Term
|
Definition
| Principle in which attackers are forced to break multiple lines of defense to be able to access the target system or protected areas. |
|
|
Term
|
Definition
| Where every server and client machine should be hardened by having frequent backups, timely software patches for applications and operation systems, host firewalls, and other authentication control measures. |
|
|
Term
|
Definition
| Should be readable only by the intended party |
|
|
Term
|
Definition
| protects the confidentiality of messages from such threats as packet sniffing and man-in-the-middle attack (MITM) |
|
|
Term
|
Definition
| Assures that data (or messages) are not manipulated accidentally or maliciously by unauthorized parties. |
|
|
Term
| Frame Check Sequence(FCS) |
|
Definition
| added at the end of each from for error detection is a general approach to detect such changes. |
|
|
Term
|
Definition
| Means that the identity of communicating parties and message sources need to be validated. |
|
|
Term
| What is authentication an effective weapon against? |
|
Definition
| Man-in-the-middle attacks and various types of spoofing. |
|
|
Term
| Access control and authorization |
|
Definition
| refer to the proces of granting/denying the access of a network of systems attached to the network, and of resources such as files, directories, and programs available within a system. |
|
|
Term
| What tool should be used to enforce access policy? |
|
Definition
| Access Control List (ACL) |
|
|
Term
| Identity management and directory service |
|
Definition
| Access privelages should be arranged so that a person or a user group is granted limited access to specific service and system resources. |
|
|
Term
| What is a popular technology for message confidentiality? |
|
Definition
|
|
Term
| What are popular technologies for message Integrity? |
|
Definition
Checksum/frame check sequence (FCS)
Digital Signatures |
|
|
Term
| What are popular technologies for access control? |
|
Definition
Access Control List (ACL)
Anti-Virus and Anti-Spyware
Intrusion detection and prevention system
Directory Server |
|
|
Term
| What are popular technologies for Authentication? |
|
Definition
Passwords and Passphrases
Digital Signatures and digital certificates
Smart cards and biometric solutions (ex. voice and face recognition)
Security tokens) |
|
|
Term
|
Definition
| represents software and/or hardware designed to prot4ect a network from various attacks by cntrolling they type of service for inbound and outbound; and by monitoring the patterns of message flows and the network usage by local and remote users. |
|
|
Term
|
Definition
| an internal network that needs secure protection from external threats |
|
|
Term
|
Definition
| houses servers such as email and web server that provide public servies and therefore can be more vulnerable to attacks coming from the internet. |
|
|
Term
| Firewalls/routers either pass or drop a packet based on the filtering rules defined in the...? |
|
Definition
| Access Control List (ACL) |
|
|
Term
|
Definition
| a rudimentary form of screening in which the firewall examined each packet as an isolated case. |
|
|
Term
|
Definition
| The firewall reviews each arriving packet in the context of the previous engagement, making the packet screening much more effective than stateless filtering. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| For inbound packets, does filtering or routing occur first? |
|
Definition
| Filter first, then routing |
|
|
Term
| when the packet is outbound, does filtering or routing occur first? |
|
Definition
| Routing occurs first, then filtering |
|
|
Term
|
Definition
| a procedure that transforms a message into an unreadable code |
|
|
Term
| what are the four elements of cryptography? |
|
Definition
| plaintext, ciphertext, cipher, and key |
|
|
Term
|
Definition
| An original unencrypted message in various formats including text, voice, data, and video |
|
|
Term
|
Definition
| is an encryption algorithm used to convert plaintext to ciphertext and vice versa |
|
|
Term
| how many types of ciphers are there? |
|
Definition
| two (Stream and block ciphers) |
|
|
Term
| what are the two types of ciphers? |
|
Definition
|
|
Term
| What does a stream cipher do? |
|
Definition
| Encrypts a message bit by bit (bit-level encryption) |
|
|
Term
| What does a block cipher do? |
|
Definition
| Encryption per block of certain size (128 bit block) *most ciphers are block ciphers |
|
|
Term
| What is the most common type of cipher? |
|
Definition
|
|
Term
|
Definition
| represents a binary value the cipher utilizes to encrypt/decrypt the data |
|
|
Term
| What is the recommended key size to safeguard encrypted messages? |
|
Definition
| 100 is recommended and most web browsers use 128 bits |
|
|
Term
| T/F does a cryptography system use a fixed key size? |
|
Definition
|
|
Term
| Can a key value be randomly generated based on encryption software or derived from a password? |
|
Definition
|
|
Term
|
Definition
| A randomly generated key used for only a particular session |
|
|
Term
|
Definition
| When both the sender and receiver have the same key before the session begins |
|
|
Term
|
Definition
| The sender utilizes a public key to encrypt the data and then utilizes their private key to decrypt the data |
|
|
Term
| Which is more secure, asymmetric or symmetric keys? |
|
Definition
|
|
Term
| Synonym for electronic autpographs |
|
Definition
|
|
Term
| Are asymmetric keys shorter or longer than symmetric keys? |
|
Definition
| MUCH LONGER which is a disadvantage |
|
|
Term
| are the two types of keys used in a hybrid fashion? |
|
Definition
| Yes, generally symmetric keys are used to encrypt actual messages while asymmetric keys are used to send symmetric keys and authenticate communicating parties. |
|
|
Term
|
Definition
| A high-tech solution for message and sender authentication. |
|
|
Term
|
Definition
| A digital equivalent of an ID card and is used in conjunction with the asymmetric encryption system |
|
|
Term
| Who sells digital certificates? |
|
Definition
| Certificate authorities (CAs) ex. verisign... |
|
|
Term
| What is the widely accepted standard from the International Telecommunications Untion (ITU) defining a format of digital certificated? |
|
Definition
|
|
Term
| Are Certificate Authorities public or Private institutes? |
|
Definition
| Both! examples are verisign, Microsoft, American Online |
|
|
Term
| can a Certificate Authority revoke a certificate? |
|
Definition
|
|
Term
| Certificate revocation list |
|
Definition
| Revoked certificates go on this list! |
|
|
Term
| If the certificate is not recognized, does the browser warn the user? |
|
Definition
| yes and it advises against proceeding |
|
|
Term
| How strong is Wired Equivalent Privacy? |
|
Definition
|
|
Term
| How strong is Wi-Fi Protected Access(WPA)? |
|
Definition
|
|
Term
| How strong is IEEE 802.11i(also called WPA2)? |
|
Definition
|
|
Term
|
Definition
|
|
Term
| Why is WPA and WPA2 better than WEP? |
|
Definition
| Because WPA and WPA2 are dynamically changing after the initial setup |
|
|
Term
| IS WPA and offical IEEE standard? |
|
Definition
| NO...it was meant as a transition between WEP and WPA2 |
|
|
Term
| Robust Security Network (RSN) |
|
Definition
| Only allows authorized users onto the network |
|
|
Term
|
Definition
| Personal mode of WPA...basically is setup for small businesses or home offices |
|
|
Term
|
Definition
| Is setup in a way that the system relies on a central server for key management which ensures consistency in user authentication |
|
|
