Cryptography Flashcards Preview

CompTIA Security+ SY0-501 > Cryptography > Flashcards

Flashcards in Cryptography Deck (31)
Loading flashcards...
1

What is meant by asymmetric encryption?

Public key used to encrypt data, private used to decrypt, very CPU intensive

2

What is used to digitally sign a packet?

Senders private key

3

What is used to verify a digitally signed packet?

Senders public key

4

What is used to verify a senders public key?

Senders public key (digital) certificate

5

What is used to verify senders public key certificate?

Trusted C.A (Certificate Authority)

6

What is a digital certificate?

Electronic document certifying public key of an entity (contains digital signature)

7

What is a digital signature?

Code derived using private key of an entity
Verified using public key of signing entity to decrypt a hash and compare with CA

8

How would a recipient receive the public key?

Receiving senders digital certificate, via in band or out band key exchange

9

When sending encrypted data what key is used to encrypt?

Recipients public key, recipient decrypts with private key

10

When receiving encrypted data what key is used to decrypt

Recipients private key

11

What is IKE v1?

Establishes VPN IPSec phase 1 (initial control channel) and phase 2 tunnels
Isolated tunnels

12

What is IKE v2?

?

13

What is in band key exchange

Using in session mechanism

14

What is out of band key exchange

Distributing public key manually i.e copying it to computer

15

What algorithm does session key use?

Symmetric encryption algorithm

16

What algorithm does public key use?

Asymmetric encryption algorithm

17

What is DH Group?

Diffie Hellman group
Used to establish shared symmetric session keys
However Diffie Hellman exchange is asymmetrical

18

What steps are carried out in IKE phase 1 tunnel?

Negotiates protocols:
H ash (algorithm)
A uthentication
G DH Group
L ifetime
E ncryption (algorithm)

19

What steps are carries out in IKE phase 2 tunnel?

Optional: PFS (Perfect Forward Secrecy) runs Diffie Hellman again

20

What is a block cipher?

Encryption performed on blocks of data

21

What is a stream cipher?

Encryption performed bit by bit

22

What is HMAC?

Hashed Message Authentication Code
Uses session key as part of hash formula
Prevents hacker changing data in transit regenerating hash as they don't have session key

23

What is key escrow?

Trusted entity with copy of keys needed for decryption which can be delegated to authorised third parties

24

What is symmetric encryption?

Both keys can encrypt and decrypt, used for most use cases as lower CPU overhead

25

What is ECC?

Elliptical Curve Cryptography
uses shorter key for lower overhead and good encryption

26

What is ephemeral key?

Key used for short period of time, i.e offset of key is used for each packet

27

What is NTLM and NTLMv2?

Old prior to kerberos authentication

28

What is PGP/GPG?

Pretty Good Privacy
GNU Privacy Guard compliant version of PGP by IETF committee

29

What is DHE and ECDHE?

Diffie Hellman Ephemeral
Eliptical Curve Diffie Hellman Ephemeral

30

What is PBKDF2

Password Based Key Deviation Function 2
Applies pseudo random functions: hashing, salting, HMAC, encryption to create derived key