Chapter 07: Cryptography and the Public Key Infrastructure Flashcards
Which of the following is a Cryptography goal (select all that apply)?
a. Confidentiality
b. Integrity
c. Availability
d. Denial
a. Confidentiality
b. Integrity
Which of the following is not a cryptography goal?
a. Confidentiality
b. Availability
c. Nonpedudiation
d. Authentication
b. Availability
A ______ is a method used to scramble or obfuscate characters to hide their value.
Cipher
Name two primary types of nonmathematical cryptography.
Transposition and Substitution.
A ________ is a type of coding or ciphering system that changes one character or symbol into another.
Substitution cipher
A _______ has multiple substitution alphabets for the same message.
Polyalphabetic substitution ciphers
Which category does Vigenere cipher fit?
Polyalphabetic Substitution
Which category does Caesar cipher fit?
Substitution Cipher
Which category does Columnar cipher fit?
Transposition Cipher
A _____ involves scrambling the letters in a certain manner. Typically, a message is broken into blocks of equal size and then scrambled.
Transposition cipher
The ________ was created by the German government during WW2 to provide secure communications between military and political units.
Enigma Machine
_______ is the art of using cryptographic techniques to embed secret messages within another file.
Steganography
______ use a shared secret key available to all users of the cryptosystem.
Symmetric Cryptosystems
_____ uses individual combinations of public/private keys for each user of the system.
Asymmetric Cryptosystems
How does obfuscation differ from confidentiality?
Obfuscation is the practice of making it intentionally difficult for humans to understand how code works.
The recipient of the message simply verifies that the message’s ___________ is valid, ensuring that the message was not altered in transit.
digital signature
_______ verifies the claimed identity of system users.
Authentication
________ provides assurance to the recipient that the message was originated by the sender and not someone masquerading as the sender.
Nonrepudiation
Before a message is put into coded form, it is in _________.
Plain Text, represented by P in encryption algorithms.
The sender of a message uses cryptographic algorithm to encrypt the plain-text message and produce a __________.
cypher text message
The _______ is that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.
Kerchoff
What is another name for cryptographic keys.
Cryptovariables
_______ is the study of methods to defeat codes and ciphers.
Cryptanalysis
Specific implementations of code or cipher in hardware and software are known as ___________.
Cryptosystems
Modern ciphers fit into 2 major categories. Name them.
Block Ciphers
Stream Ciphers
_______ operate on chunks of a message and apply the encryption algorithm to an entire message chunk at the same time.
Block Ciphers
______ operate on one character or bit of a message at a time.
Stream Ciphers
Name 5 modes of DES.
- Electronic Cookbook (ECB) mode
- Cipher Block Chaining (CBC) mode
- Cipher Feedback (CFB) mode
- Output Feedback (OFB) mode
- Counter (CTR) mode
DES uses a ______ key.
56 bit
The simplest and least secure. Each time the algorithm processes a 64-bit block, it simply encrypts the block using the chosen secret key.
a. Electronic Cookbook (ECB) mode
b. Cipher Block Chaining (CBC) mode
c. Cipher Feedback (CFB) mode
d. Output Feedback (OFB) mode
e. Counter (CTR) mode
a. Electronic Cookbook (ECB) Mode
In ________ mode, each block of unencrypted text is combined with the block of cipher text immediately preceding it before it is encrypted with DES algorithm. This mode also uses an Initialization Vector.
a. Electronic Cookbook (ECB) mode
b. Cipher Block Chaining (CBC) mode
c. Cipher Feedback (CFB) mode
d. Output Feedback (OFB) mode
e. Counter (CTR) mode
b. Cipher Block Chaining (CBC) mode
Which authentication framework is commonly used for wireless networks?
EAP
______ is an authentication protocol designed to provide more security than protocols like PAP. This authentication protocol uses an encrypted challenge and three way handshake to send credentials.
CHAP
What is the name of Microsoft’s authentication protocol which is meant to be alternative of CHAP?
MS-CHAP
_______ is a password-centric authentication protocol that was commonly used with the Point-to-Point (PPP) protocol.
Password Authetentication protocol
Which authentication protocol is one of the most common for Authentication, authorization, and accounting systems for network devices, wireless networks, and other services. This protocol sends passwords that are obfuscated by a shared secret and MD5 hash.
RADIUS
Which IEEE standard includes NAC.
802.1X
______, is a cisco designed extension. It uses tcp traffic to provide AAA services and provides full packet encryption as well as granular command controls, allowing individual commands to be secured as needed.
TACACS+
_____ designed to operate on untrusted networks and uses authentication to shield its authentication traffic. The users are composed of three main elements: the primary, the instance, and the realms.
Kerberos
