Security and Cryptography Flashcards

(55 cards)

1
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is symmetric-key cryptography?

A

Both the sender and receiver share a single key for encryption and decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is public-key cryptography?

A

Uses two related keys: a public key for encryption and a private key for decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are hash functions?

A

Algorithms that compute a fixed-length hash value from plaintext, making it impossible to recover the original content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List the three types of cryptographic techniques used in general.

A
  • Symmetric-key cryptography
  • Hash functions
  • Public-key cryptography
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why is data security important?

A

Protects valuable data from corruption and unauthorized access, preventing financial loss and reputation damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is authentication in data security?

A

Verifies if a user’s credentials match those stored in a database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What technologies are included in standard authentication processes?

A
  • Passwords
  • PINs
  • Security tokens
  • Swipe cards
  • Biometrics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is access control?

A

The process of determining what an authenticated user is allowed to do or see.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

List the types of access control systems.

A
  • Discretionary access control
  • Role-based access control
  • Mandatory access control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of backups in data security?

A

To access data in the event of system failure, disaster, or data corruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is data security?

A

The practice and technology of protecting sensitive company and customer data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a Virtual Private Network (VPN)?

A

Creates a secure connection to a network from another endpoint, encrypting data between the two points.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What do stateful multilayer inspection (SMLI) firewalls do?

A

Filter packets at multiple layers and ensure communication is only with trusted sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the main difference between packet-filtering firewalls and stateful firewalls?

A

Stateful firewalls remember information about previously passed packets, while packet-filtering firewalls do not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are next-generation firewalls (NGFW)?

A

Combine traditional firewall technology with additional functionalities such as intrusion prevention and deep packet inspection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a proxy firewall?

A

Acts as an intermediary that filters network traffic at the application level based on security rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the function of NAT firewalls?

A

Allow multiple devices to connect to the internet using a single IP address, enhancing security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is data encryption?

A

Transforms normal text into unreadable ciphertext using an algorithm and an encryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is data masking?

A

Hides data by obscuring it with proxy characters, revealing the original only to authorized users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is tokenization?

A

Substitutes sensitive data with random characters that are not algorithmically reversible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is symmetric key cryptography?

A

An encryption system where the sender and receiver share a common key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a transposition cipher?

A

An encryption method that shifts the positions of plaintext units according to a system.

24
Q

What is a substitution cipher?

A

An encryption method where plaintext units are replaced with ciphertext according to a fixed system.

25
What is a stream cipher?
An encryption algorithm that encrypts a single bit at a time, producing different ciphertext for the same plaintext.
26
What are the two categories of cryptography?
* Symmetric key Cryptography * Asymmetric key Cryptography
27
What is erasure in data management?
The process of permanently clearing data so that it is irretrievable.
28
What is the purpose of firewalls?
To monitor and control incoming and outgoing network traffic based on security rules.
29
What are the types of network security?
* Network Access Control * Antivirus and Antimalware Software
30
What is administrative network security?
Consists of policies and processes that control user behavior and access.
31
What is the purpose of comprehensive access control policies?
To manage user and device access to network resources.
32
What does Network Access Control (NAC) allow?
Granular access control, such as granting administrators full access while restricting access to confidential folders.
33
What types of malicious software do antivirus and antimalware software protect against?
Viruses, ransomware, worms, trojans.
34
True or False: Antimalware is the same as antivirus.
False.
35
What is the main focus of antimalware software?
To detect broader and more advanced software threats.
36
What are the two main types of security controls in network security?
* Physical * Technical * Administrative
37
What is the primary goal of technical security controls?
To protect data stored on the network and in transit.
38
What is the definition of network security?
A set of rules and configurations designed to protect the integrity, confidentiality, and accessibility of computer networks and data.
39
What are some common signs of a computer virus?
* Slow system performance * Excessive pop-up windows * Self-executing programs * Unauthorized logouts * Device crashes
40
What does a firewall do?
Acts as a barrier between untrusted external networks and trusted internal networks.
41
What is an overwrite virus?
A virus that overwrites file content, potentially damaging or replacing the original program.
42
What is a file infector virus?
A virus that targets executable files and spreads to other programs.
43
What is a boot sector virus?
A virus that infects the boot sector of disks and can damage the system's boot records.
44
What characterizes a polymorphic virus?
It modifies itself to evade detection while infecting systems.
45
What is the function of antimalware software?
To detect and remove new types of malware that antivirus might miss.
46
What should your antivirus software include?
* Real-time scanning * Automatic updates * Removal of threats
47
What does a resident virus do?
It resides in RAM and can infect files even when its originating program is not active.
48
What are the four main concerns of modern cryptography?
* Confidentiality * Integrity * Non-repudiation * Authentication
49
What is a block cipher?
An encryption method that encrypts a block of text using a symmetric key.
50
What is RSA in the context of encryption?
The most widely used form of public key encryption.
51
Fill in the blank: Antivirus software protects against _____ threats.
traditional
52
True or False: Antimalware is designed to supplement antivirus protection.
True.
53
What is the significance of sandboxing in antimalware software?
It allows testing of suspected threats in a controlled environment.
54
What is a multipartite virus?
A virus that can attack both the boot sector and executable files.
55
What is the risk of a network virus?
It replicates itself through shared resources across the network.