Module 15 Flashcards by parabellum smith

To ensure secure communications across both the public and private infrastructure, the network
administrator’s first goal is to

secure the network
infrastructure, including routers, switches, servers, and hosts.

How well did you know this?

Not at all

Perfectly

There are three primary objectives of securing
communications:

Authentication
Integrity
Confidentiality

How well did you know this?

Not at all

Perfectly

Authentication

There are two primary methods for validating a source in network communications:

authentication services and
data nonrepudiation services.

How well did you know this?

Not at all

Perfectly

In network communications, authentication can be accomplished using

cryptographic methods.

How well did you know this?

Not at all

Perfectly

is a similar service that allows the sender of a message to be uniquely
identified.

Data nonrepudiation

With nonrepudiation services in place, a sender cannot deny having been the source
of that message.

How well did you know this?

Not at all

Perfectly

ensures that messages are not altered in transit. With___, the receiver can verify that the received message is identical to the sent message and that no manipulation occurred.

Data integrity

How well did you know this?

Not at all

Perfectly

ensures privacy so that only the receiver can read the message. This can be achieved through encryption.

Data confidentiality

How well did you know this?

Not at all

Perfectly

is the process of scrambling data so that it cannot
be easily read by unauthorized parties.

Encryption

How well did you know this?

Not at all

Perfectly

When enabling encryption, readable data is called ____ while the encrypted
version is called __.

readable data = plaintext, or cleartext,

encrypted version = encrypted text or ciphertext

The plaintext readable message is converted to
ciphertext, which is the unreadable, disguised message.

How well did you know this?

Not at all

Perfectly

reverses the process of encryption

Decryption

How well did you know this?

Not at all

Perfectly

A __ is required to encrypt and decrypt a message. The ___ is the link between the plaintext
and ciphertext.

key

How well did you know this?

Not at all

Perfectly

Using a ____ is another way to ensure data confidentiality. A____ transforms
a string of characters into a usually shorter, fixed-length value or key that represents the
original string.

hash function

How well did you know this?

Not at all

Perfectly

The difference between hashing and encryption is

in how the data is stored.

How well did you know this?

Not at all

Perfectly

The ___ was an electromechanical
encryption device that was developed and used by Nazi Germany during World War II. The device depended on the distribution of pre-shared keys that were used to encrypt and decrypt messages.

Enigma machine

How well did you know this?

Not at all

Perfectly

depended on the distribution of pre-shared keys that were used to encrypt and decrypt messages.

Enigma machine

How well did you know this?

Not at all

Perfectly

In ____, no letters are replaced; they are simply rearranged.

transposition ciphers

How well did you know this?

Not at all

Perfectly

Another example of a transposition cipher is known as the ____. They are staggered, some in front, some in the middle and some in back, across several parallel lines.

rail fence cipher

How well did you know this?

Not at all

Perfectly

Modern encryption block cipher algorithms, such as ____, still use transposition as part of the algorithm.

AES and the legacy 3DES,

How well did you know this?

Not at all

Perfectly

____ substitute one letter for another. In their simplest form, ____ retain the letter frequency of the original message.

Substitution ciphers

How well did you know this?

Not at all

Perfectly

The ____ is based
on the Caesar cipher, except
that it encrypts text by using a
different polyalphabetic key
shift for every plaintext letter.

The different key shift is
identified using a shared key
between sender and receiver.

Vigenère cipher

How well did you know this?

Not at all

Perfectly

__ was an AT&T Bell Labs engineer who, in 1917, invented, and later patented, the stream cipher. He also co-invented the one-time pad cipher.

Gilbert Vernam

How well did you know this?

Not at all

Perfectly

Vernam proposed a teletype cipher in which a prepared key consisting of an arbitrarily long, non-repeating sequence of numbers was
kept on paper tape. It was then combined character by character with the plaintext message to produce the ciphertext.

To decipher the ciphertext, the same paper tape key was again combined character by character, producing the plaintext. Each tape was used only once; hence, the name one-time pad. Several difficulties are inherent in using onetime pads in the real world.

one-time pad ciphers

the stream cipher

How well did you know this?

Not at all

Perfectly

is the practice and study of determining the meaning of encrypted information
(cracking the code), without access to the shared secret key. This is also known as

Cryptanalysis or codebreaking.

How well did you know this?

