Scheduled maintenance: Saturday, September 10 from 11PM to 12AM PDT
Home
Subjects
Solutions
Create
Log in
Sign up
Upgrade to remove ads
Only ₩37,125/year
- Science
- Computer Science
- Computer Security and Reliability
-
Flashcards
-
Learn
-
Test
-
Match
-
Flashcards
-
Learn
-
Test
-
Match
Terms in this set (29)
What are the components that make up a cryptosystem? Check all that apply
encryption algorithms
decryption algorithms
key generation algorithms; A cryptosystem is a collection of algorithms needed to operate an encryption service. This involves generating encryption keys, as well as
encryption and decryption operations.
What is steganography?
the practice of hiding messages; Steganography involves hiding messages, but not encoding them.
What makes an encryption algorithm symmetric?
the same keys used for encryption and decryption; The symmetry of a symmetric algorithm refers to one key being used for both encryption and decryption.
What's the difference between a stream cipher and a block cipher?
Stream ciphers encrypt data as a continuous stream, while block ciphers operate on chunks of data; A stream cipher takes data in as a continuous stream, and outputs the ciphertext as a continuous stream, too. A block cipher encrypts the data in chunks, or blocks.
True or false: The smaller the encryption key is, the more secure the encrypted data is.
false; The reverse is true. The larger the key, the more secure the encrypted data will be.
Which of the following do asymmetric cryptosystems provide? Check all that apply.
confidentiality
authenticity
non-repudiation; Confidentiality is provided by the encryption and decryption
functionality, while authenticity and non-repudiation are ensured by the signing and verification processes.
What advantages do asymmetric algorithms have over symmetric ones?
they allow secure communication over insecure channels; By exchanging public keys for encrypting data, asymmetric encryption securely exchanges information over untrusted channels.
What's a common application for asymmetric algorithms?
Secure key exchange; Asymmetric encryption schemes are perfect for securely exchanging small amounts of data over untrusted networks by exchanging public keys that are used for encrypting data.
How is hashing different from encryption?
hash operations are one-directional; Hash functions, by definition, are one-way, meaning that it's not possible to take a hash and recover the input that generated the hash. Encryption, on the other hand, is two-directional, since data can be both encrypted and decrypted.
What's a hash collision?
When two different files generate the same hash digest; If two different files result in the same hash, this is referred to as a hash collision. Hash collisions aren't awesome, as this would allow an attacker to create a fake file that would pass hash verification.
How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?
a MIC only hashes the message, while a MAC incorporates a secret key; A MIC can be thought of as just a checksum or hash digest of a message, while a MAC uses a shared secret to generate the checksum. This also makes it authenticated, since the other party must also have the same shared secret, preventing a third party from forging the checksum data.
How can you defend against brute-force password attacks? Check all that apply.
run passwords through the hashing function multiple times
incorporate salts into password hashing
enforce the use of strong passwords; A brute-force password attack involves guessing the password. So, having complex and long passwords will
make this task much harder and will require more time and resources for the attacker to succeed. Incorporating salts into password hashes will protect against rainbow table attacks, and running passwords through the hashing algorithm lots of times also raises the bar for an attacker, requiring more resources for each password guess.
What information does a digital certificate contain? Check all that apply.
public
key data
Digital signature
identifying information of the certificate owner; A digital certificate contains the public key information, along with a digital signature from a CA. It also includes information about the certificate, like the entity that the certificate was issued to.
Which type of encryption does SSL/TLS use?
symmetric and asymmetric encryption; SSL/TLS use asymmetric algorithms to securely exchange information used to derive a symmetric encryption key.
What are some of the functions that a Trusted Platform Module can perform? Check all that apply.
remote attestation
data binding and sealing; A TPM can be used for remote attestation, ensuring that a host is a known good state and hasn't been modified or tampered (from a hardware and a software perspective). TPMs can also seal and bind data to
them, encrypting data against the TPM. This also allows it to be decrypted by the TPM, only if the machine is in a good and trusted state.
Plaintext is the original message, while _____ is the encrypted message.
cipher text; Once the original message is encrypted, the result is referred to as ciphertext.
The specific function of converting plaintext into ciphertext is called a(n) ______.
encryption algorithm; An encryption algorithm is the specific function or steps taken to convert plaintext into encrypted ciphertext.
Studying how often letters and pairs of letters occur in a language is referred to as _______.
