Security Filtering and Encryption Standards Flashcards
Which 4 ACL conditions are recommended to configure inbound from the internet to your private network?
1) Deny any addresses from your internal networks
2) Deny local host addresses (127.0.0.0/8)
3) Deny reserved private addresses
4) Deny multicast addresses
If you’re not running TCP/IP what security filtering could you apply if you don’t have an IP address?
MAC Filtering
Successful firewall management involves what?
Being aware of and ONLY allowing the ports to keep things running safe.
What are hashing functions used for?
To ensure that the data is not changed or altered (integrity)
Exporting software allowing an encryption key length of more that 48-bits is subject to review by the Export Administration Regulations. TRUE or FALSE?
FALSE. It’s greater than 64-bits
What is symmetrical encryption and what is its downside?
Symmetrical encryption is when both the send and receiver have the same key. The downside is its harder to maintain the security
Which encryption standard was made in 1977 and used a 56-bit key?
Data Encryption Standard
Which encryption standard allows for 168-bit key length but really only provides 112bits due to man in the middle attacks?
3DES
What is the official encryption standard in the US since 2002 and what is its maximum key length?
Advanced Encryption Standard. 256-bit
What encryption uses a public key to encrypt data sent from a source host but uses a private key to decrypt it? What algorithm does it use?
Public Key Encryption. Diffie-Hellman algorithm
Apart from Diffie-Hellman, name the other common encryption method for KEY EXCHANGE
Rivest,Shamir and Adleman (RSA)
List the 4 steps of PGP encryption
1) Encrypt document with session key
2) Session key encrypted with public key of recipient
3) session key decrypted with recipient private key
4) document decrypted with session key
What is an Out of Band management?
Is any method of accessing a server that doesn’t use the production network
which protocl designed by Citrix Systems to provide communication between servers and clients of different operating systems?
Independent Computing Architecture.
What is an encryption key?
A random string of characters that is used in conjunction with the encryption algorithm to encrypt and decrypt the data sent/received.