Not at all

Perfectly

Throughout history, there have been many instances of cryptanalysis:

The Vigenère cipher had been absolutely secure until it was broken in the 19th century by English cryptographer Charles Babbage.
Mary, Queen of Scots, was plotting to overthrow Queen Elizabeth I from the throne and sent encrypted messages to her co-conspirators. The cracking of the code used in this plot led to the beheading of Mary in 1587.
The Enigma-encrypted communications were used by the Germans to navigate and direct their U-boats in the Atlantic. Polish and British cryptanalysts broke the German Enigma code. Winston Churchill was of the opinion that it was a turning point in WWII.

How well did you know this?

Not at all

Perfectly

Methods of Cracking Code Several methods are used in cryptanalysis:

* Brute-force method * Ciphertext method * Known-Plaintext method * Chosen-Plaintext method * Chosen-Ciphertext method * Meet-in-the-Middle method

- The attacker tries every possible key knowing that eventually one of them will work.

* Brute-force method

- The attacker has the ciphertext of several encrypted messages but no knowledge of the underlying plaintext.

* Ciphertext method

- The attacker has access to the ciphertext of several messages and knows something about the plaintext underlying that ciphertext.

* Known-Plaintext method

- The attacker chooses which data the encryption device encrypts and observes the ciphertext output.

* Chosen-Plaintext method

- The attacker can choose different ciphertext to be decrypted and has access to the decrypted plaintext.

* Chosen-Ciphertext method

- The attacker knows a portion of the plaintext and the corresponding ciphertext.

* Meet-in-the-Middle method

A more scientific approach is to use the fact that some characters in the English alphabet are used more often than others. This method is called

frequency analysis.

When choosing a cryptanalysis method, consider the Caesar cipher encrypted code. The best way to crack the code is to use ____. Because there are only 25 possible rotations, the effort is relatively small to try all possible rotations and see which one returns something that makes sense.

brute force

is the science of making and breaking secret codes.

Cryptology

cryptology combines two separate disciplines:

*Cryptography - the development and use of codes *Cryptanalysis - the breaking of those codes

is often used by governments in military and diplomatic surveillance, by enterprises in testing the strength of security procedures, and by malicious hackers in exploiting weaknesses in websites.

Cryptanalysis

are individuals who perform cryptanalysis to crack secret codes.

Cryptanalysts

MD5 (legacy) SHA

Integrity H for hashing

HMAC-MD5 (legacy) HMAC-SHA-256 RSA and DSA

Authenticity

3DES (legacy) AES

Confidentiality E for encrypting

The three primary objectives of securing communications are

authentication, integrity, and confidentiality.

Authentication may be secured by

HMAC.

is ensured through the use of the SHA family of hash generating algorithms.

Integrity

is ensured through symmetric encryption algorithms, such as AES, and asymmetric algorithms, such RSA and PKI.

Data confidentiality

proves that a message actually comes from a valid source.

Authentication

is a similar service to authentication in that it allows the sender of a message to be uniquely identified.

Data nonrepudiation

ensures that messages are not altered in transit.

Data integrity

ensures privacy so that only the intended receiver can read the message.

Data confidentiality

Three types of cipher are

transposition, substitution, and one-time pad

is the practice and study of determining the meaning of encrypted information (cracking the code), without access to the shared secret key.

Cryptanalysis, or codebreaking,

The objective of modern cryptographers is

to have a keyspace large enough that it takes too much time and money to accomplish a brute-force attack.

is the science of making and breaking secret codes. It combines cryptography and cryptanalysis.

Cryptology

The choice of algorithm varies depending on the security requirements, the hardware resources that are available for encryption and decryption, and the acceptance of the algorithm in the security community.

True

With most modern algorithms, the security of encryption lies in the secrecy of the __ not the algorithm.

keys

Ensures privacy so that only the receiver can read the message.

confidentiality

Ensures that messages are not altered in transit.

integrity

Guarantees that a message comes from the source that it claims to come from.

authentication

In banking, it can be achieved by requiring a secure personal identification number (PIN) at an ATM.

authentication

Encryption and hashing are used to make certain that only authorized entities can read the message.

confidentiality

A key is required to encrypt and decrypt a message.

confidentiality

The receiver can verify that the received message is identical to the sent message and that no manipulation occurred.

integrity

What is a cipher that replaces one letter for another, possibly retaining the letter frequency of the original message?

A substitution cipher replaces one letter for another, possibly retaining the letter frequency in the cleartext language.

