Chapter 8 - Cryptography

Question 1

How did Caesar cipher his text?

Answer 1

page 246

He shifted the letters 3 space to the right.

Question 2

What is Substitution Ciphering?

Answer 2

page 246

Where each letter is substituted with another letter

Question 3

What is Transposition Ciphering?

Answer 3

page 247

by changing the order of the group.

Question 4

How does ROT13 ciphering work

Answer 4

page 278

By rotating the letter to the right 13 places

Question 5

What is PKI?

Answer 5

page 278
Public-Key Infrastructure
Is intended to offer a means of providing security to messages and transaction on a grand scale.
Is a two-key, asymmetric with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm) and digital certificates.

Question 6

What is an organization that is responsible for issuing, revoking and distributing certificates.

Answer 6

page 279
Certificate Authority (CA)

Question 7

What is the primary difference between and RA and an LRA?

Answer 7

page 281
LRA can be used to identify to establish the an individual. LRA involves the physical identification of the person requesting a certificate.

Question 8

What is PKIX?

Answer 8

page 266

Public-Key Infrastructure X.509

Question 9

What is PKCS?

Answer 9

page 266

Public-Key Cryptography Standards

Question 10

What is X.509?

Answer 10

page 267
Defines the certificate formats and fields for public keys..
Also defines the procedure that should be used to distribute public keys.

Question 11

What is X.509 v2 for?

Answer 11

page 267

CRL (Certificate Revocation List)

Question 12

What is X.509 v3 for?

Answer 12

page 267

certificate

Question 13

What are Symmetric Algorithms?

Answer 13

page 249

Require both ends of an encrypted message to have the same key and processing algorithm.

Question 14

What is DES?

Answer 14

page 250
Data Encryption Standard
Has been used since the mid 70s.
It was the primary standard used in the government and industry until replaced by AES

Question 15

What is AES?

Answer 15

page 250

Advanced Encryption Standard

Question 16

RAS is named after who?

Answer 16

page 252
Ron Rivest
Adi Shamir
Leonard Adleman

Question 17

What are some Asymmetric Algorithms?

Answer 17

page254

• Diffie-Hellman
• ElGamal
• Elliptic Curve (ECC)
• RSA

Question 18

What three characteristics must Hashing Algorithms have?

Answer 18

page 255

• It must be one-way
• Variable length input produces fixed length output
• The algorithm must have few or no collisions

Question 19

What types of Hashing algorithms should you be familiar with?

Answer 19

page 255

• Secure Hash Algorithm (SHA)
• Message Digest Algorithm (MD)
• RACE Integrity Primitive Evaluation Message Digest (RIPEMD)
• GOST
• LANMAN
• NTLM

Question 20

What is Key Stretching?

Answer 20

page 256

Refers to the process used to take a key that might be a nit weak and make it stronger, usually by making it longer.

Question 21

What methods are there for Key Stretching?

Answer 21

page 256

• PBKDF2 (Password-Based Key Derivative Function 2)
• Bcrypt

Question 22

What some common code breaking methods?

Answer 22

page 257

• Frequency Analysis
• Chosen Plaintext
• Related Key Attack
• Brute Force Attacks
• Exploiting Human Error

Question 23

What are the three most important concepts in Security?

Answer 23

page 259

• Confidentially
• Integrity
• Availibility

Question 24

What is SET?

Answer 24

page 270
Secure Electronic Transaction
Provides encryption for credit card numbers that can be transmitted over the Internet. Visa and MasterCard developed it. SET is most suited fro transmitting small amounts of data.

Question 25

WHat is SSH?

Answer 25

page 271
Secure Shell
A tunneling protocol originally used on Unix systems. SSH can be used in place of the older Remote Shell (RSH) utility that used to be a standard in the Unix world. It can be used in place of rlogin and Telnet.

Question 26

What file name extensions should be allowed?

Answer 26

page 307

• ,doc, .docx
• .pdf
• .txt
• .xls, .xlsx

Question 27

What file extension should not be allowed?

Answer 27

page 307

• .bat
• .com
• .exe
• .hlp
• .pif
• .scr