M362 - Unit 10 Flashcards
What type of interference is taking place if Alice alters Bob’s file without permission?
Modification
What type of interference is taking place if a hacker deploys software to observe packets travelling on a network?
Interception
What type of interference is taking place if a website receives a flood of requests for a web page, preventing callers from viewing the site?
Interruption
What type of interference is taking place if a user receives an email appearing to be from his supervisor, who did not send the email?
Fabrication
How many possible Caesar ciphers are there in English?
Assuming a 26-character alphabet (ignoring, for example, punctuation), there are 25
possible substitutions.
How would you decode an English message encoded in ROT13, assuming a 26-character alphabet?
You would apply the same function again! The cipher is its own inverse. Two shifts of 13 return you to your starting point in the English alphabet.
Why is public key cryptography called asymmetric and private key cryptography called symmetric?
In public key cryptography there are two different keys, the public key and private key, one used for encryption and the other for decryption. In private key cryptography there is one key, the secret key suitable for both encryption and decryption.
What classes of cipher might you be likely to use for storing passwords in a local file?
Hash
What classes of cipher might you be likely to use for proving you sent an email?
Public key and hash (for signing)
What classes of cipher might you be likely to use for using a wireless connection on your laptop?
Stream
What classes of cipher might you be likely to use for encrypting files on a file system?
Block
What is a secure channel?
A secure channel is a communication channel between a pair of processes that can authenticate each other and provides confidentiality and integrity services, including time stamping.
Give an example of a handshake in SSL.
Cipher negotiation and certificate exchange.
Why would a class loader check for overriding of final methods, when this check is already performed by a compiler before producing a class file?
The class loader is examining bytecode, which could have been altered since compilation.
Why would a security policy require that the security manager could only be set once?
This means that another manager cannot be substituted, so the ways in which checks are performed cannot be altered.