Encryption

Question 1

What are the 5 steps in Risk Assessment

Answer 1

1) Assets
2) Vulnerability
3) Threat
4) Adversary
5) Consequence

Question 2

What is the best way to tailor security controls

Answer 2

Tailor controls specific to your assets to minimise the burdens

Question 3

What is the 3 word acronym for security parameters

Answer 3

C - Confidentiality
I - Integrity
A - Availabilty

Question 4

What is the extended acronym for security parameters

Answer 4

CIA
P - Possession
A - Authenticity
N - Non-repudiation
A - Authorisation

Question 5

Define Confidentiality

Answer 5

when we want an asset to remain undisclosed

Question 6

Define Integrity

Answer 6

Ensuring the accuracy and completion of an asset

Question 7

Define Availability

Answer 7

The asset must be available and functioning when we need it e.g. not destroyed or encrypted

Question 8

Define Possession

Answer 8

Ensuring that the asset remains in the right hands and not stolen

Question 9

Define Authenticity

Answer 9

Validity of claim of origin or authorship

Question 10

Define Non-Repudiation

Answer 10

Ensures that neither the sender or receiver can deny fulfillment of either end of a contract

Question 11

What are the 3 main types of protection

Answer 11

Prevention
Detection
Recovery

Question 12

Define Prevention

Answer 12

Preventing files from being compromised e.g. encryption or keeping keys hidden

Question 13

Define Detection

Answer 13

Being able to detect an attacker e.g. using deliberate traps, canary tokens and other notification triggers

Question 14

Define Recovery

Answer 14

Having the ability to recover what is lost

Question 15

What is the Zero Trust Model

Answer 15

Everything done involves a factor of risk. Evaluate and Distribute the trust

Question 16

How would you distribute the trust when you need to upload files to a cloud-based storage

Answer 16

1) Can’t trust cloud service
2) Back-up files in separate location
3) Encrypt uploaded files using hash only you have access to

Question 17

How would you distribute the trust when downloading an untrusted app

Answer 17

Run it in an isolated VM or sandbox to trap any malware

Question 18

What is encryption?

Answer 18

Turning readable text in to unreadable ciphertext

Question 19

Pros and cons of high bit-rate algorithm

Answer 19

More secure but takes longer to encrypt and decrypt

Question 20

What is a brute force attack?

Answer 20

When you try to guess a password by trying all possible combinations

Question 21

What is a dictionary attack?

Answer 21

Using all the words in the dictionary

Question 22

What is symmetric encryption?

Answer 22

Symmetric encryption uses 1 key
Is used in most encryption protocols
Is fast and currently ‘unbreakable’
Common standard for HTTPS, Tor, SSH etc.

Question 23

What is Asymmetric encryption?

Answer 23

The use of 2 keys, one public and one private

Question 24

What are some common asymmetric key algorithms

Answer 24

RSA
Elliptical curve cryptosystem (ECC)
Diffie-Hellman (DH)

Question 25

If you encrypt with the senders private key, what do you need to decrypt

Answer 25

The senders public key
- Authentication of sender

Question 26

If you encrypt with the receivers public key, what is needed to decrypt

Answer 26

The receivers private key
- Confidentiality, only receiver can decrypt message

Question 27

What is a Crypto system

Answer 27

The use of various crypto techniques in combination

Question 28

Pros and cons of Asymmetric Algorithms

Answer 28

Better key distribution
Can place pub key on site but only intended reader can decipher with priv key
Authentication & Non-Repudiation
V slow compared to symmetric
Mathematically intensive (higher bit-rate)

Question 29

Pros and Cons of symmetric algorithms

Answer 29

Fast & Strong
Not scalable
- Sending an encrypted file to 10 people requires 10 keys to also be sent out

Question 30

What is a Digital Signature?

Answer 30

A hash value (digest) that is encrypted with the senders private key

Question 31

What security parameters are provided by hashing?

Answer 31

Confidentiality
Integrity
Authentication
Non-Repudiation