Chapter 11: Securing TCP/IP Flashcards
Plaintext/Cleartext
Data that is in an easily read or viewed format
Symmetric-Key Algorithm
Any encryption method that uses the same key for both encryption and decryption.
Assymetric-Key Algorithm
Any encryption method that uses different keys for encryption and decryption.
Block Cipher
- An encryption algorithm in which data is encrypted in “chunks” of a certain length at a time.
- Popular in wired networks
Stream Cipher
An encryption method that encrypts a single bit at a time.
Rivest Cipher 4 (RC4)
Was the dominant stream cipher for a time, but now is not.
Advanced Encryption Standard (AES)
A block cipher that uses a 128-bit block size and 128, 192, or 256 bit key size.
What is the most popular form of email encryption?
Public-Key Cryptography
Rivest Shamir Adleman (RSA)
An improved asymmetric cryptography algorithm that enables secure digital signatures.
IPsec
The Network layer encryption protocol.
Integrity
The process that guarantees that the data received is the same as originally sent.
Secure Hash Algorithm (SHA)
The primary family of cryptographic hash functions.
Two unsafe algorithms
SHA-1 and Message-Digest Algorithm version 5 (MD5)
Nonrepudiation
The receiver of info has a very high confidence that the sender of a piece of info truly is who the receiver thinks.
Digital Signature
An encrypted hash of a private encryption key that verifies a sender’s identity to those who receive encrypted data or messages.
Certificate
A standardized type of digital signature that includes the digital signature of a third party (like GoDaddy) that guarantees that who is passing out this certificate truly is who they say they are.
Public-Key Infrastructure (PKI)
The system for creating and distributing digital certificates using sites like GoDaddy, VeriSign, etc.
Authentication
The process of positively identifying users trying to access data.
Authorization
Defines what an authenticated user can do with data.
Network Access Control (NAC)
Control over information, people, access, machines, and everything in between
Access Control List (ACL)
A clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource
Mandatory Access Control (MAC)
Authorization method in which every resource is assigned a label that defines its security level.
Discretionary Access Control (DAC)
Authorization method based on the idea that there is an owner of a resource who may at his or her discretion assign access to that resource.
Role-Based Access Control (RBAC)
Authorization method that defines a user’s access to a resource based on the roles the user plays in the network environment.
Point-to-Point Protocol (PPP)
Enables two point-to-point devices to connect, authenticate, and negotiate the network protocol the two devices will use.