Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SSCP > Chapter 14 - Cryptography > Flashcards

Chapter 14 - Cryptography Flashcards

1
Q

Define an encryption algorithm?

A

A mathematical process that converts plaintext data into ciphertext data - often published to peer review their strength and validity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Symmetric Encryption?

A

Data is encrypted and decrypted with the same key value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Asymmetric Encryption?

A

Data is encrypted and decrypted using two different keys, typically a public key and a private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Cryptographic System?

A

A system that includes all the necessary resources to support a particular method of encryption/decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Cryptanalysis?

A

The study of cryptography in attempt to discover their strengths and weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is hashing?

A

A one-way mathematical encryption method that converts a file into a hash to check for its integrity.

A hash of the same file will always be the same.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are examples of broken hashing algorithms that should not be used due to vulnerabilities?

A

MD5 (128-bit)

SHA-1 (160-bit)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the different bits that SHA-2 can produce?

A

224
256
384
512

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What algorithms does SHA-3 use?

A

Keccak algorithms

producing 224, 256, 384, 512 bit hashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a commonly used symmetric encryption algorithm?

A

AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Block Stream Cipher?

A

Data is encrypted in defined fixed-length blocks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Stream Cipher?

A

Data is encrypted in a stream rather than encrypting blocks of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a PKI?

A

Public Key Infrastructure is used to create, manage, distribute, use, store and revoke digital certificates used in public key encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is RSA?

A

Rivest, Shamir and Adleman

RSA is a very popular type of asymmetric encryption using large prime numbers to create secure matching public and private keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is used to secure HTTPS and VPN traffic?

A

TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does TLS use both symmetric and asymmetric encryption?

A

Asymmetric to share the session key.

Symmetric data to encrypt the session data.

17
Q

What are TLS/SSL decryptors?

A

TLS/SSL decryptors are placed between client and server to detect any malicious activity.

Client — TLS session —> TLS decryptor — TLS session —> Server
Client <— TLS session — TLS decryptor <— TLS session — Server

The TLS decryptor will receive unencrypted data that can then be analysed by various detective methods such as AV, DLP etc.

18
Q

What function does Diffie Helman serve?

A

Diffie Helman is a key exchange protocol that allows the sharing of keys over a public network.

19
Q

What is Elliptic Curve Cryptography (ECC)?

A

ECC uses mathematically defined curves to create public and private keys.

Less resource and computation intensive as it can use smaller-bit size keys.

Employed in smaller mobile devices.

20
Q

What is the standard used when encrypting and digitally signing e-mails?

A

S/MIME

Secure Multipurpose Internet Mail Extensions

21
Q

What is a digital signature?

A

A digital signature is an encrypted hash of a message.

message > hashed > encrypted

A Digital Signature Algorithm (DSA) creates digital signatures.

22
Q

How do digital signatures work in emails?

A
  1. Sender hashes their message and encrypts this with their private key.
  2. The encrypted has is then sent to the recipient along with the message.
  3. Recipient retrieves the sender’s public key via their certificate.
  4. The encrypted hash is then decrypted using the sender’s public key
  5. Hash comparison can now be compared.

Authentication - proof that the sender sent the email as the encrypted hash was decrypted by the sender’s public key.

Integrity - Hashes can be compared to test for integrity

Non-Repudiation - only the sender has the private key

23
Q

How does DKIM prevent email spoofing?

A

Organizations publish DKIM DNS records.

Each email sent out by the organization includes their DKIM signature.

Recipient can look up the published DKIM DNS record to see if attached DKIM signature matches.

If they match, the email is confirmed to have originated from that organization.

24
Q

What is DMARC?

A

DMARC is used in addition to DKIM or SPF.

DMARC contains instructions as to what to do when a spoofed email is received.

25
Q

What is SPF?

A

Sender Policy Framework allows organizations to define which IP addresses (Email servers) are allowed to send emails for their organizational domain.

SPF is published and can be looked up to check the validity of an email.

Google will publish a list of IP addresses (email servers) that can send gmail emails.

SSCP (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions