IA 2 - CISCO 4 Flashcards
- science of making and breaking secret codes.
- a way to store and transmit data so only the intended recipient can read or process it.
- Modern ——– uses computationally secure algorithms to make sure that cyber criminals cannot easily compromise protected information.
Cryptography
process of scrambling data so that an unauthorized party cannot easily read it.
Encryption
When enabling encryption, readable data is
cleartext
over the centuries, various cipher methods, physical devices, and aids encrypted and decrypted text
- scytale
- caesar cipher
- vigenere cipher
- enigma machine
while the encrypted version is
encrypted
– letters are rearranged
transposition
Each encryption method uses a specific algorithm, called
cipher
there are several methods of creating ciphertext:
- Transposition
- Substitution
- One-time pad
– letters are replaced
Substitution
Two Types of Encryption
- symmetric algorithm
- asymmetric algorithm
plaintext combined with a secret key creates a new character, which then combines with the plaintext to produce ciphertext
One-time pad
- These algorithms use the same pre-shared key, sometimes called a secret key pair, to encrypt and decrypt data.
- Both the sender and receiver know the pre-shared key before any encrypted communication begins.
- algorithms use the same pre-shared key to encrypt and decrypt data, a method also known as private-key encryption.
Symmetric algorithms
use one key to encrypt data and a different key to decrypt data. One key is public and the other is private.
Asymmetric algorithms
The most common types of cryptography are
- block cipher
- stream cipher
- transform a fixed-length block of plaintext into a common block of ciphertext of 64 or 128 bits.
- usually result in output data that is larger than the input data, because the ciphertext must be a multiple of the block size.
block cipher
- encrypt plaintext one byte or one bit at a time
- the transformation of these smaller plaintext units varies, depending on when they are encountered during the encryption process.
- faster than block ciphers, and generally do not increase the message size, because they can encrypt an arbitrary number of bits.
stream cipher
Some of the common encryption standards that use symmetric encryption include the following
- 3DES
- IDEA
- AES
- encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits
3DES - Digital Encryption Standard
The 3DES encryption cycle is as follows:
- Data encrypted by first DES
- Data decrypted by second DES
- Data re-encrypted by third DES
performs eight rounds of transformations on each of the 16 blocks that results from dividing each 64-bit block.
IDEA - International Data Encryption Algorithm
- fixed block size of 128-bits with a key size of 128, 192, or 256 bits.
- strong algorithm that uses longer key lengths.
AES - Advanced Encryption Standard
also called public-key encryption, uses one key for encryption that is different from the key used for decryption
Asymmetrical Encryption
The asymmetric algorithms include:
- RSA
- Diffie-Hellman
- ElGamal
- Elliptic Curve Cryptography (ECC)
- uses the product of two very large prime numbers with an equal length of between 100 and 200 digits.
- Browsers use this to establish a secure connection.
RSA (Rivest-Shamir-Adleman)
- provides an electronic exchange method to share the secret key. Secure protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Shell (SSH), and Internet Protocol Security (IPsec), use this.
Diffie-Hellman
- uses the U.S. government standard for digital signatures.
- This algorithm is free for use because no one holds the patent.
ElGamal
includes the generation, exchange, storage, use, and replacement of keys used in an encryption algorithm.
Key management
uses elliptic curves as part of the algorithm. In the U.S., the National Security Agency uses ECC for digital signature generation and key exchange.
Elliptic Curve Cryptography (ECC)
Two terms used to describe keys are:
- key length
- keyspace
his is the number of possibilities that a specific key length can generate.
keyspace
Also called the key size, this is the measure in bits.
key length
Four protocols use asymmetric key algorithms
- Internet Key Exchange
- SSL
- SSH
- Pretty Good Privacy
which is a means of implementing cryptography into a web browser.
Secure Socket Layer (SSL)
which is a computer program that provides cryptographic privacy and authentication to increase the security of email communications.
Pretty Good Privacy (PGP)
which is a protocol that provides a secure remote access connection to network devices.
Secure Shell (SSH)
which is a fundamental component of IPsec Virtual Private Networks (VPNs).
Internet Key Exchange (IKE)
are actual barriers deployed to prevent direct contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets.
Physical Access Controls
Examples of physical access controls
- fences
- guard dogs
- laptop locks
- security cameras
- swipe cards
- are the hardware and software solutions used to manage access to resources and systems.
- These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accountability.
LOGICAL ACCESS CONTROL
logical access controls include the following:
- encryption
- smart card
- password
- biometrics
- ACL
- protocol
- router
- ids
- firewall
- clipping levels
- are the policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access.
