Module 06: Basic Cryptography

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What are public key systems that generate different random public keys for each session?

perfect forward secrecy

blockchain

A shared, immutable ledger that facilitates the process of recording transactions and tracking assets in a business network.

low latency

A small amount of time that occurs between when a byte is input into a cryptographic algorithm and the time the output is obtained.

quantum communication

A subcategory of quantum cryptography used to secure telecommunications.

Ephemeral keys

A temporary key that is used only once before it is discarded.

data in transit

Actions that transmit the data across a network.

Which is the strongest symmetric cryptographic algorithm?

Advanced Encryption Standard

hash

An algorithm that creates a unique digital fingerprint.

stream cipher

An algorithm that takes one character and replaces it with one character.

elliptic curve cryptography (ECC)

An algorithm that uses elliptic curves instead of prime numbers to compute keys.

downgrade attack

An attack in which the system is forced to abandon the current higher security mode of operation and "fall back" to implementing an older and less secure mode.

What weakness does RSA (Rivest-Shamir-Adleman; a public-key cryptosystem) have

As computers become more powerful, the ability to compute factoring has increased.

What is NOT a characteristic of a secure hash algorithm?

Collisions should occur no more than 15 percent of the time.

algorithm

Consists of procedures based on a mathematical formula used to encrypt and decrypt the data. Also called a cipher.

post-quantum cryptography

Cryptographic algorithms that are secure against an attack by a quantum computer.

asymmetric cryptographic algorithms

Cryptography that uses two mathematically related keys. (knows as public key cryptography)

Data in processing

Data actions being performed by "endpoint devices," such as printing a report from a desktop computer.

Data at rest

Data that is stored on electronic media.

When implementing segmentation as a proactive measure, which of the following types of segments exist on a network?

Datacenter, Guests, & Users

Which of the following is not to be decrypted but is only used for comparison purposes?

Digest

self-encrypting drives (SEDs)

Drives that can automatically encrypt any data stored on them.

Symmetric cryptographic algorithms

Encryption that uses a single key to encrypt and decrypt a message. (Knowns as private key cryptography,)

True or False: Opal is a standard for FEDs.

False

True or False: Software Restriction Policy for restricting applications applies only to an individual user and not to a group of users

False

True or False: The basis of a quantum computer is a bit.

False

True or False: Unencrypted data that is input for encryption or is the output of decryption is called cleartext.

False

If two segments need to talk to each other in a segmented network, which of the following is required?

Firewall

steganography

Hiding the existence of data within another type of file, such as an image file.

Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)?

It includes a pseudorandom number generator (PRNG).

Obfuscation

Making something obscure or unclear.

perfect forward secrecy

Public key systems that generate different random public keys for each session.

low-power devices

Small electronic devices that consume very small amounts of power.

Which encryption algorithms are examples of lightweight cryptography?

TWINE & OTR

high resiliency

The ability to quickly recover from resource vs. security constraints.

Entropy

The measure of randomness of a datagenerating function.

key length

The number of bits in a key.

cryptography

The practice of transforming information so that it is secure and cannot be understood by unauthorized persons.

decryption

The process of changing encrypted text into the original text.

encryption

The process of changing plaintext into ciphertext.

hashing

The process of creating a digital fingerprint.

nonrepudiation

The process of proving that a user performed an action.

key exchange

The process of sending and receiving secure cryptographic keys.

Cryptography can be implemented through software running on a device. Encryption can also be performed on a larger scale by:

encrypting the entire disk drive itself.

Opal

A set of specifications for SEDs developed by the Trusted Computing Group (TCG).

Trusted Platform Module (TPM)

A chip on the motherboard of the computer that provides cryptographic services.

block cipher

A cipher that manipulates an entire block of plaintext at one time.

quantum computer

A computer that relies on quantum physics using atomic-scale units (qubits) that can be both 0 and 1 at the same time.

weak key

A key that causes the cipher to behave in unpredictable ways or may compromise overall security.

resource vs. security constraint

A limitation in providing strong cryptography due to the "tug-of-war" between the available resources (time and energy) and the security provided by cryptography.

collision

When two files have the same hash (produce the same digest).

Hardware Security Module (HSM)

A removable external cryptographic device.

What are the key lengths of the Twofish Encryption model?

128, 192, 256-bit

The key sizes available in ECC are:

160, 224, 256, 384, 521 bits

What is the minimum key size in Elliptical Curve Cryptography (ECC)?

160-bits

What is the key length of the Triple-DES (3DES)?

168-bit

What is the key length of the Advanced Encryption Standard (AES)?

256-bit

What is the key length of the Data Encryption Standard (DES) algorithm?

56-bit

lightweight cryptography

A category of cryptography that has fewer features and is less robust than normal cryptography.

longevity

The useful lifetime of service of a cipher.

In asymmetric key encryption, what is the next step when a client initiates a session with a web server that is configured with a certificate?

The web server sends a certificate to the web browser

True or False: An administrator can blacklist or whitelist applications that the users can run using Software Restriction Policies

True

True or False: Asymmetric cryptography keys can work in both directions.

True

True or False: If an application or a specific path that contains the executables is blacklisted, then all executables within the defined path are blacklisted

True

True or False: Using a digital signature does not encrypt the message itself.

True

Which benefit will a digital signature NOT provide?

Verify the receiver


Kaugnay na mga set ng pag-aaral

CH41 Obstetrics - Normal Childbirth

View Set

MedSurg - 2 Community Based Nursing

View Set

Chapter 9 Review Questions (Therapeutic Communication)

View Set

Database management ch 7 Business Intelligence

View Set

Tuening Points of the Revolution

View Set

HLTH 4390 ENIVIRONMENTAL HLTH MIDTERM EXAM REVIEW

View Set

Rule of Law, Sovereignty of Parliament, and Parliament

View Set

midterm 3 review part 2 (operation management)

View Set

Lesson 3.2: Learning the Key Terms

View Set