1.4.2 Security - Storing and Transmitting Data Flashcards

1
Q

What is a firewall?

A
  • A firewall can be software (installed on pc) or hardware (on router)
  • It helps prevent unauthorised access to a network or device
  • Checks incoming and outgoing data/traffic meets specific criteria
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain how a firewall works

A
  • Checks incoming and outgoing data/traffic meets specific criteria
  • Acts as a filter for incoming and outgoing traffic
  • Keeps a log of activity e.g. website requests
  • Blocks unacceptable data and allows acceptable data through e.g.
    • … certain websites (IP addresses) can be blocked
    • … prevent malware can be blocked
    • … certain ports can be blocked
    • … can prevent hackers accessing the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Firewalls … True or False?

  • Firewalls are only available as hardware devices
  • Firewalls allow a user to set rules for network traffic
  • Firewalls will automatically stop all malicious traffic
  • Firewalls only examine traffic entering a network
  • Firewalls encrypt all data transmitted on a network
  • Firewalls can be used to block access to certain websites
A

Firewalls are only available as hardware devices (False)
Firewalls allow a user to set rules for network traffic (True)
Firewalls will automatically stop all malicious traffic (False)
Firewalls only examine traffic entering a network (False)
Firewalls encrypt all data transmitted on a network (False)
Firewalls can be used to block access to certain websites (True)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain how a a proxy server can act as a firewall.

A
  • Prevents direct access to a web server
  • Used to direct invalid traffic away from the webserver
  • Examines and filters traffic
  • Rejects requests for data from the web server if invalid
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

State some functions of a proxy server

A
  • Caches websites (fast - no need to reconnect )
  • Used to hide the user IP address
    • Requests are anonymous
    • Requests/responses are passed through the proxy server
  • Firewall: Can filter outgoing/incoming requests for data e.g. Sensornet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Encyption: What is plain text?

A

Message data before it is encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Encyption: What is cipher text?

A

Message data after it has been encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the process of encryption

A
  • An encryption algorithm is used
    • … to scramble the data (make it not understandable)
  • The original data is called the plain text
  • A key is used to encrypt the data
  • The key is applied to the plain text
  • Plain text is encrypted into cipher text
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the process of decryption

A
  • An algorithm is used to decrypt the text
  • The encrypted data is called the cipher text
  • A key is used to decrypt the data
  • The key is applied to the cypher text
  • Cypher text is encrypted into plain text
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the main uses of encryption?

A
  • To store information securely
  • To transmit messages securely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why do we use encryption?

A

To make data meaningless if intercepted or stolen

It does not stop it from being stolen!!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe symmetric encyption

A
  • Symmetric encryption uses …
    • an encryption algprithm and
    • a single shared key
  • The same key is used to encrypt and decrypt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe the problem associated with symmetric encryption

A
  • When sending symmetrically encrypted data …
    • the key must be sent seperately to the cipher text
  • If the key is intercepted when being transmitted it is …
    • easy to decrypt cipher text with the algorithm and the key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data is encrypted using a 64 bit key. How can we improve the security of the encryption.

A
  • Increasing the length (number of bits) of the key e.g. 8 bit to 64 bit
    • …means there are more possible combinations for the key
    • …and less chance of decryption by bruteforce
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe asymmetric encryption

A
  • Asymetric encryption (also known as public key encryption) uses
    • an encryption algorithm and
    • a public key and
    • a private key
  • Everyone has their own public and private key
    • Private key is kept secret, public key is freely available
  • A message encrypted with a public key
    • … can only be decrypted
    • … with a private key
  • A message encrypted with a private key
    • … can only be decrypted
    • … with a public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a disadvantage of asymmetric encrption?

A

Slower than symetric encryption and decryption

17
Q

Asymetric encryption can be used to pass symmetric keys securely. Explain the stages of this process.

A
  • The sender (User A) applies a symrnetric key to encrypt the message
  • The symmetric key is then encrypted by the sender (User A) using the public key of the receiver (User B)
  • The sender (User A) sends the encrypted message and encrypted key over the internet
  • The receiver (User B) decrypts the symmetric key by using their own private key
  • The decrypted symmetric key is now used to decrypt the message sent by user A
18
Q

What is SSL and TLS?

A
  • SSL = secure socket layer
  • TLS = transport layer security
  • They are both security protocols
  • Both are used to encrypt data
    • … to provide a secure connection
    • … for the transmission of personal data
19
Q

TLS and SSL have 2 layers. What are they?

A
  • Handshake layer - exchanges information
  • Record Layer - handles data and encryption
20
Q

How is TLS different to SSL?

A
  • TLS is the updated version of SSL
  • TLS is more secure than SSL
  • TLS allows for session caching - to connect quicker
  • TLS can be extended by adding new authentication methods
21
Q

How do we know TLS or SSL is being used in a browser?

A
  • Protocol being used is https
  • Padlock icon is locked
  • You can view the website certificate
22
Q

How does SSL/TLS work when a browser requests a connection to a web server?

A
  • Browser requests web server to identify itself
  • Web server sends its digital certificate to the brwoser
  • Browser authenticates the digital certificate
    • … which contains the websites public key
  • Once authenticated a connection is established…
    • The browser uses the public key to encrypt and send a symmetric session key
    • The web server decrypts the symmetric session key with its private key
    • The symmetric session jey is then used to transmit data securely
  • If not authenticated …
    • .. a warning message is shown
    • .. open padlock is shown
23
Q

Where is SSL/TLS used?

A
  • cloud storage
  • video conferencing
  • gaming
  • email
  • shopping
  • banking
24
Q

What is authentication?

A
  • Authentication is used to verify data …
    • … comes from a tr_____ source
25
Q

What is a hashing algorithm?

A
  • Plain text is passed to a hashing algorithm …
    • … which generates some hashed text
  • The process is one-way
    • … you cannot calculate plain text from the hashed text
  • The process is repeatable
    • .. you always get the same hashed text from the plain text
26
Q

What are Digital Signatures?

A
  • A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a unique signature (like a finger print)
  • Based on asymmetric encryption
  • Used to authenticate an electronic document
  • Uses a hashing algorithm
27
Q

How are digital signatures used?

A
  • The message (data file) is put through a hashing algorithm (function) to generate a hash (text)
  • The generated hash (text) is encrypted with the senders private key to get a digital signature
  • The message and digital signature are sent to the receiver over the internet
  • The receiver puts the message through the same hash algorithm to generate its own hash (text)
  • The digital signature is decrypted using the senders public key to get the original hash (text)
  • The original hash (text) is compared to the receivers calculated hash (text)
  • If the hashes are the same then the it is verified and has not been altereted