What is a method of cryptanalysis in which an attacker tries every possible key knowing that eventually one of them will work?

In a brute-force attempt to decipher a coded message, every possible value is attempted.

What cipher method does 3DES use as part of the algorithm?

A transposition cipher is used in part by the legacy 3DES algorithm.

What is the term for when a device cannot refute the validity of a message that it has received?

Nonrepudiation means that a device cannot refute the validity of a message sent.

What is the practice and study of determining the meaning of encrypted information, without access to the shared secret key?

Cryptanalysis is the study of determining the meaning of coded messages without access to message key.

Refer to the exhibit. Which type of cipher method is depicted?

transposition cipher There are many cipher methods developed for message encryptions. In transposition ciphers, no letters are replaced; they are simply rearranged. An example of this type of cipher is known as the rail fence cipher. In this transposition, the words are spelled out as if they were a rail fence, meaning some are in front and some in back across several parallel lines.

What are two objectives of ensuring data integrity? (Choose two.)

data is unaltered during transit data is not changed by unauthorized entities The objectives for data integrity include data not being altered during transit and not being changed by unauthorized entities. Authentication and encryption are methods to ensure confidentiality. Data being available all the time is the goal of availability.

A network security specialist is tasked to implement a security measure that monitors the status of critical files in the data center and sends an immediate alert if any file is modified. Which aspect of secure communications is addressed by this security measure?

data integrity Secure communications consists of four elements: Data confidentiality - guarantees that only authorized users can read the message Data integrity - guarantees that the message was not altered Origin authentication - guarantees that the message is not a forgery and does actually come from whom it states Data nonrepudiation – guarantees that the sender cannot repudiate, or refute, the validity of a message sent

To answer the question, you do not need to consider the exhibit. The exhibit shows a lock with the word "PASSWORD" above a window that is on the front of the lock. Within the window the following information appears : *******8 OK. Which type of attack allows an attacker to use a brute force approach?

password cracking Common ways used to crack Wi-Fi passwords include social engineering, brute-force attacks, and network sniffing.

Why would HMAC be used to help secure the data as it travels across various links?

it is a hashing algorithm used to guarantee that the message is not a forgery and actually comes from the authentic source MD5 is a hashing algorithm that guarantees that no one intercepted the message and altered it. Advanced Encryption Standard (AES) is a popular symmetric encryption algorithm where each communicating party needs to know the pre-shared key. Public key infrastructure (PKI) is an asymmetric encryption algorithm based on the assumption that the two communicating parties have not previously shared a secret key. HMAC is a hash message authentication code that guarantees that the message is not a forgery and actually comes from the authentic source.

What is the focus of cryptanalysis?

breaking encrypted codes Cryptology is the science of making and breaking secret codes. There are two separate disciplines in cryptology, cryptography and cryptanalysis. Cryptography is the development and use of codes. Cryptanalysis is the breaking of those secret (encrypted) codes.

What is cryptology?

the science of making and breaking secret codes Cryptography is the science of creating transposition and substitution ciphers. Cryptanalysis is the science of cracking the code without access to the shared secret key. Cryptology is the science of making and breaking secret codes. Cryptology combines cryptography and cryptanalysis.

Which objective of secure communications is achieved by encrypting data?

confidentiality When data is encrypted, it is scrambled to keep the data private and confidential so that only authorized recipients can read the message. A hash function is another way of providing confidentiality.

What is the purpose of a nonrepudiation service in secure communications?

to ensure that the source of the communications is confirmed Nonrepudiation uses the unique characteristics of the sender of a message to confirm that the reputed sender is in fact the actual sender.

A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?

confidentiality Confidentiality ensures that data is accessed only by authorized individuals. Authentication will help verify the identity of the individuals.

What is an example of the transposition cipher?

rail fence RC4 is an example of the one-time pad cipher, and it is widely used on the Internet. The Caesar cipher is a simple substitution cipher, and the Vigenère cipher is based on the Caesar cipher. An example of the transposition cipher is the rail fence cipher.

To answer the question, you do not need to consider the exhibit. The graphic displays a conveyor belt with items on it. The items include a combination of the characters 10100 going through a box and as they exit the box they are being modified into the characters %&@. As data is being stored on a local hard disk, which method would secure the data from unauthorized access?

data encryption Data encryption is the process of converting data into a form where only a trusted, authorized person with a secret key or password can decrypt the data and access the original form.