Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Security: Defense against the Digital Dark Arts > Week 2 - Hashing > Flashcards

Week 2 - Hashing Flashcards

1
Q

What is a hash (hash function)?

A

Any data length is fed into a hash function, the output is always the same fixed length but always different from the input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is cryptographic hashing different from encryption?

A

Cryptographic hash functions should be one-directional and can’t recover the plaintext from output like encryption does

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cryptographic hash functions are very similar to ___ key block ciphers

A

symmetric (because they operate on blocks of data)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

___ is more secure than MD5 hash function

A

SHA1 hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does MIC stand for?

A

Message Integrity Check

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does a MIC do?

A

it’s essentially a check sum for a message, ensures contents were modified in transit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How is a MIC different from a MAC from a previous lesson?

A

MIC doesn’t use secret keys, has no authentication (doesn’t protect against tampering or malicious actions)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does MIC protect against?

A

accidental corruption/loss

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What’s one crucial application for cryptographic hash functions?

A

authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What should you do instead of storing a plaintext file of your password?

A

store a hash of the password instead of the password itself (like what every authentication system does)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

T or F: If an attacker has unlimited time and/or resources, any system can be brute forced

A

True (impossible to protect against completely)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are 2 ways to protect against brute force attacks?

A
  1. Make it sufficiently time-consuming and resource-intensive so it’s not practical with useful tech or a useful time frame
  2. Run the password through the hashing function multiple times (sometimes thousands of times)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are rainbow tables used for?

A

used to help speed up the process of recovering passwords from stolen password hashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How are using rainbow tables different from a brute force attack?

A

rainbow tables store all possible password values and their hashes, whereas a brute force attack computes each guess attempt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you protect against rainbow tables?

A

password salt (additional data gibberish to make password and salt combo unique) and to make it more time/resource consuming to compute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

IT Security: Defense against the Digital Dark Arts (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions