midterm terms Flashcards
phishing
tricking people to give away personal information (usually by email)
advanced encryption standards
encryption standards established in 2001 and supports 128, 192, 256 bits
hash
using an algorithm, sorts data with a label so by the end of transit, it’ll be known if the data was tampered with
what is a virus
a malicious software that attaches itself to a host
ransomware
a type of virus that disables the system for ransom
worm
a complete program that copies itself from one computer to another
stream cypher
encode and decode the message one character (byte) at a time
block cypher
encode and decode the message many characters (bytes) at a time, usually 16 bytes
signatures
authentication of who sent the message
access control matrix
a detailed tables of subject to objects where the cells are the rights of the related subjects and objects by row and column
autorun virus
a virus that resides as an autorun program in a dick (ex: usb)
mandatory access control
the system sets the rights
logic bomb
violates the site security policy when some external event occurs
stealth virus
conceals infection of files undetected
changes data within the intercepted calls
access control
the rules of what someone has access to
steganography
an attack that hides data in other data
integrity
data is trustworthy and free from tampering (no change)
public/private keys
used for encryption and decryption
public key
encryption, available to anyone
private key
decryption, known only to individual
trojan horse
malware that tricks users of its true intent by disguising itself as a normal program
RSA
uses math and large prime integers to drive the key, and uses exponential and modulus functions with the keys encode and decode the message
distributional denial of service (DDoS)
the attacker floods a server with internet traffic to prevent users from accessing online services (affects availability)
availability
viewable/access by people
clark wilson model
protects the integrity of commercial information by allowing only certified actions by explicitly authorized users on resources (contraints)
symmetric key
the encryption key and decryption key is the same
digital encryption system (DES)
block cypher, encryption, 56-bit key length, uses algorithms to scramble data into an unreadable format
polymorphic
encryption of data in multiple forms that are protected by multiple keys
transposition
reorder the message by choosing every nth character. n is both encryption and decryption key
Bell-LaPadula Model
used for confidentiality, read down, write down, policy method
block modes
for block cyphers, key generation used during the encryption for each single block
biba model
used for integrity, read up, write down, the higher the integrity level, the more trustworthy the source
firewall
allowing traffic from source to destination
collision
when 2 inputs produce the same (hash) output
confidentiality
data is kept secrete or private
policy
a set of rules that define the degree of protection required
Protocols
specification on implementing policy
practice
actions to implement protocol, making sure protocols are being followed
Rivest Cipher 4 (RC4)
stream cypher, generates a key stream of bytes (1-256) from an initial variable length key, key scheduling algorithm for each byte at a time
access control list
objects perspective
access control capability list
subjects perspective
substitution
modify the plain text by swapping each character with another character on the list
