General Security 3 Flashcards

1
Q

Which ways are there to transfer Keys

A

Out-of-Band key exchange
* Not sent over net
* Courier, Telephone, in-person

In-Band key exchange
* Exchange on network
* Additional encryption of key
* Use of asymetric encryption to deliver symmetric key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How to encrypt/decrypt in real time?

A
  1. Client - Server want to communicate
  2. Client creates symmetric key
  3. Client uses servers public key to encrypt symmetric key
  4. Client sends encrypted symmetric key to server
  5. Server decrypts symmetric key with own private key
  6. Symmetric key is now session key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How to get symmetric keys from asymetric keys?

A
  • Use public and private key cryptography to create a symmetric key
  1. Bob combines his private key with
    Alice’s public key to create a symmetric key
  2. Alice combines her private key with
    Bob’s public key to create the same symmetric key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a TPM?

A

Trusted Platform Module
* Specialized cryptographic hardware processor
* Random number generator, key generators
* Persistent memory: Unique keys burned in
* Versatile memory: Storage keys, hardware configuration information
* Password protected (Can not be Brute Forced)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Hardware Security Module?

A
  • Used in large environments
  • High-end Cryptographic Hardware
  • Key-backup: secure storage in hardware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a Key management System?

A
  • Centralized System to manage keys
  • Also seperates keys from Data intended to protect
  • Associates keys with specific users
  • Rotate keys on regular intervals
  • Log key use and important events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Secure Enclave?

A
  • Protected area storing especially sensitive information
  • Often omplemented as hardware processor / Chip
  • Isolated from main processor

Features:
* Has its own boot ROM
* Monitors system Boot process
* True random number generator
* Real-time memory encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are common Stenography Techniques?

A

Network Based
* Embedded message inside TCP packets

  • Image
  • Audio Stenography
  • Video Stenography
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Tokenization?

A
  • Replace sensitive Data with a non-sensitive placeholder
  • Example: Credit Card Processing
  • Original Data and token are not mathematically related
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Data Masking?

A
  • Hiding parts of the original data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly