IA 2 - CISCO 4

Question 1

• science of making and breaking secret codes.
• a way to store and transmit data so only the intended recipient can read or process it.
• Modern ——– uses computationally secure algorithms to make sure that cyber criminals cannot easily compromise protected information.

Answer 1

Cryptography

Question 2

process of scrambling data so that an unauthorized party cannot easily read it.

Answer 2

Encryption

Question 2

When enabling encryption, readable data is

Answer 2

cleartext

Question 3

over the centuries, various cipher methods, physical devices, and aids encrypted and decrypted text

Answer 3

1. scytale
2. caesar cipher
3. vigenere cipher
4. enigma machine

Question 3

while the encrypted version is

Answer 3

encrypted

Question 4

– letters are rearranged

Answer 4

transposition

Question 5

Each encryption method uses a specific algorithm, called

Answer 5

cipher

Question 6

there are several methods of creating ciphertext:

Answer 6

1. Transposition
2. Substitution
3. One-time pad

Question 7

– letters are replaced

Answer 7

Substitution

Question 8

Two Types of Encryption

Answer 8

1. symmetric algorithm
2. asymmetric algorithm

Question 8

plaintext combined with a secret key creates a new character, which then combines with the plaintext to produce ciphertext

Answer 8

One-time pad

Question 9

• These algorithms use the same pre-shared key, sometimes called a secret key pair, to encrypt and decrypt data.
• Both the sender and receiver know the pre-shared key before any encrypted communication begins.
• algorithms use the same pre-shared key to encrypt and decrypt data, a method also known as private-key encryption.

Answer 9

Symmetric algorithms

Question 10

use one key to encrypt data and a different key to decrypt data. One key is public and the other is private.

Answer 10

Asymmetric algorithms

Question 11

The most common types of cryptography are

Answer 11

1. block cipher
2. stream cipher

Question 12

• transform a fixed-length block of plaintext into a common block of ciphertext of 64 or 128 bits.
• usually result in output data that is larger than the input data, because the ciphertext must be a multiple of the block size.

Answer 12

block cipher

Question 13

• encrypt plaintext one byte or one bit at a time
• the transformation of these smaller plaintext units varies, depending on when they are encountered during the encryption process.
• faster than block ciphers, and generally do not increase the message size, because they can encrypt an arbitrary number of bits.

Answer 13

stream cipher

Question 14

Some of the common encryption standards that use symmetric encryption include the following

Answer 14

1. 3DES
2. IDEA
3. AES

Question 15

• encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits

Answer 15

3DES - Digital Encryption Standard

Question 16

The 3DES encryption cycle is as follows:

Answer 16

1. Data encrypted by first DES
2. Data decrypted by second DES
3. Data re-encrypted by third DES

Question 17

performs eight rounds of transformations on each of the 16 blocks that results from dividing each 64-bit block.

Answer 17

IDEA - International Data Encryption Algorithm

Question 17

• fixed block size of 128-bits with a key size of 128, 192, or 256 bits.
• strong algorithm that uses longer key lengths.

Answer 17

AES - Advanced Encryption Standard

Question 18

also called public-key encryption, uses one key for encryption that is different from the key used for decryption

Answer 18

Asymmetrical Encryption

Question 19

The asymmetric algorithms include:

Answer 19

1. RSA
2. Diffie-Hellman
3. ElGamal
4. Elliptic Curve Cryptography (ECC)

Question 20

• uses the product of two very large prime numbers with an equal length of between 100 and 200 digits.
• Browsers use this to establish a secure connection.

Answer 20

RSA (Rivest-Shamir-Adleman)

Question 20

• provides an electronic exchange method to share the secret key. Secure protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Shell (SSH), and Internet Protocol Security (IPsec), use this.

Answer 20

Diffie-Hellman

Question 21

• uses the U.S. government standard for digital signatures.
• This algorithm is free for use because no one holds the patent.

Answer 21

ElGamal

Question 22

includes the generation, exchange, storage, use, and replacement of keys used in an encryption algorithm.

Answer 22

Key management

Question 23

uses elliptic curves as part of the algorithm. In the U.S., the National Security Agency uses ECC for digital signature generation and key exchange.

Answer 23

Elliptic Curve Cryptography (ECC)

Question 24

Two terms used to describe keys are:

Answer 24

1. key length
2. keyspace

Question 25

his is the number of possibilities that a specific key length can generate.

Answer 25

keyspace

Question 25

Also called the key size, this is the measure in bits.

Answer 25

key length

Question 26

Four protocols use asymmetric key algorithms

Answer 26

1. Internet Key Exchange
2. SSL
3. SSH
4. Pretty Good Privacy

Question 27

which is a means of implementing cryptography into a web browser.

Answer 27

Secure Socket Layer (SSL)

Question 27

which is a computer program that provides cryptographic privacy and authentication to increase the security of email communications.

Answer 27

Pretty Good Privacy (PGP)

Question 27

which is a protocol that provides a secure remote access connection to network devices.

Answer 27

Secure Shell (SSH)

Question 28

which is a fundamental component of IPsec Virtual Private Networks (VPNs).

Answer 28

Internet Key Exchange (IKE)

Question 29

are actual barriers deployed to prevent direct contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets.

Answer 29

Physical Access Controls

Question 30

Examples of physical access controls

Answer 30

1. fences
2. guard dogs
3. laptop locks
4. security cameras
5. swipe cards

Question 31

• are the hardware and software solutions used to manage access to resources and systems.
• These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accountability.

