Internet Security Flashcards
What is a firewall?
A firewall is a combination of hardware and software that is designed to check the integrity of incoming messages and requests for service from the system.
FIREWALL - How does packet filtering work?
Packet filtering is where the firewall analyses data packets that are attempting to enter the system. Traffic is blocked unless it conforms to a set of rules; typically, the filters are set up to check the header of data packets to view the source of the data. The rules can be set up to block certain IP addresses or allow traffic from a recognised source.
FIREWALL - What is stateful inspection?
Stateful inspection, often termed dynamic packet filtering, is a more secure firewall method than simple packet filtering. Each data packet is examined, and the state of active connections, IP addresses and port numbers used is recorded. Data packets may be rejected if they come from an unknown port or source.
FIREWALL - What is a proxy server?
A proxy server processes the information received from the Internet and then sends it to the user of a private network. Therefore, the website host is not in direct contact with the private network as the material is transmitted via the proxy server
What is Encryption?
Encryption is used to make stored data more secure, by making it unreadable to people who do not have the key to decode it.
What is Symmetric Encryption?
Symmetric encryption is where the data sent is encrypted using a key and the same key is sent separately to the receiver to decrypt the data.
What is asymmetric Encryption?
Asymmetric encryption is where data is encrypted and decrypted using a public and a private key.
What is a public key?
Public key is made publicly available and is used to encrypt data.
What is a private key?
Private key is only known to the receiver of asymmetrically encrypted data and can be used with the mathematically related public key to decrypt data.
How does a symmetric key work?
Data sent after encryption using a key -> Encrypted data received is decrypted using a key.
Encryption key sent to receiver separately -> Same key used by receiver to decrypt data
How does a asymmetric key work?
Data sent after encryption using a public key -> Encrypted data received can only be decrypted using a private key (only known to the receiver
What is an advantage of asymmetric encryption?
The main advantage of asymmetric encryption is that the key to decrypt data is not transmitted and so cannot be intercepted. Also, it is exceptionally difficult to obtain details of the private key by inspection of the related public key.
What is an Digital certificate?
Digital certificate is an attachment to an encrypted message that is used to show the message is from a certified and, so, trusted source.
What is a Digital Signature?
Digital signature is a different method used to determine the authenticity of the message source by checking an encrypted and certified digital signature.