- focus on personnel and business practices
administrative access control
Administrative controls include the following
- policies
- procedures
- hiring practices
- background checks
- data classification
- security training
- reviews
- restricts the actions that a subject can perform on an object.
- A subject can be a user or a process.
- An object can be a file, a port, or an input/output device.
- An authorization rule enforces whether or not a subject can access the object.
- restricts a subject based on the security classification of the object and the label attached to the user.
Mandatory Access Control
- rants or restricts object access determined by the object’s owner.
- As the name implies, controls are discretionary because an object owner with certain access permissions can pass on those permissions to another subject.
- An object’s owner determines whether to allow access to an object
discretionary access control (DAC)
- depends on the role of the subject.
- Roles are job functions within an organization.
- Specific roles require permissions to perform certain operations.
- Users acquire permissions through their role.
Role-based access control (RBAC)
- help determine whether to grant access.
- A series of rules is contained in the ACL, as shown in the figure.
- The determination of whether to grant access depends on these rules.
Rule-Based Access Control
- enforces the rules established by the authorization policy.
- A subject requests access to a system resource.
- Every time the subject requests access to a resource, the access controls determine whether to grant or deny access.
Identification
examples of something that the user knows.
- passwords
- pins
- pass phrases
examples of something that users have in their possession.
- smart card
- security key fob
a small plastic card, about the size of a credit card, with a small chip embedded in it
smart card
a device that is small enough to attach to a key ring. It uses a process called two-factor authentication,
security key fob
A unique physical characteristic, such as a fingerprint, retina, or voice, that identifies a specific user
biometrics
include patterns of behavior, such as gestures, voice, typing rhythm, or the way a user walks
behavioral characteristics
There are two types of biometric identifiers
- physiological characteristics
- behavioral characteristics
these include fingerprints, DNA, face, hands, retina, or ear features
physiological characteristics
- uses at least two methods of verification.
- can reduce the incidence of online identity theft because knowing the password would not give cyber criminals access to user information.
Multi-factor Authentication
controls what a user can and cannot do on the network after successful authentication.
authorization
stop unwanted or unauthorized activity from happening.
Preventive access controls
As shown in the figure, authorization answers the question
- read
- copy
- create
- delete
traces an action back to a person or process making the change to a system, collects this information, and reports the usage data.
Accountability
- opposite of a reward
Deterrent Controls
- provide options to other controls to bolster enforcement in support of a security policy.
- an also be a substitution used in place of a control that is not possible under the circumstances.
Compensative Controls
act or process of noticing or discovering something. Access control detections identify different types of unauthorized activity.
detective controls
- can repair damage, in addition to stopping any further damage.
- These controls have more advanced capabilities over corrective access controls.
Recovery Controls
- counteracts something that is undesirable.
- Organizations put corrective access controls in place after a system experiences a threat.
- restore the system back to a state of confidentiality, integrity, and availability.
Corrective Controls
replaces data with authentic looking values to apply anonymity to the data records.
Substitution
- technology secures data by replacing sensitive information with a non-sensitive version
- can replace sensitive data in non-production environments to protect the underlying information.
data masking
Data Masking Techniques
- substituion
- shuffling
- nulling
out applies a null value to a particular field, which completely prevents visibility of the data.
Nulling
- derives a substitution set from the same column of data that a user wants to mask.
- This technique works well for financial information in a test database, for example.
Shuffling
conceals data (the message) in another file such as a graphic, audio, or other text file.
Steganography
There are several components involved in hiding data.
- embedded text
- cover text
- stego key
hides information in plain sight by creating a message that can be read a certain way by some to get the message
Social Steganography
- protects software from unauthorized access or modification
- inserts a secret message into the program as proof of ownership.
- The secret message is the software watermark. If someone tries to remove the watermark, the result is nonfunctional code.
Software watermarking
- The approach used to embed data in a cover-image is using
- uses bits of each pixel in the image.
Least Significant Bits (LSB)
- is the discovery that hidden information exists.
- The goal of this is to discover the hidden information.
steganalysis
- is the use and practice of data masking and steganography techniques in the cybersecurity and cyber intelligence profession.
- is the art of making the message confusing, ambiguous, or harder to understand.
- A system may purposely scramble messages to prevent unauthorized access to sensitive information.
Data obfuscation
- translates software into a version equivalent to the original but one that is harder for attackers to analyze.
- Trying to reverse engineer the software gives unintelligible results from software that still functions.
Software obfuscation