Frequency analysis; Frequency analysis involves studying how often letters occur, and looking for similarities in ciphertext to uncover possible plaintext mappings.
True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.
false; If the plaintext, algorithm, and key are all the same, the resulting ciphertext would also be the same.
The practice of hiding messages instead of encoding them is referred to as ______.
Steganography; Steganography involves hiding messages from discovery instead of encoding them.
ROT13 and a Caesar cipher are examples of _______.
substitution ciphers; These are both examples of substitution ciphers, since they substitute letters for other letters in the alphabet.
DES, RC4, and AES are examples of ______ encryption algorithms.
symmetric; DES, RC4, and AES are all symmetric encryption algorithms.
What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.
public key
private key; In asymmetric encryption systems, there's a private key used for encryption, and a public key used for
decryption.
To create a public key signature, you would use the ______ key.
private; The private key is used to sign data. This allows a third party to verify the signature using the public key, ensuring that the signature came from someone in possession of the private key.
Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.
non-repudiation
authenticity
confidentiality; Confidentiality is provided by the encryption, authenticity is achieved through the use of digital signatures, and non-repudiation is also provided by digitally signing data.
If two different files result in the same hash, this is referred to as a ________.
hash collision; A hash collision is when two different inputs yield the same hash.
When authenticating a user's password, the password supplied by the user is authenticated by comparing the ____ of the password with the one stored on the system.
hash;Passwords are verified by hashing and comparing hashes. This is to avoid storing plaintext passwords.
If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?
rainbow tables use less computational resources and more storage space; Instead of computing every hash, a rainbow table is a precomputed table of hashes and text. Using a rainbow table to lookup a hash requires a lot less computing power, but a lot more storage space.
In a PKI system, what entity is responsible for issuing, storing, and signing certificates?
certificate authority; The certificate authority is the entity that signs, issues, and stores certificates.
Recommended textbook solutionsEngineering Electromagnetics
8th EditionJohn Buck, William Hayt
483 solutions
Introduction to Algorithms
3rd EditionCharles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
720 solutions
Computer Organization and Design MIPS Edition: The Hardware/Software Interface
5th EditionDavid A. Patterson, John L. Hennessy
220 solutions
Introduction to the Theory of Computation
3rd EditionMichael Sipser
389 solutions
Sets found in the same folderIT Security: Defense against the digital dark arts…
27 terms
snramos10
IT Security: Defense against the digital dark arts…
20 terms
snramos10
IT Security: Defense against the digital dark arts…
20 terms
snramos10
System Administration and IT Infrastructure Servic…
17 terms
snramos10
Other sets by this creator
IT Technical Interview Questions
115 terms
snramos10
Wireless Networking
9 terms
snramos10
Ports
17 terms
snramos10
ExamCram: 1-2
50 terms
snramos10
Verified questions
COMPUTER SCIENCE
Write a recursive function that accepts a string object as its argument and prints the string in reverse order. Demonstrate the function in a driver program.
Verified answer
COMPUTER SCIENCE
What is an infinite loop? Write the code for an infinite loop.
Verified answer
COMPUTER SCIENCE
Draw the group operation tables for the groups $$ (ℤ_4, + _4) $$ and $$ (ℤ^*_5, _.{5}) $$ . Show that these groups are isomorphic by exhibiting a one-to-one correspondence α between their elements such that a + b ≡ c (mod 4) if and only if α(a) · α(b) ≡ α(c) (mod 5).
Verified answer
COMPUTER SCIENCE
Write your own version of a class template that will create a dynamic stack of any data type. Demonstrate the class with a driver program.
Verified answer
Other Quizlet setsProtocols - chapter 9
29 terms
repoleveD
COMP212 Exam 2014
75 terms
KendallChin712
Section 3: Secure Communications
87 terms
Brian_Spanswick
2.1 Cryptography
14 terms
squizeshere
Related questionsQUESTION
What statement is true regarding the control the operator can exercise over the NAVTEX receivers operation?
4 answers
QUESTION
What scheme provides high speed overcurrent protection when transmission relays may fail due to loss of "voltage memory"?
5 answers
QUESTION
A web security administrator decides to consolidate some certificates to lower costs associated with using certificates for every subdomain website. Which type of certificate does the administrator implement to accomplish this?
2 answers
QUESTION
How *Symmetric* algorithm *Decryption* is expressed mathematically
15 answers