6 Flashcards

1
Q

What encryption does?

A

Protects data from prying eyes by putting it in a secret code (cipher text)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What decryption does?

A

Converts the ciphertext into plaintext using a key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Give example of encryption:

A

Caesar cipher, One-time Pad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What Steganography does?

A

Hides sensitive information inside other information, it prevents the message from being found.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the best practice related to encryption?

A

Using a scheme/algorithm that is open & published. ONLY keep the key secret!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Two types of Cryptography:

A

Symmetric & Asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe symmetric cryptography.

A

Encrypts & decrypts with the same key (kept secret).
AES standard, mature, reliable & widely used.
It provides secrecy & authenticity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How any encryption can be attacked?

A

By brute force.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Applications of symmetric encryption are…

A

HTTPS, Disk Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe asymmetric cryptography.

A

It uses two keys, a private key (kept secret) to decrypt/encrypt and a public key (can be shared) to encrypt/decrypt which are mathematically linked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Applications of asymmetric encryption are…

A

Digital Signature
Bitcoin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is end-to-end encrypted?

A

Message is encrypted when it leaves your phone & decrypted only on your friend’s end. The service provider sees gibberish.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does a VPN do?

A

Mask your IP adress with an IP adress in a foreign location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What’s a hash?

A

Mathematical function that takes in a plaintext, returns random-looking information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Sensitive information is “hashed” means:

A

turned into random-looking information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Describe multi-factor authentication. Add examples.

A

Knowledge (something you know, ex: password)
Posession (something you have, ex: device)
Bio-metric (something you are, ex: fingerprint, retina scan…)

17
Q

What’s phising?

A

Someone tricks you into typing your password into a “bad guy” site, so the “bad guy” gets your password.

18
Q

What’s the counter to phising?

A

Always check the URL, and verify whom you give information to.

19
Q

Give an example of “phising” in real life.

A

Fake ATM Machine, it prints error message, but records card details & PIN.

20
Q

How do we know if a web is secure?

A

It starts with HTTPS (S stands for secure).
It has the padlock icon.
Verify the URL.

21
Q

Which are the two main purposes of secure web communication?

A

Domain Verification: prevents phising via domain identification.
Data Encryption: safeguards transmitted data from interception.

22
Q

How do we name a specially crafted & sophisticated attack against a specific person?

A

Atypical Spear Phising Case

23
Q

Typical attacks are…

24
Q

A bulk is…

A

when million of generic attacks are sent

25
What's a dictionary attack? Is it effective?
When you try every known password. It fails mostly, but works some percentage of the time.
26
What do we need to have a stronger password?
Longer, more characters, not a word or pun.
27
What is cracking passwords?
Typing to decrypt the stolen passwords, many per second.
28
Name the counters of cracking.
Programmers can build in a short delay, so it takes longer to try passwords. Programmers can limit the number of attempted logins. Make your password unique and long. Two-Factor-Authentication.
29
What's 2FA?
Two-Factor-Authentication.
30
Which are the options to have a second thing to log in?
SMS OTP generator App (like Microsoft Authenticator, Apple Password) U2F (Apple Passkey)
31
Which are the issues with SMS based 2FA?
Bad guys could trick your mobile provider: FTC's lead Technologist gets hacked. Phising Malware on phone
32
What's the future of 2FA?
U2F, so the device acts as the 2nd factor (apple passkeys, google passkeys)
33