Confidentiality Flashcards
Technology that supports confidentiality
Firewall, encryption
DES
Data Encryption Standard
Symmetric, Weak, 56-bit key
3DES
Tripe DES
Symmetric, Strong, three 56-bit (168-bit) keys
AES
Advanced Encryption Standard
Symmetric, Preferred, 128/192/256-bit key options
Symmetric Encryption
Same key used by sender and receiver. Faster than asymmetric encryption
Asymmetric Encryption
Better security/slower than symmetric encryption. Not used for large quantities of real-time data.
RSA
Invented by Rivest, Shami, and Adleman
Assymmetric, used with PKI
PKI
Public Key Infrastructure
uses digital certificates and CA
CA
Certificate Authority
Packet Capture
Packets captured using NIC placed in promiscuous mode. Protocols that send plan text are vulnerable (Telnet, HTTP)
Ping sweep / port scan
Reconnaissance Attacks Ping sweep finds network resources that are reachable. Range of ports scanned to find which services are available.
Dumpster Diving
Rummaging through dumpsters to find confidential information that wasn’t properly shredded
EMI
Electromagnetic Interference
Attackers intercept EMI emissions (emanations).
Tempest rooms keep emanations contained.
Wiretapping
Eavesdropping on a physical cable
MitM
Man-in-the-Middle
Attacker in between two devices communicating. Used with spoofing.