Information Security & Protection

Question 1

“C” in the CIA triad

Answer 1

Confidentiality- Preserving authroized restrictions on information access and disclosure, including means for protecting personal privace and proprietary information

Question 2

“I” in the CIA triad

Answer 2

Integrity- Guarding against improper information modification or destruction, including ensuring information non repudiation and authenticity

Question 3

“A” in the CIA triad

Answer 3

Availability- Ensuring timely and reliable access to and use of information

Question 4

Define the AAA services

Answer 4

Identification: provides an identity to a system to start the process of AAA
Authentication: Ensures that the individual is who she claims to be (the authentic or genuine person) and not an imposter
Authorization: Providing permission or approval to specific technology resources
Auditing: provides a means of tracking and recording of user action
Accountability: holding users accountable for their actions
Nonrepudiation: subject of malicious activity cannot deny that the event occured.

Question 5

Quantitative vs Qualitative Analysis

Answer 5

Quantitative analysis: concrete probability percentages that assign a dollar value to each asset
Qualitative analysis: assigns subjective and intangible value to each asset

Question 6

Columnar Transposition

Answer 6

refer to word doc

Question 7

Rotational Cipher

Answer 7

C = (P + R) mod 26
A = 0, B = 1, etc.
Ex : P = A, R = 3, C = (0 + 3) mod 26, = 3 (D)

Question 8

Symmetric Encryption/Decryption Process

Answer 8

Plaintext gets encrypted using a key that both the sender and receiver have, but the cipher-text gets transmitted to the other user where they can decrypt the message using the key used to encrypt the message

Question 9

Asymmetric Encryption/Decryption Process

Answer 9

Plaintext’s get encrypted using the receiver’s public key, then the cipher-text get transmitted to the receiver then decrypted using their private key

Question 10

Digital Signature Process

Answer 10

Sender hashes their plaintext message which generates a digest, then the sender encrypts that digest using their private key (that is the digital signature). The receiver can then decrypt the message using the sender’s public key, and makes his own message digest using the same hashing algorithm the sender used. If the digests match, then that confirms the message was actually sent by the expected sender.

Question 11

Diffie-Hellman Exchange

Answer 11

Allows two users to generate the same secret key and establish a secure connection, refer to doc for example

Question 12

ECC

Answer 12

Elliptic Curve Cryptography - Users agree on using the same elliptic curve and the same starting point, but the private key generated should have a lot of entropy

Question 13

Diffie-Hellman vs El Gamel - 3 differences

Answer 13

DH used for key exchange and ELgamal used for sending encrypted messages
1st user decides on G and P
2nd user creates ephemeral and sessions keys for each message

Question 14

TLS Handshake Process

Answer 14

TLS - Transport Layer Security

1. Request for Resource
2. Server presents its own host certificate
3. Client verifies server authenticity
4. Validate server FQDN
5. Request for client own host certificate
6. Client presents its own host certificate
7. Server verifies client authenticity
8. Validate Client FQDN
9. Client sends pre-shared session key
10. Access to restricted resource

Question 15

IPsec’s two modes of operation

Answer 15

Transport mode: Used to protect a conversation between two specific hosts on a network; only the packet payload is encrypted (peer-to-peer)
Tunnel mode: Used to establish a site-to-stie VPN; entire packet is encrypted