Midterm Exam part-3 Flashcards
how does the Certificate authority work?
independent and trusted through reputation org. that have info on true parties of public keys. can be verified with digital signature, check to see if still valid and check revocation list
what is non-repudiation?
means that the sender can not claim they did not send a message. this is b/c digital signatures can only be validated by parties that know the private and public keys and these are the sender and receivers.
what is the basic operation of quantum key encryption?
one time kys
keys as long as message
keys show signs of tamper if eavesdroppers see them.
thousands of years to crack
name some VPN types:
Virtual Private Networks: cryptography is used for all communications over an un-trusted network (such as the web to a company).
types:
host to host-pc to a server
*Remote access VPN : pc to private LAN through a VPN gateway on edge of the LAN
*site-to-site VPN: 2 LAN’s using VPN gateways communicate over a VPN on the web to reach one another.
what is TLS and how does it relate to VPN’s?
TLS= Transport Layer Security is the same thing as SSL Secure Socket Layer
- this is the cryptography used to encrypt the vpn connections.
- used in host to host vpn and remote access VPN’s.
- only requires web browser with ssl support and no software for computer side. server must have software or the vpn gateway must support ssl.
- *TLS only provides security to TLS/SSL aware applications like HTTP or some web-servers.
what is the diff. between IPSEC Transport and Tunnel mode?
IPSEC Transport is used to connect 2 hosts over VPN and use encryption that the border routers/firewalls can’t read. *costly
-IPSEC Tunnel Mode: only the connection between sites starting & ending at the VPN gateways is encrypted, once inside site it is unincripted. (cheaper) no need to set-up each device in network.
what is access control?
policy-driven control of access to systems, data and dialogues. **limit attackers and employees access to internal resources.
what is the saying “death of the Perimeter”?
network admins say this b/c the idea of creating a 100% secure network is impossible. esp. with BYOD of today.
what is flooding?
the attacker sends more requests than the victim can handle. this is used in a denial of service attack.
what is spoofing?
when an attacker hides their ip address by changing it so that it is not their real ip address.
*they can’t get replies from the victim though.
what are backscatter options?
this is when an attacker does a denial of service attack to a network while using a spoofed (made up) ip address. the victim sends back replies to the made up/ spoofed ip address and inadvertently these replies go to a real computer causing them an issue. (called backscatter).
what are the diff/ types of attack packets that a sender/attacker can send in a Dos attack?
SYN Flood: transmission control protocol - connection request.
*Ping Flood: ICMP/Echo request
HTTP flood: webserver/web application flood.
what does a SYN flood do?
Dos attack: the SYN- synchronous TCP(transmission control protocol) packets sent requesting connections until the ram is used up and crashes.
what does the Ping flood do?
Dos attack: pings (ICMP) internet control message protocol packets (/echo requests) are sent to use up the bandwidth and cpu cycles of the victim causing it to shutdown.
what does the HTTP flood do?
Dos attack: webserver is targeted with web page requests/ HTTP application requests and this uses up all the Ram and CPU causing it to crash.
