Storing and Transmitting Data

Question 1

Process of encryption

Answer 1

An encryption algorithm is used to scramble the data (make it not understandable)
The original data is called the plain text
A key is used to encrypt the data by applying it to the plain text
Plain text is encrypted into cipher text

Question 2

Process of decryption

Answer 2

An algorithm is used to decrypt the text
The encrypted data is called the cipher text
A key is used to decrypt the data by applying it to the cipher text
Cipher text is encrypted into plain text

Question 3

Main uses of encryption

Answer 3

To store and transmit information securely.

To make data meaningless if intercepted or stolen

Question 4

What’s a firewall

Answer 4

Can be software (installed on pc) or hardware (on router)

Question 5

6 things a firewall does

Answer 5

1. Allows a user to set rules for network traffic
2. Checks incoming and outgoing data meets specific criteria
3. Acts as a filter for incoming and outgoing traffic
4. Keeps a log of activity e.g. website requests
5. Blocks unacceptable data and allows acceptable data through
6. Helps prevent unauthorised access

Question 6

What can firewalls block

Answer 6

certain websites (IP addresses)
hackers accessing the network
certain ports
malware

Question 7

8 thing a proxy server does

Answer 7

1. Prevents direct access to a web server
2. Requests/responses are passed through the proxy server
3. Examines and filters traffic
4. Used to direct invalid traffic away from the webserver
5. Rejects requests for data from the web server if invalid
6. Can block certain IP addresses
7. Can be used to prevent denial of Service attacks
8. Can help prevent hacking of web server

Question 8

Extra functions of Proxy Servers

Answer 8

Used to hide the user IP address
Requests are anonymous
Can filter outgoing requests for content
Caches websites

Question 9

Symmetric encryption

Answer 9

Uses an algorithm and a single shared key

Question 10

Reducing risk of decryption

Answer 10

Increasing the length (number of bits) of the key
means there are more possible combinations for the key and less chance of decryption by brute force

When sending symmetrically encrypted data, they key must be sent separately to the cipher text
If the key is intercepted when being transmitted it is hard to decrypt the cipher text without the key

Question 11

Drawbacks of symmetric decryption

Answer 11

Key distribution- hacker could intercept the key when sent over internet and decrypt the ciphertext

Question 12

Asymmetric encryption

Answer 12

Uses an encryption algorithm and a public + private key

Question 13

How asymmetric encryption works

Answer 13

Everyone has their own public and private key
Private key is kept safe
Encryption algorithm and public keys are freely available
A message encrypted with a public key can only be decrypted with a private key
A message encrypted with a private key can only be decrypted with a public key

Question 14

SSL

Answer 14

secure socket layer
has two layers
1. handshake - exchange info
2. record layer - handles data and encryption
Security protocol used to encrypt data to provide a secure connection for the transmission of private data

Question 15

How SSL works

Answer 15

1. Browser requests web server to identify itself
2. Web server sends its digital certificate to the browser
3. Browser authenticates the digital certificate which contains the websites public key
4. Once authenticated a connection is established
5. All data sent is then encrypted using public and private keys and symmetric and asymmetric encryption
6. If not authenticated a warning message is shown and open padlock is shown

Question 16

TLS

Answer 16

Transport layer security
updated version of SSL
is more secure
allows for session caching(to connect quicker)
can be extended by new authentication methods

Question 17

Examples uses of SSL

Answer 17

Online banking
Online shopping
Cloud storage
Online gaming
Email
Video conferencing

Question 18

How do we know TLS/SSL is being used

Answer 18

protocol is HTTPS
Padlock icon is locked
Can view website certificate

Question 19

Authentication

Answer 19

Verifies data, coming from a trusted source

Question 20

How are digital signatures used

Answer 20

1. The message is put through a hashing algorithm to generate a hash text
2. The generated hash text is encrypted with the senders private key to get a digital signature
3. The message and digital signature are sent to the receiver over the internet
4. The receiver puts the message through the same hash algorithm to generate its own hash text
5. The digital signature is decrypted using the senders public key to get the original hash text
6. The original hash text is compared to the receivers calculated hash text
7. If the hashes are the same then it is verified and has not been alerted

Question 21

How are users authenticated

Answer 21

Usernames
Passwords
Biometrics(fingerprint, retina, face and voice scans/recognitions)

Question 22

Hashing algorithm

Answer 22

Plain text is passed to a hashing algorithm which generates some hashed text
The process is one-way so you cannot get plain text from the hashed text
The process is repeatable so you always get the same hashed text from the plain text