4.3 Security Architecture and Tool Sets Flashcards
what are the two types of ciphers?
block and streaming
what is most commonly used to provide proof of message’s origin?
a digital signature
which key is used to decrypt a digital signature: public or private?
public
which cryptographic technique is based on a combination of two keys: a secret (private) key and a public key?
public-key cryptography
in asymmetric encryption for a digital signature, which key is used for encryption: public or private?
private
what are mandatory vacations?
administrative controls that ensure that employees take vacations at periodic intervals
what are two other names for single-key cryptography?
symmetric key encryption and secret-key encryption
which type of cryptography is more secure: symmetric or asymmetric?
asymmetric
which security measure prevents fraud by reducing the chances of collusion?
separation of duties
what are the three issues that symmetric data encryption fails to address?
data integrity, repudiation, scalable key distribution
to provide checks and balances and to prevent one person from gaining too much power over a system, which type of security policy should you implement?
separation of duties
what is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?
hashing
what is a dual control?
when two operators work together to accomplish a sensitive task
what is segregation of duties?
when a sensitive activity is segregated into multiple activities and tasks are assigned to different individuals to achieve a common goal
what is another name for public-key encryption?
asymmetric encryption
