Midterm Exam Study Flashcards
If a key is 43 bits long, how much longer will it take to crack it by exhaustive search if it is extended to 50 bits?
128 times as long
If a key is 47 bits long, how much longer will it take to crack it by exhaustive search if it is extended to 50 bits?
8 times as long
If a key is 42 bits long, how much longer will it take to crack it by exhaustive search if it is extended to 50 bits?
**how did you calculate this?
256 times as long
–multiply each successive bit added to the length by a factor of 2. so 42 bits extended to 50 bits is a total of 8 bits extended on. so 2 x 1 = 2 (two times as hard) then multiply this answer by 2 for the next successive bit so… =2 (x) 2 = 4… 4x(the next successive bit = 2) = 8… 8x2=16, 16x2=32, 32 x 2 = 64, 64x2= 128 , 128 x 2 (the last successive bit) = 256. so 256 as long!
what is the CIA triangle?
CIA= C -Confidentiality, I- Integrity, A - Availability.
*Data is only seen by those that need to see it and best practices to protect private data, info can’t be changed or destroyed and those that need access to info have it.
what are the 3 types of countermeasures to thwart compromises?
Preventative, Detective and Corrective: the prevention keep attacks from occurring, detective: detection of attacks and fast detection = minimal damage, Corrective: get the corporation back on track.
**safe guards, protection and controls.
what is SQL injection? describe..
SQL injection: sending modified SQL programming statements (and/or) to web applications/ servers. modifies a database. easy to execute commands.
What kind of threats are there by employees?
attacks on own company network out of spite, anger, extortion, to make $, etc.
examples: Logic bomb, steal trade secrets (non proprietary), sell info or IT security or data deleted.
how do Worms spread?
Direct Propagation Worms: take advantage of/ detect security flaws in computers and moves from one pc to the next without the user doing anything at all. this allows to worm to move quickly throughout a network and even the WEB as a whole. each infected computer becomes a base where the worm can infect other computers.
what are blended threats?
programs placed on websites as downloadable but are in-fact hidden viruses with worms embedded or the viruses create vulnerability allowing the worm/future attacks to do damage. *often the virus contains a Pay-load. sometimes the payload is a Trojan or root kit.
Trojan horses and Root kits are what?
Trojan horses: pretend to be a legit program but are in-fact damaging once installed. sometimes are remote access software.
Root Kits: software that takes administrative control and then hides from the administrative detecting techniques in root system files(i think?).
2 types of Trojan horses are?
Down-loaders: small programs enable larger Trojan horses to download.
*RAT: Remote Access Trojans: allow computer to be accessed and used remotely for malicious reasons.
what is spyware?
software that gathers personal info, cookies, keystrokes and data mining.
what is spam, hoaxing / phishing?
emails sent to trick users into giving away personal info, download attachments or open emails with code hidden in photos/ images. often used to use-up bandwidth.
how do attackers get info about a network:?
Reconnaissance is done to gather info: programs used to scan for ip addresses used on the network, ip addresses are then scanned with port scanning software to determine which ports are open, used and the OS being used.
once attackers have info about a network (ports, OS used, etc.) how do they use this info?
certain applications use certain ports like HTTP = port 80 so attackers can use attacks against HTTP that are known.
