Mid-term exam part 2 study

Question 1

what is the Fraud and Abuse Triangle?

Answer 1

3 aspects of motivation before mis-behavior occurs.
1-opportunity: without opportunity or if the attacker thinks they will get caught then they prob wont do it.
2-pressure: financial, greed, desire to perform or hide under achievements- psychology of perpetrator
3-Rationalization: convinces themselves they are good people in their own mind. may say to self ‘my employer expects too much of us’’, etc.

Question 2

what is the Coso framework?

Answer 2

a type of security planning framework for corporations with 4 main objectives: 1- strategic: high lvl goals, 2- operations: efficient use of resources, 3- Reporting: reliability and 4- Compliance: compliance with laws.

Question 3

what is the Cobi framework?

Answer 3

a type of IT security control planning that offers a framework as follows:
1- planning and organizing
2- acquisition and implementation (information systems)
3-delivery and support (implementation of IT security)
4- monitoring

Question 4

what is plain text?

Answer 4

the original message (images, text, sounds ,etc) . used in cryptography

Question 5

cyphertext?

Answer 5

the end result of encryption.

-the plain text is encrypted and turned into ‘random bits’ called Cyphertext.

Question 6

Cipher?

Answer 6

the mathematical operation to encrypt and decrypt data.

Question 7

key?

Answer 7

random string of ones and zeros. the cipher and key are needed to encrypt and decrypt a message.

Question 8

what is Kerckhoof’s law?

Answer 8

states that for encryption to work: only the key needs to be kept secret not the cipher.

Question 9

what is symmetric encryption?

Answer 9

symmetric encryption: single key is used for encryption and decryption in both directions. keys must be shard ahead of transmissions securely.

Question 10

what is Asymmetric encryption?

Answer 10

also called public key encryption: 2 keys are used, one is private and one is public. the public key is used to encapsulate the message and each user has their own private key used to decrypt messages.

Question 11

what is exhaustive search and how is it mitigated?

Answer 11

exhaustive search: brute force: try every key until password is cracked. the longer the key the harder and longer it takes to crack. each additional bit used in the key doubles the time it will take to crack the key. 100 bits req. today

Question 12

what number of bits in a key do some countries require so the authorities can crack it?

Answer 12

40 bits or less.

Question 13

what is exhaustive search?

Answer 13

brute forcing a password.

Question 14

out of the 4 following types of encryption, which type is viable/ secure today?
RC4
DES
3DES
AES

Answer 14

AES

Question 15

what are RC4 encryption strengths and weaknesses?

Answer 15

RC4 is extremely fast and uses little Ram- makes attractive for low end mobile devices. encryption of 40 bits or more. very weak and is easy to crack.

Question 16

what is DES & what is its strength/weakness?

Answer 16

DES: Data Encryption Standard- 56 key bit length, weak to brute force, uses moderate ram, often used by resident devices as supported by many devices.

Question 17

what is DES3?

Answer 17

DES3: Triple DES- much longer key lengths up to 128 bits. uses lots of Ram, applies 2-3 keys by multiplying DES for added security. high processing power. Very strong.

Question 18

what is AES?

Answer 18

AES: Advanced Encryption Security: standard for today. low ram use, low processing use, long keys up to 256 bits. very strong and hard to break “gold standard”

Question 19

what is it and how does it work: Handshake?

Answer 19

when 2 parties communicate a standard cyptographic system must be agreed appon.
1-Negotiation: the type of crytography used
2-initial authentication: test the identity of one another. *mutual authentication, or single if just authenticating a user to a server.
3-Keying: sending of keys or secrets to one another before communication takes place.

Question 20

what is electronic signature?

Answer 20

a code is added to each message so that the receiver can verify the message is sent from a reliable and authenticated source and has not been tampered with.

Question 21

what is MbM authentication?

Answer 21

MbM: Message by Message Authentication- each message is authenticated by the receiver because the sender has sent it with an electronic signature.

Question 22

what is message integrity ?

Answer 22

integrity: the authentication process rejects any messages that have been altered while in transit. this is done through the use of electronic signatures and MbM authentication.

Question 23

what is Hashing? examples of it?

Answer 23

Hashing: a large bit number divided by a smaller number gives a remainder… is the Hash value that can not be reversed but can be repeated. It is Irreversible! 128-512 bits long. examples of Hashing: MD5 & SHA

Question 24

what is SHA and should it be used?

Answer 24

SHA: Secure Hash algorithm- a type of hashing that should only be used if it is one of the stronger versions like SHA-256. produces 160 bits for SHA and 256 for the SHA-256

Question 25

what is MD5? should it be used?

Answer 25

a type of older Hashing technology. produces 128 bit Hash and is widely used but has security flaw and should never be used.

Question 26

how does the public key encryption work?

Answer 26

a public encryption method (padlock) is shared with the adjacent host. the host encrypts data and sends it to the destination. the destination has a private key (key) that works with the public encryption method it sent out earlier, to decrypt the packages. VERY slow due to long key lengths and expensive technology for encryption.

Question 27

what is the diff between RSA and ECC?

Answer 27

RSA is hacked a lot and ECC should be used instead.

RSA is used more and needs 1k in bits for security while ECC only needs 500 bits fir security key lengths.

Question 28

what is Diffie-Hellman key agreement PKI?

Answer 28

Keying information is sent in plain text but the symmetric keys are calculated at each device using a special algorithm. eves droppers can’t compute the symmetric keys so communications are secure.
1-exchange keying method info
2-random number generated
3-exchange random numbers that were generated
4-exchanged numbers are used to compute encryption and send all communications. attackers can’t decrypt without orig. numbers,

Question 29

what is the true party?

Answer 29

the party the supplicant (party proving identification - sender) claims to be. *The sender, sends a piece of data encrypted with its private key and the receiver decrypts it with the public key so then it can verify the sender is who they claim to be (True Party)

Question 30

how are MbM Authentication with digital signatures made?

Answer 30

MbM - Message by Message authentication Digital Signitures are created by:
1-plaintext is hashed making a MD- Message Digest
2-MD: Message Digest is encrypted with senders private key creating a Digital signiture.
3-transmit DS(Digital signiture) with plaintext
4-Receiver hashes plaintext to get a MD
5-Receiver decrypts Digital signature with senders public key(gets from certificate authority), getting senders MD
6- two resulting MD-Message Digests are compared and if the same then the message is authenticated.

Question 31

supplicant is?

Answer 31

the true party and is calculated using the MbM and digital signature along with a Certification Authority proving the sender is who they say they are using the public key from the Certification authority in the MbM decryption process.

Question 32

Public key encryption for authentication vs confidentiality. which decrypts with the receivers private key?

Answer 32

encryption/ confidentiality uses the receivers private key to decrypt a message.

Question 33

Public key encryption for authentication vs confidentiality. which decrypts with the receivers public key ?

Answer 33

Authentication: the receiver uses the true parties public key to decrypt the message. true party is determined by getting the public key from the Certificate Authority. (not the sender, as they may be an imposter)