CIS 473 Final Question Set 3 Flashcards
What does Pretty Good Privacy (PGP) do ?
-Provides a confidentiality and authentication service that can be used for electronic mail and file storage applications
Selected the best available cryptographic algorithms as building blocks
- Integrated these algorithms into a general-purpose application that is independent of operating system and processor and that is based on a small set of easy-to-use commands
- Made the package and its documentation, including the source code, freely available via the Internet, bulletin boards, and commercial networks
- Entered into an agreement with a company to provide a fully compatible, low-cost commercial version of PGP
What is Secure/Multipurpose Internet Mail Extension (S/MIME) ?
Secure/Multipurpose Internet Mail Extension (S/MIME) is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security
What is the traditional e-mail format standard ?
RFC 822
Note: To understand S/MIME, we need first to have a general understanding of the underlying e-mail format that it uses, namely MIME. But to understand the significance of MIME, we need to go back to the traditional e-mail format standard, RFC 822, which is still in common use
What is RFC 5322 ?
- Defines a format for text messages that are sent using electronic mail
- Messages are viewed as having an envelope and contents
- The envelope contains whatever information is needed to accomplish transmission and delivery
- The contents compose the object to be delivered to the recipient
- RFC 5322 standard applies only to the contents
- The content standard includes a set of header fields that may be used by the mail system to create the envelope
What is Multipurpose Internet Mail Extensions (MIME) ?
- An extension to the RFC 5322 framework that is intended to address some of the problems and limitations of the use of Simple Mail Transfer Protocol (SMTP)
- Is intended to resolve these problems in a manner that is compatible with existing RFC 5322 implementations
How can an MIME be secured ?
S/MIME secures a MIME entity with a signature, encryption or both.
- The MIME entity is prepared according to the normal rules for MIME message preparation
- The MIME entity plus some security-related data, such as algorithm identifiers and certificates, are processed by S/MIME to produce what is known as a PKCS object
- A PKCS object is then treated as message content and wrapped in MIME
What do IPsec provide ?
provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet
What are the exmaples in make use of IPsec ?
- Secure branch office connectivity over the Internet
- Secure remote access over the Internet
- Establishing extranet and intranet connectivity with partners
- Enhancing electronic commerce security
In IP security chapter, what are the fucntions of Transport Modes?
- Provides protection primarily for upper-layer protocols•Examples include a TCP or UDP segment or an ICMP packet
- Typically used for end-to-end communication between two hosts
- ESP in transport mode encrypts and optionally authenticates the IP payload but not the IP header
- AH in transport mode authenticates the IP payload and selected portions of the IP header
In IP Security chapter, What are the fuctions of Tunnel Mode ?
- Provides protection to the entire IP packet
- Used when one or both ends of a security association (SA) are a security gateway
- A number of hosts on networks behind firewalls may engage in secure communications without implementing IPsec
- ESP in tunnel mode encrypts and optionally authenticates the entire inner IP packet, including the inner IP header
- AH in tunnel mode authenticates the entire inner IP packet and selected portions of the outer IP header
What are three classes of Intruders ?
- Masquerader
- Misfeasor
- Clandestine user
What is Masquerader ?
•An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account
What is Misfeasor ?
•A legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges
What is Clandestine user ?
•An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection
What are Intrusion Detection Systems (IDSs) and Intrusion prevention Systems (IPSs) ?
- are designed to counter hacker threats
- In addition to using such systems, organizations can consider restricting remote logons to specific IP addresses and/or use virtual private network technology