Answer 31

LOGICAL ACCESS CONTROL

Question 32

logical access controls include the following:

Answer 32

1. encryption
2. smart card
3. password
4. biometrics
5. ACL
6. protocol
7. router
8. ids
9. firewall
10. clipping levels

Question 33

• are the policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access.
• focus on personnel and business practices

Answer 33

administrative access control

Question 34

Administrative controls include the following

Answer 34

1. policies
2. procedures
3. hiring practices
4. background checks
5. data classification
6. security training
7. reviews

Question 35

• restricts the actions that a subject can perform on an object.
• A subject can be a user or a process.
• An object can be a file, a port, or an input/output device.
• An authorization rule enforces whether or not a subject can access the object.
• restricts a subject based on the security classification of the object and the label attached to the user.

Answer 35

Mandatory Access Control

Question 36

• rants or restricts object access determined by the object’s owner.
• As the name implies, controls are discretionary because an object owner with certain access permissions can pass on those permissions to another subject.
• An object’s owner determines whether to allow access to an object

Answer 36

discretionary access control (DAC)

Question 37

• depends on the role of the subject.
• Roles are job functions within an organization.
• Specific roles require permissions to perform certain operations.
• Users acquire permissions through their role.

Answer 37

Role-based access control (RBAC)

Question 38

• help determine whether to grant access.
• A series of rules is contained in the ACL, as shown in the figure.
• The determination of whether to grant access depends on these rules.

Answer 38

Rule-Based Access Control

Question 39

• enforces the rules established by the authorization policy.
• A subject requests access to a system resource.
• Every time the subject requests access to a resource, the access controls determine whether to grant or deny access.

Answer 39

Identification

Question 40

examples of something that the user knows.

Answer 40

1. passwords
2. pins
3. pass phrases

Question 41

examples of something that users have in their possession.

Answer 41

1. smart card
2. security key fob

Question 42

a small plastic card, about the size of a credit card, with a small chip embedded in it

Answer 42

smart card

Question 43

a device that is small enough to attach to a key ring. It uses a process called two-factor authentication,

Answer 43

security key fob

Question 44

A unique physical characteristic, such as a fingerprint, retina, or voice, that identifies a specific user

Answer 44

biometrics

Question 45

include patterns of behavior, such as gestures, voice, typing rhythm, or the way a user walks

Answer 45

behavioral characteristics

Question 45

There are two types of biometric identifiers

Answer 45

1. physiological characteristics
2. behavioral characteristics

Question 46

these include fingerprints, DNA, face, hands, retina, or ear features

Answer 46

physiological characteristics

Question 47

• uses at least two methods of verification.
• can reduce the incidence of online identity theft because knowing the password would not give cyber criminals access to user information.

Answer 47

Multi-factor Authentication

Question 48

controls what a user can and cannot do on the network after successful authentication.

Answer 48

authorization

Question 48

stop unwanted or unauthorized activity from happening.

Answer 48

Preventive access controls

Question 49

As shown in the figure, authorization answers the question

Answer 49

1. read
2. copy
3. create
4. delete

Question 50

traces an action back to a person or process making the change to a system, collects this information, and reports the usage data.

Answer 50

Accountability

Question 51

• opposite of a reward

Answer 51

Deterrent Controls

Question 52

• provide options to other controls to bolster enforcement in support of a security policy.
• an also be a substitution used in place of a control that is not possible under the circumstances.

Answer 52

Compensative Controls

Question 52

act or process of noticing or discovering something. Access control detections identify different types of unauthorized activity.

Answer 52

detective controls

Question 53

• can repair damage, in addition to stopping any further damage.
• These controls have more advanced capabilities over corrective access controls.

Answer 53

Recovery Controls

Question 53

• counteracts something that is undesirable.
• Organizations put corrective access controls in place after a system experiences a threat.
• restore the system back to a state of confidentiality, integrity, and availability.

Answer 53

Corrective Controls

Question 54

replaces data with authentic looking values to apply anonymity to the data records.

Answer 54

Substitution

Question 54

• technology secures data by replacing sensitive information with a non-sensitive version
• can replace sensitive data in non-production environments to protect the underlying information.

Answer 54

data masking

Question 55

Data Masking Techniques

Answer 55

1. substituion
2. shuffling
3. nulling

Question 56

out applies a null value to a particular field, which completely prevents visibility of the data.

Answer 56

Nulling

Question 56

• derives a substitution set from the same column of data that a user wants to mask.
• This technique works well for financial information in a test database, for example.

Answer 56

Shuffling

Question 57

conceals data (the message) in another file such as a graphic, audio, or other text file.

Answer 57

Steganography

Question 57

There are several components involved in hiding data.

Answer 57

1. embedded text
2. cover text
3. stego key

Question 58

hides information in plain sight by creating a message that can be read a certain way by some to get the message

Answer 58

Social Steganography

Question 59

• protects software from unauthorized access or modification
• inserts a secret message into the program as proof of ownership.
• The secret message is the software watermark. If someone tries to remove the watermark, the result is nonfunctional code.

Answer 59

Software watermarking

Question 59

• The approach used to embed data in a cover-image is using
• uses bits of each pixel in the image.

Answer 59

Least Significant Bits (LSB)

Question 60

• is the discovery that hidden information exists.
• The goal of this is to discover the hidden information.

Answer 60

steganalysis

Question 61

• is the use and practice of data masking and steganography techniques in the cybersecurity and cyber intelligence profession.
• is the art of making the message confusing, ambiguous, or harder to understand.
• A system may purposely scramble messages to prevent unauthorized access to sensitive information.

Answer 61

Data obfuscation

Question 62

• translates software into a version equivalent to the original but one that is harder for attackers to analyze.
• Trying to reverse engineer the software gives unintelligible results from software that still functions.

Answer 62

Software obfuscation