1.4.2 Security - Storing and Transmitting Data Flashcards
What is a firewall?
- A firewall can be software (installed on pc) or hardware (on router)
- It helps prevent unauthorised access to a network or device
- Checks incoming and outgoing data/traffic meets specific criteria
Explain how a firewall works
- Checks incoming and outgoing data/traffic meets specific criteria
- Acts as a filter for incoming and outgoing traffic
- Keeps a log of activity e.g. website requests
- Blocks unacceptable data and allows acceptable data through e.g.
- … certain websites (IP addresses) can be blocked
- … prevent malware can be blocked
- … certain ports can be blocked
- … can prevent hackers accessing the network
Firewalls … True or False?
- Firewalls are only available as hardware devices
- Firewalls allow a user to set rules for network traffic
- Firewalls will automatically stop all malicious traffic
- Firewalls only examine traffic entering a network
- Firewalls encrypt all data transmitted on a network
- Firewalls can be used to block access to certain websites
Firewalls are only available as hardware devices (False)
Firewalls allow a user to set rules for network traffic (True)
Firewalls will automatically stop all malicious traffic (False)
Firewalls only examine traffic entering a network (False)
Firewalls encrypt all data transmitted on a network (False)
Firewalls can be used to block access to certain websites (True)
Explain how a a proxy server can act as a firewall.
- Prevents direct access to a web server
- Used to direct invalid traffic away from the webserver
- Examines and filters traffic
- Rejects requests for data from the web server if invalid
State some functions of a proxy server
- Caches websites (fast - no need to reconnect )
- Used to hide the user IP address
- Requests are anonymous
- Requests/responses are passed through the proxy server
- Firewall: Can filter outgoing/incoming requests for data e.g. Sensornet
Encyption: What is plain text?
Message data before it is encrypted
Encyption: What is cipher text?
Message data after it has been encrypted
Describe the process of encryption
- An encryption algorithm is used
- … to scramble the data (make it not understandable)
- The original data is called the plain text
- A key is used to encrypt the data
- The key is applied to the plain text
- Plain text is encrypted into cipher text
Describe the process of decryption
- An algorithm is used to decrypt the text
- The encrypted data is called the cipher text
- A key is used to decrypt the data
- The key is applied to the cypher text
- Cypher text is encrypted into plain text
What are the main uses of encryption?
- To store information securely
- To transmit messages securely
Why do we use encryption?
To make data meaningless if intercepted or stolen
It does not stop it from being stolen!!
Describe symmetric encyption
- Symmetric encryption uses …
- an encryption algprithm and
- a single shared key
- The same key is used to encrypt and decrypt
Describe the problem associated with symmetric encryption
- When sending symmetrically encrypted data …
- the key must be sent seperately to the cipher text
- If the key is intercepted when being transmitted it is …
- easy to decrypt cipher text with the algorithm and the key
Data is encrypted using a 64 bit key. How can we improve the security of the encryption.
- Increasing the length (number of bits) of the key e.g. 8 bit to 64 bit
- …means there are more possible combinations for the key
- …and less chance of decryption by bruteforce
Describe asymmetric encryption
- Asymetric encryption (also known as public key encryption) uses
- an encryption algorithm and
- a public key and
- a private key
- Everyone has their own public and private key
- Private key is kept secret, public key is freely available
- A message encrypted with a public key
- … can only be decrypted
- … with a private key
- A message encrypted with a private key
- … can only be decrypted
- … with a public key