Info Security Chapters 7 and 9
The act of unscrambling ciphertext into plain text is?
Decryption
What enables you to prevent a party from denying a previous statement or action
Nonrepudiation
A process that creates the first secure communications session between a client and a server is the definition of
SSL handshake
What is the definition of hub
a network device that connects network segments echoing all received traffic to all other ports
What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption?
asymmetric key cryptography
Cryptography accomplishes four security goals nonrepudiation integrity authentication and
confidentiality
Cryptography accomplishes four security goals
confidentiality, integrity, authentication and nonrepudiation
Security audits help ensure that your rules and what are up to date documented and subject to change control procedures
configurations
What allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer it provides a computer with an IP address subnet mask and other essential communication information simplifying the network administrators job
dynamic host configuration protocol
An auditing firewall is the standard by which a system is compared to determine whether it is securely configured
false
Another name for a border firewall is a DMZ firewall
false
IP addresses are eight byte addresses that uniquely identify every device on the network
false
One of the OSI Reference Model layers the transport layer creates maintains and disconnects communications that take place between processes over the network
false
The term router describes a network device that connects network segments,echoing all received traffic to all other ports
false
A stateful inspection firewall compares received traffic with a set of rules that define which traffic it will permit to pass through the firewall
false that is packet filtering
Chosen ciphertext attacks have particular uses in attacking encrypted email
falss
What term is used to describe a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address?
network address translation
A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator is the definition of
packet filtering firewall
It's essential to match your organizations required what with its security structure
permission level
What name is given to a protocol to implement a VPN connection between two computers
point to point tunneling protocol
What is hiding information called?
steganography
An algorithm to encrypt or decrypt information is the definition of cipher
true
Auditors often do a huge amount of work preparing for an aufit
true
Border firewalls simply separate the protected network from the Internet
true
Decryption is the act of scrambling ciphertext into plaintext
true
Decryption is the act of unscrambling ciphertext into plaintext
true
Digital signatures require asymmetric key cryptography
true
Encrypted information is ciphertext
true
In a symmetric key system where everyone shares the same secret compromising one copy of the key compromises all copies
true
Increasing the key length generally increases the security of a substitution cipher
true
Many jurisdictions require audits by law
true
Network mapping is a technique of using tools to determine the layout and services running on an organization's systems and networks
true
Tests should be as real as possible and therefore should be run against production networks and systems to the degree possible without impairing system operations
true
The OSI Reference Model is a theoretical model of networking with interchangeable lauers
true
The goal of cryptography is to make the cost or the time required to decrypt a message without the key exceed the value of the protected information
true
The physical layer must translate the binary ones and zeros of computer language into the language of the transport medium
true
The term certificate authority refers to a trusted repository that stores and distributes verified digital certificates
true
The term hacktivist describes a hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position
true