Chapter 21 Security Flashcards
Why is a key need in encryption?
Key is needed to encrypt code or to decript code
What is Plaintext?
Plaintext is data before encryption
What is Ciphertext?
Ciphertext is the result of applying an encryption algorithm
Which are the main concerns relating to transmission?
Confidentiality Authenticity Integrity Non-repudiation Availability
In encryption what must remain in Public Domain and what must not remain in public domain?
The encryption algorithm must reamain in Public Domain and the Key must remain a secret
What happens in Symmetric key encryption?
Only one key used to encrypt and decrypt
Key is a secret between sender and receiver
What happens in Asymteric encryption?
The receiver sends the encryption key to the sender in order to encrypt the code so that the receiver would be able to decrypt the message
Which are the requirements to ensure condifentiality
Have a complex encryption algorithm and a large number of bits to be used to define the key
What happens in a Digital signiture and what is its disadvantage
Private key is only sent to those whom you want to decyphere the code
The disadvantage is that the digital signature associated with an encryption of the whole message
What happens in a one-way hash function and what does it do?
Recreates form the message sent a number, uniquely defined for the particular message, called ‘digest’.
Speeds up the process confirming the sender’s identity
The process at the sender’s end of the transmission is outlined
At the receivers end the same hash key function is used to have the same digest if there were no alterations
What is TLS and SSL?
TLS Secure Socket Layer protocol is a slightly modified version of SSL Secure Socket Layer protocol.
Provide security in using using the internet
Which are the types of malware and what do they do?
Virus
tries to replicate itself other executable code
Worm
runs independentely and propagates to other network hosts
Logic bomb
lies dormant until some condition is met
Trojan horse
eprlacess all or part of a previously useful program
Spyware
collects information and transmits it to another system
Bot
takes control of another computer and uses it o launch attacks
Which are the the types of malitous activities?
Phishing
sending an email or electronic message from an apparently legitimate source requesting confidential information
Pharming
setting up a bogus website which appears to be a legitimate site
Keylogger
recording keyboard usage by the legitimate user of the system
How can a user introduce a malware inadvertently?
By attaching a portable storage device
By openning an email attachment
By accessing a website
By downloading a file from the internet