Security

Question 1

What must be addressed when sending or receiving information over a computer network?

Answer 1

1) Confidentiality: info cant be read by others
2) Authentication: verify party is who they say they are
3) Integrity: message we sent has not been tampered with
4) Non-repudiation: proof someone sent a message

Question 2

Cryptography

Answer 2

the science of encrypting and decrypting messages

Question 3

Encryption

Answer 3

method for taking plaintext into ciphertext

Question 4

Problems with Cesar Cipher

Answer 4

key size too small, suceptible to brute force attack and cryptanalysis

Question 5

Symmetric Encryption

Answer 5

both encryptor and decryptor use the same key, impractical for user and website to find ways to safely share key

Question 6

Asymmetric/Public Key Encryption

Answer 6

person encrypting message and person decrypting message use different keys

Question 7

Signs URL is fake

Answer 7

IP address or @ sign

Question 8

Zombie Computer

Answer 8

remotely controlled access not using it to spy on you but using it as a bot to send spam etc.

Question 9

Steps to reduce chances of hacker breaking into computer

Answer 9

1) Strong passwords with uppercase, lowercase, numbers, and letters
2) Keeping software updated
3) Anti-Virus software or use Internet Firewall
4) Multi-factor Authentication
5) JavaScript Blocker

Question 10

Spyware

Answer 10

program installed on computer that can spy on user activities and take over computer remotely (ex: Dalai Llama)

Question 11

Adware

Answer 11

program installed that present ads on computer

Question 12

Ransomware

Answer 12

Encrypts your SSD: asks payment to decrypt

Question 13

Types of Attacks

Answer 13

1) Worms (propagate copies of itself on a network
through network, example ILUVU)
2) Virus, (attaches itself to other programs, adds code to other programs on computer)
3) Trojan horse (things that claim they are one thing but are another also ILUVU)

Question 14

Social Engineering

Answer 14

hacker does not attack technical vulnerabilities but rather attack people in the system (ex: phishing)

Question 15

Spearfishing

Answer 15

hacker studies and targets specific individual, usually carefully crafted email

Question 16

Firewalls

Answer 16

monitors network traffic between a computer or set of computers,

Question 17

Proxy server

Answer 17

computer that acts as intermediary between two different computers; used for access to location based resources like Medline while student is off campus

Question 18

Virtual Private Networks

Answer 18

encryption of network traffic, hides internet activities from internet service provider

Question 19

Objectives of Secure Email

Answer 19

Confidentiality
Authentication
Anonymity/privacy
No IP record

Question 20

HTTP vs HTTPS

Answer 20

HTTPS secure version of HTTP,
- HTTP not encrypted and does not verify party
- HTTPS requires website have valid certificate

Question 21

Why is privacy an issue now?

Answer 21

1) CCTV more available, people can gather information with AI techniques,
2) Cellphones are with us everywhere and can be tracked
3) Consumption increasingly online which can be tracked

Question 22

Product vs. Customer

Answer 22

when using commercial service, you are either customer or product; subscription, ads, selling of ur data

Question 23

What can 3rd party cookies do?

Answer 23

website can allow a third party like an ad network to track users actions across multiple networks