threshold detection and profile based

Template cipher

involves use of hidden message in book, letter, or other message; requires page with specific number of holes cut into it.

beacons

is an object embedded in a web page or email, which unobtrusively (usually invisible) allows checking that a user has accessed the content

A __________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.

key

The strength of many encryption applications and cryptosystems is determined by

key size.

__________ is the entire range of values that can possibly be used to construct an individual key.

keyspace

The science of encryption

known as cryptology, encompasses cryptography (making and using encryption codes) and cryptanalysis (breaking encryption codes

Hash functions

mathematical algorithms that generate a message summary, or digest, that can be used to confirm the identity of a specific message, and confirm that the message has not been altered.

Block cipher

message is divided into blocks (e.g., sets of 8- or 16-bit blocks), and each is transformed into encrypted block of cipher bits using algorithm and key.

passive sensor

monitors a copy of network traffic, the actual traffic does not pass through the device. More efficient than inline sensor because it does not add an extra handling step that contributes to packet delay.

network-based IDS (NIDS)

monitors network traffic for particular network segments or devices and analyzes network, transport, and application protocols to identify suspicious activity.

host-based IDS

monitors the characteristics of a single host and the events occurring within that host for suspicious activity

Data Encryption Standard (DES)

one of the most popular symmetric encryption cryptosystems. - 64-bit block size; 56-bit key

shoulder surfing

perpetrator watches an employee's computer screen over the employee's shoulder

More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions.

polyalphabetic

vulnerability

possibility that the system will be harmed by a threat

confidentiality

preserving authorized restrictions on access and disclosure, including means for protecting personal property and proprietary information

malicious attacks

pretexting, phishing, spoofing, sniffing, and hacking

incorrect data modification

procedures not followed correctly or incorrectly designed increasing a customer's discount or incorrectly modifying employee's salary placing incorrect data on company web-site system errors faulty recovery actions after a disaster

Encryption

process of converting a message into a form that is unreadable to unauthorized people.

IPSec

protocol used to secure communications across any IP-based network, such as LANs, WANs, and the Internet.

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version.

rainbow table

information security

refers to all of the processes and policies designed to protect an organization's information and information systems from unauthorized use, disclosure, disruption, modification, or destruction

controls

safeguards used to minimize the impact of threats

decreasing skills necessary to be a computer programmer

scrips- users with few skills can download and use to attack any information system connected to the internet

worms

segment of computer code that performs malicious actions and will replicate, or spread, by itself

lack of management support

senior managers must set the tone, unfortunately they don't

spyware and adware symptoms

slow system startup sluggish system performance many pop-up advertisements suspicious browser homepage changes

trojan horses

software programs that hide in other computer programs and reveal their designed behavior only when they are activated

accountant management

standards for new user accounts, modification of account permissions, removal of unnedded accounts

The other major methods used for scrambling data

substitution ciphers, transposition ciphers, the XOR function, the Vigenère cipher, and the Vernam cipher

A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption.

symmetric

Most cryptographic algorithms can be grouped into two broad categories

symmetric and asymmetric. Most popular cryptosystems combine the two.

tailgating

technique designed to allow the perpetrator to enter restricted areas that are controlled with locks or card entry

signature detection

techniques that detect intrusion by observing events in the system and applying a set of rules thta lead to a decision regarding whether a given pattern of activity is or is not suspicious. Two types: rule-based anomaly detection and rule-based penetration identification.

Steganography

the hiding of information. It is not properly a form of cryptography, but is similar in that it is used to protect confidential information while in transit.

smaller, faster, cheaper computers and storage devices

these characteristics make it easier to steal or lose a computer storage device that contains huge amounts of sensitive information

hacker

those who break into computers for the thrill of it or for status. Often look for targets of opportunity and then share the information with others.

responsibility of custodians of information

to provide the privacy to individuals whose information they have in their possession

five key factors to the increasing vulnerability of organizational information resources make it more difficult to secure them

today's interconnected, interdependent, wirelessly networked business environment smaller, faster, cheaper computers and storage devices, decreasing skills necessary to be a computer programmer international organized crime taking over cybercrime lack of management support

Bluetooth is a de facto industry standard for short-range wireless communications between devices.

true

Ciphertext or a cryptogram is an encoded message, or a message that has been successfully encrypted.

true

Hash algorithms are public functions that create a message digest by converting variable-length messages into a single fixed-length value.

true

In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher.

true

Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level

true

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.

true

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message.

true

PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities.

true

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.

true

Pretty Good Privacy (PGP) uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted

true

Secure Electronic Transactions was developed by MasterCard and Visa in 1997 to protect against electronic payment fraud.

true

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images.

true

The most popular modern version of steganography involves hiding information within files that contain digital pictures or other images.

true

When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message.

true

t/f a very small fraction of the treats will cause real damage to the organization

true

t/f an information system that is unavailable is not useful

true

t/f conventional security methods such as lock and guards are not very effective at maintaining IS

true

t/f higher the level of employee, the greater the threat he or she poses to information security

true

t/f if your data is stolen you will not notice until it is brought to your attention becasue it can be easily duplicated

true

t/f most threats are blocked by the controls commonly adopted by organizations

true

t/f the information security profession revolves around systematically indetifying the information assets, vulnerabilities, threats, and controls and deploying controls appropriately so that the money spend on these controls delivers the greatest possible benefit to the organization

true

banner grabbing

typically consists or initiating a connection to a network server and recording the data that is returned at the beginning of the session. This information can specify the name of the application, version number, and even the operating system that is running the server.

intruder

typically follow patterns that differ from those of ordinary users. Engage in trespass that could take the form of unauthorized login to a machine or acquisition or privileges or performance of actions beyond those that have been authorized.

malware safeguards

use antivirus and antispyware programs scan frequently update malware definitions open email attachments from known sources install software updates browse only reputable internet neighborhoods

password management

users should change passwords frequently

Pretty Good Privacy (PGP)

uses IDEA Cipher for message encoding

Running key cipher

uses a book for passing the key to cipher similar to Vigenère cipher; sender provides encrypted message with sequence of numbers from predetermined book to be used as an indicator block.

rule-based penetration

uses rules for identifying known penetrations or penetrations that would exploit known weaknesses. Rules can also be defined that identify suspicious behavior, even when the behavior is within the bounds of established patterns of usage.

ATLAS

uses sensors deployed at ISPs around the world to gather real-time information about threats being faced by organizations

__________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown.

work factor

Exclusive OR (XOR)

• A function within Boolean algebra used as an encryption function in which two bits are compared. Very simple to implement and simple to break


Kaugnay na mga set ng pag-aaral

F Unit 4 Your Rights: Freedom of Expression Freedom of Speech, Freedoms of the press and assembly First Amendment limits and protects freedom of expression, Tinker, Shenk, New york, Texas, Edwards, prior restriant, libel

View Set

Design Key Terms- Lesson 1.2 Crossword

View Set