Chapter 8

Question 1

Cryptography

Answer 1

The study of cryptographic algorithms 245

Question 2

Ciphering

Answer 2

The process of using cipher to encode characters 245

Question 3

Substitution Cipher

Answer 3

A type of coding or ciphering system that changes one character or symbol into another 246

Like a cryptogram 246

Question 4

Multi-Alphabet Substitution

Answer 4

Really cool way to cipher a message. Takes substitution to the next level by changing the formula with every character 246

Question 5

Transposition Cipher

Answer 5

Involves transposing or scrambling the letters in a certain manner. Typically, a message is broken into blocks of equal size, and each block is then scrambled 246

Question 6

ROT13

Answer 6

rotates every letter 13 places in the alphabet

Little orphan Annie!

Question 7

Stegography

Answer 7

process of hiding a message in a medium such as a digital image

Most commonly by changing the least significant bit 248

Question 8

Symmetric Algorithms

Answer 8

Requires both ends of an encrypted message to have the same key and processing algorithms.

Question 9

Asymmetric Algorthms

Answer 9

Use two keys to encrypt and decrypt data. The two keys are known as a public key and a private key

Question 10

Types of Key exchange

Answer 10

In-band key exchange: the key is exchanged within the same communications channel is encrypted

Out-of-band key exchange: Key is exchanged in a different channel

Question 11

ECC

Answer 11

Elliptic Curve Cryptography

uses small keys.

Question 12

MD

Answer 12

Message Digest Algorithm

Creates a hash value and uses a one way hash

Question 13

Key stretching

Answer 13

processes used to take a key that might be a bit weak and make it stronger usually by making it longer
256

Question 14

Frequency Analysis

Answer 14

looking at blocks of an encrypted message to determine if any common patterns exist
257

Question 15

Brute-Force Attacks

Answer 15

Applying every possible combination of characters that could be the key
257

Question 16

Cryptographic system

Answer 16

system, methods, or process that is used to provide encryption and decryption
258

Question 17

Digital Signature

Answer 17

similar in function to a standard signature on a document. It validates the integrity of the message and the sender
261

Question 18

Nonrepudiation

Answer 18

Prevents a party from denying action they carried out.

262

Question 19

Key Escrow

Answer 19

addresses the possibility that a third party may need to access keys. Keys needed to encrypt/decrypt data are held in this
262

Question 20

Key Recovery Agent

Answer 20

an entity that has the ability to recover keys, key components, or plaintext messages as needed

Question 21

Key Registration

Answer 21

the process of providing certificates to users, and registration authority

Question 22

IETF

Answer 22

Internet Engineering Task Force

an international community of computer professional that includes network engineers, vendors, administrators, and researchers

Question 23

ISOC

Answer 23

Internet Society

Professional group whose membership consists primarily of Internet experts

Question 24

W3C

Answer 24

World Wide Web Consortium

An association concerned with the interoperability, growth, and standardization of the WWW

Question 25

RFC

Answer 25

Request for Comments A draft/document that is open for comment to ensure that it meets standards and best practices

Question 26

IETF

Answer 26

Internet Engineering Task Force An international community of computer professionals that includes network engineers, vendors, administrators, and researchers 265

Question 27

X.509

Answer 27

Standard defines the certificate formats and fields for public keys. It also defines the procedures that should be used to distribute public keys 267

Question 28

PKIX

Answer 28

Public-Key Infrastructure X.509 working group formed by the IETF to develop standards and models for the PKI environment 266

Question 29

SET

Answer 29

Secure Electronic Transaction provides encryption for credit card numbers that can be transmitted over the Internet

Question 30

PGP

Answer 30

Pretty Good Privacy A freeware email encryption system. Introduced in the 1990s used widely for email security 272

Question 31

HTTPS vs S-HTTP

Answer 31

HTTPS is a secure channel S-HTTP is a secure message 274

Question 32

FIPS

Answer 32

Federal Information Processing Standard A set of guidelines for US federal government information systems

Question 33

CPS

Answer 33

Certificate Practice Statement Discuss standards of how certificates are issued, what measures are taken to protect certificates, and the rules that CA users must follow to maintain their certificate eligibility

Question 34

Hierarchical Trust Models

Answer 34

AKA a tree A root CA at the top provides all of the information. The intermediate CAs