CyberS C4 Flashcards

1
Q

Explain the concept of cryptology and its application in modern cryptography. Provide examples of historical uses of cryptography

A

Cryptology is the science of creating and breaking secret codes. In modern cryptography, data is stored and transmitted in a way that only the intended recipient can read or process it. Historical uses include messengers encrypting messages in diplomatic circles and military commanders using encryption for secure communication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Differentiate between symmetric and asymmetric encryption algorithms. Provide examples of each type

A

Symmetric algorithms use a pre-shared key for both encryption and decryption, while asymmetric algorithms use different keys for encryption and decryption. Examples of symmetric algorithms include 3DES, IDEA, and AES. Asymmetric algorithms include RSA, Diffie-Hellman, ElGamal, and Elliptic Curve Cryptography (ECC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does private-key encryption work? Provide examples of encryption standards that use symmetric encryption

A

Private-key encryption, a type of symmetric encryption, uses a pre-shared key for both encryption and decryption. Examples of encryption standards using symmetric encryption include 3DES, IDEA, and AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain the process and characteristics of public-key encryption. Provide examples of asymmetric encryption algorithms

A

Public-key encryption, or asymmetric encryption, uses different keys for encryption and decryption. Examples of asymmetric encryption algorithms include RSA, Diffie-Hellman, ElGamal, and Elliptic Curve Cryptography (ECC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the types of access control and their significance in cybersecurity

A

Access control includes physical, logical, and administrative controls. Physical controls prevent unauthorized physical access, logical controls manage access to resources, and administrative controls focus on policies and procedures to enforce access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Differentiate between mandatory access control (MAC) and discretionary access control (DAC). Provide examples of situations where each is applicable

A

MAC restricts actions a subject can perform on an object, while DAC grants or restricts access based on the object’s owner. An example of MAC is an authorization rule determining access to a file. DAC is exemplified when an object owner passes on access permissions to another subject

MAC controls what actions can be done on an object, like a file, while DAC allows the owner to decide who gets access. For instance, MAC decides who can open a file, while DAC lets the owner share access with others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain the importance of identification, authentication, and authorization in access control. Provide examples of authentication methods

A

Identification enforces access rules, authentication verifies a user’s identity, and authorization controls access after authentication. Authentication methods include “What You Know” (passwords), “What You Have” (smart cards), and “Who You Are” (biometrics)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Discuss the concept of data masking and its importance in cybersecurity. Provide techniques used in data masking.

A

Data masking secures data by replacing sensitive information with a non-sensitive version. Techniques include substitution (replacing with authentic values), shuffling (using data from the same column), and steganography (concealing data in another file).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

: What is steganography, and how does it differ from cryptography? Explain the components involved in hiding data using steganography

A

Steganography conceals data in another file without attracting attention, unlike cryptography. Components include embedded data (secret message), cover-text (hides embedded data), and a stego-key (controls the hiding process).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

: Define data obfuscation and provide examples of its application in cybersecurity

A

Data obfuscation makes a message confusing or harder to understand. Examples include scrambling messages to prevent unauthorized access and software watermarking, inserting a secret message as proof of ownership

How well did you know this?
1
Not at all
2
3
4
5
Perfectly