CIS 473 Final Question Set 1 Flashcards

1
Q

What is Authenticity?

A

Verifying that users are who they say they are and that each input arriving at the system came from a trusted source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the security goal ofAccountability?

A

The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What isConfidentiality ?

A

Preserve authorized restrictions on information accessand disclosure, including means for protecting personal privacy and proprietaryinformation.A loss of confidentiality is the unauthorized disclosure ofinformation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What isIntegrity ?

A

Guard against improper information modification or destruction,including ensuring information nonrepudiation and authenticity.A loss ofintegrity is the unauthorized modification or destruction of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Availability ?

What is the consequence of loss in availability ?

A

Ensure timely and reliable access to and use of information.
A loss of availability is the disruption of access to or use of information or aninformation system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the Passive Attacks ?

A

Passive attacks are in the nature of eavesdropping on, or monitoringof, transmissions. The goal of the opponent is to obtain information that is beingtransmitted. Two types of passive attacks are the release of message contents andtraffic analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are Active Attacks ?

A

Active attacks involve some modification of the data stream or thecreation of a false stream and can be subdivided into four categories: masquerade,replay, modification of messages, and denial of service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Access Controls ?

What is its goal ?

A

is ability to limit and control the access to host systems and applications via communication links.To achieve this, each entity trying to gain access must first be indentified, or authenticated, so that access rights can be tailored to the individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the functions of Nonrepudition ?

A

prevents either sender or receiver from denying a transmitted message.Thus, when a message is sent, the receiver can prove that the alleged sender infact sent the message. Similarly, when a message is received, the sender can provethat the alleged receiver in fact received the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is Cryptanalysis ?

A

is an encryption scheme is computaionally secure if the ciphertext generated by the scheme meets one or both of the following cirteria.

  • The cost of breaking the cipher exceeds the value of the encrypted information.
  • The time required to break the cipher exceeds the useful lifetime of the information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Cryptography ?

A

the study of encryption principles/methods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Cryptology ?

A

field of both cryptography and cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the two requirements for secure use of symmetric encryption?

A
  • a strong encryption algorithm

* sender and reciever must have obtained copies of secret key in a secure fashion and must keep the key secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does the Block Ciphers do?

A

a block cipher processes the plaintext input in fixed-sized blocks and produces a block of ciphertext of equal size for each plaintext block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the three most important symmertric block ciphers ?

A
  • Data Encryption Standard (DES)
  • Triple DES (3DES)
  • The Advanced Encryption Standard (AES)Note: AES > 3DES > DES
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Data Encryption Standard (DES) ?

A
  • Most widely used encryption shceme

* The algorithm itself is referred to as the the Data Encryption Algorithm (DEA)

17
Q

What is the description of DES algorithm ?

A
  • Plaintext is 64 bits in length
  • Key is 54 bits in length
  • There are 16 rounds of processing
  • Process of decryption is essentially thesame as the encryption process
18
Q

What is developmet of 3DES?

A
  • 3DES uses three keys and three executions of the DES algorithm.
  • With three distinct keys, 3DES has an effective key length of 168 bits.
19
Q

What are the characteristics of Advanced Encryption Standard (AES) ?

A
  • Should have a security strength equal to or better than 3DES and significantly improved efficency
  • Must be a symmertric block cipher with a block length of 128 bits and support for key lengths of 128, 192, and 256 bits
  • Evaluation criteria included security, computational efficiency, memory requirments, hardware and software suitablility, and flexibility.
20
Q

what kinds of application that make use of Random and Psedoran Numbers?

A

A number of network security algorithms based on crpytography make use of random numbers. Generation of keys for the RSA public-key encryption algorithmand other public-key algorithms. Generation of a stream key for symmetric stream cipher Generation of a symmetric key for use as a temporary session key. This functionis used in a number of networking applications, such as Transport LayerSecurity

21
Q

what are the important design considerations forthe stream cipher work ?

A
  • a typical stream cipher encrypts plaintext one byte at a time
  • The encryption sequence should have a large period
  • The keystream should approximate the properities of a true random number stream as close as possible
  • The pseudorandom number generator is conditioned on the value of the input key
22
Q

What are the characteristics of RC4 Algorithem?

A
  • It is a variable key-size stream cipher with byte-oritented operations
  • The algorithm is baesd on the use of a random permutation
  • is used in the Secure Sockets Layer/Transport Layer Security (SSL/TLS) standards that have been defined for communication between Web broswers and servers
23
Q

What is Cipher Block Modes of Operation ?

A

A symmetric block cipher processes one block of data at a time
* In the case of DES and 3 DES, the block length is b = 64 bits For AES, the block length is b =128 bits For longer amounts of plaintext, it is necessary to break the plaintext into b-bit blocks, padding the last block if neccessary

24
Q

What are the five modes that related Cipher Block Modes of Operation?

A

Five modes of operation have been defined by NIST Intended to cover virtually all of the possible applications of encryption for which a block cipher could be used
* Intended for use with any summetric block cipher, including 3DES and AES

25
Q

What is the Electric Codebook Mode (ECB) ?

A

Plaintext is handled bbits at a time and each block of plaintext is encrypted using the same key The term “codebook” is used because, for a given key, there is a unique ciphertext for every b-bit block of plaintext•
* One can imagine a gigantic codebook in which there is an entry for every possible b-bit plaintext pattern showing its corresponding ciphertext