security 2023 past papaer Flashcards
(5 cards)
As we know, the encryption technique is known to everyone, including a
potential intruder. Then where does the security of an encryption technique
come from? Briefly describe either the private key method or the public key
method to explain your answer.
Public key method is when there are 2 keys a public key and a private key a public key used for encrypting and the private key is used for decrypting this ensures confidentality as without the private key decrypting would be nearly impossible due to challenging mathematical operations this is slower than having a shared key for both. this
The following are two kinds of security attacks. Describe what they are and,
in each case, give an example to explain your answer.
interruption
An interruption attack is a type of security attack where a service or communication becomes unavailable, affecting availability. For example, in a Denial of Service (DoS) attack, an attacker floods a web server with excessive requests, preventing legitimate users from accessing the service.
The following are two kinds of security attacks. Describe what they are and,
in each case, give an example to explain your answer.
fabrication
where an attacker inserts false data or messages into a system to make it seem legitimate .
n example of fabrication is when an attacker sends fake emails pretending to be a trusted person, such as a manager asking an employee to transfer funds. This is a form of email spoofing or phishing, where the attacker fabricates messages to deceive users and possibly gain unauthorized access or financial benefit.
One example of Internet security attack is denial of service (DoS) and its
distributed version (DDoS).
i. Describe this type of attack
A Denial-of-Service (DoS) attack is a cyberattack that aims to disrupt the availability of a system, network, or service by overwhelming it with excessive requests, making it inaccessible to legitimate users. Attackers typically flood the target with traffic or consume its computing resources until it can no longer function properly.
A Distributed Denial-of-Service (DDoS) attack is a more advanced version of DoS, where the attack comes from multiple compromised systems (often forming a botnet) instead of just one. This makes the attack more powerful and harder to stop since traffic is coming from various sources.
