Security Flashcards
What must be addressed when sending or receiving information over a computer network?
1) Confidentiality: info cant be read by others
2) Authentication: verify party is who they say they are
3) Integrity: message we sent has not been tampered with
4) Non-repudiation: proof someone sent a message
Cryptography
the science of encrypting and decrypting messages
Encryption
method for taking plaintext into ciphertext
Problems with Cesar Cipher
key size too small, suceptible to brute force attack and cryptanalysis
Symmetric Encryption
both encryptor and decryptor use the same key, impractical for user and website to find ways to safely share key
Asymmetric/Public Key Encryption
person encrypting message and person decrypting message use different keys
Signs URL is fake
IP address or @ sign
Zombie Computer
remotely controlled access not using it to spy on you but using it as a bot to send spam etc.
Steps to reduce chances of hacker breaking into computer
1) Strong passwords with uppercase, lowercase, numbers, and letters
2) Keeping software updated
3) Anti-Virus software or use Internet Firewall
4) Multi-factor Authentication
5) JavaScript Blocker
Spyware
program installed on computer that can spy on user activities and take over computer remotely (ex: Dalai Llama)
Adware
program installed that present ads on computer
Ransomware
Encrypts your SSD: asks payment to decrypt
Types of Attacks
1) Worms (propagate copies of itself on a network
through network, example ILUVU)
2) Virus, (attaches itself to other programs, adds code to other programs on computer)
3) Trojan horse (things that claim they are one thing but are another also ILUVU)
Social Engineering
hacker does not attack technical vulnerabilities but rather attack people in the system (ex: phishing)
Spearfishing
hacker studies and targets specific individual, usually carefully crafted email
