Security and Cryptography Flashcards

1
Q

can reformat and transform our data, making it safer on its trip between computers

A

Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

This type of attack involves trying every possible combination of characters until the correct one is found

A

Brute-Force Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

is malicious software that can infect computers and steal data, install backdoors, or perform other harmful actions.

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Types of Malware

A

Viruses, Worms, Trojans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

is a type of social engineering attack where attackers try to trick people into revealing sensitive information by posing as a legitimate entity, such as a
bank or email provider.

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

This type of attack involves intercepting communication between two parties and modifying or eavesdropping on the data being transmitted

A

Man-in-the-Middle Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

exploit weaknesses in the physical implementation of cryptographic algorithms, such as power consumption or electromagnetic radiation, to extract sensitive information.

A

Side-Channel Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Are weaknesses or vulnerabilities in cryptographic algorithms or protocols that can be exploited by attackers to compromise security

A

Cryptographic Flaws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

are security risks that come from within an organization, such as employees or contractors with access to sensitive information who may intentionally or unintentionally disclose it.

A

Insider Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

involve overwhelming a system or network with traffic or requests, causing it to crash or become unavailable

A

Denial-of-Service Attacks (DoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

can lead to the compromise of cryptographic keys, making it possible for attackers to decrypt data or impersonate authorized users.

A

Key Management Failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

involve unauthorized access to physical devices or systems, such as stealing a laptop or breaking into a data center

A

Physical Security Breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

is the practice of securing digital communications by converting plain text into a secret code that can only be read by the intended recipient.

A

Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

is the process of converting plain text into an unreadable format using a cryptographic algorithm and a secret key.

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

is the process of converting the encrypted data (ciphertext) back into its original form (plaintext) using the secret key

A

Decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An asymmetric encryption algorithm that uses a pair of public and private keys for encryption and decryption

A

Rivest-Shamir-Adleman (RSA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A symmetric encryption algorithm widely used in secure communications that uses a shared secret key for encryption and decryption.

A

Advanced Encryption Standard (AES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A symmetric encryption algorithm that is popular in software and hardware encryption applications

A

Blowfish

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A family of cryptographic hash functions used to ensure data integrity and authenticity.

A

Secure Hash Algorithm (SHA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

is a form of encryption that uses the same secret key for both encryption and decryption of data

A

Symmetric Key Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

also known as secret key cryptography

A

Symmetric Key Cryptography

22
Q

Symmetric Key Cryptography is also known as ______

A

Secret Key Cryptography

23
Q

is a shared secret between the sender and the recipient of the message, which is used to scramble the original message into ciphertext and then unscramble it back into its original form.

24
Q

Three steps of symmetric key cryptography

A

Key Generation
Encryption
Decryption

25
A widely used encryption algorithm that uses a 56-bit key and operates on 64-bit blocks of data.
Data Encryption Standard (DES)
26
A more secure encryption algorithm that uses a 128-bit, 192-bit, or 256-bit key and operates on 128-bit blocks of data.
Advanced Encryption Standard (AES)
27
Another widely used encryption algorithm that uses a variable-length key of up to 448 bits and operates on 64-bit blocks of data.
Blowfish
28
is a cryptographic system that uses two separate keys for encryption and decryption.
Public Key Cryptography
29
Also known as asymmetric cryptography
Public Key Cryptography
30
Public Key Cryptography is also known as _____
asymmetric cryptography
31
This is one of the most widely used public key encryption algorithms.
Rivest-Shamir-Adleman (RSA)
32
Who invented the Rivest-Shamir-Adleman (RSA)
Ron Rivest Adi Shamir Leonard Adleman
33
This algorithm is used for key exchange and is often used in combination with other algorithms for encryption and authentication.
Diffie-Hellman
34
This is a newer algorithm that is gaining popularity due to its smaller key sizes and faster performance
Elliptic Curve Cryptography (ECC)
35
This algorithm is used for digital signatures and is often used in conjunction with other encryption algorithms
Digital Signature Algorithm (DSA)
36
is a cryptographic technique used in cybersecurity to ensure the authenticity and integrity of digital documents or messages.
Digital Signatures
37
serves as a tamper-proof seal that verifies the identity of the sender and confirms that the document or message has not been altered in transit.
Digital Signature
38
Two Keys
private key and public key
39
is kept secret and only known to the owner of the signature
private key
40
is freely distributed and can be used by anyone to verify the signature
public key
41
a widely-used public-key encryption algorithm that can also be used for digital signatures
Rivest-Shamir-Adleman (RSA)
42
a public-key algorithm specifically designed for creating and verifying digital signatures.
Digital Signature Algorithm (DSA)
43
a variant of DSA that uses elliptic curve cryptography.
Elliptic Curve Digital Signature Algorithm (ECDSA)
44
another variant of DSA that uses Edwards-curve cryptography.
Edwards-curve Digital Signature Algorithm (EdDSA)
45
refers to the processes and techniques used to generate, distribute, store, use, and revoke cryptographic keys.
Key Management
46
are essential for ensuring the confidentiality, integrity, and authenticity of data, and key management is critical to the security of cryptographic systems.
Cryptographic Keys
47
This approach involves manually generating, distributing, and revoking keys.
Manual Key Management
48
In this approach, a trusted third party is responsible for storing and managing cryptographic keys.
Key Escrow
49
is a variant of key escrow where the encrypted keys are stored in a way that allows authorized individuals to recover them if they are lost or stolen.
Key Recovery
50
This approach involves the use of automated systems to generate, distribute, and manage keys.
Automated Key Management
51
This approach combines different key management techniques to create a customized solution that meets the specific security requirements of an organization.
Hybrid Key Management
52
Best Practices for Security
* Use Strong Passwords * Keep Software Up-to-date * Install Anti-Virus Software * Use Two-Factor Authentication * Limit Access * Educate Employees * Backup Data * Monitor Activity * Encrypt Sensitive Data * Conduct Regular Security Assessments