Security Concepts & Cryptographic Principles (Domain 1.0)

What CIA stand for?

Confidentiality, Integrity and Availability

What AAA stands for

Authentication, Authorization and Accounting

A hacker intercepts an email in transit and alters the bank routing number inside it before it reaches the recipient. Which pillar of the CIA Triad has been violated?

Integrity. (Because the data was unauthorizedly modified or tampered with while in transit).

What is the specific term for ensuring that a user cannot deny having sent a specific message or performing a specific action on a network?

Non-repudiation. (Often achieved using digital signatures and hashing).

In asymmetric encryption, which key does a sender use to encrypt a message if they want to ensure only the intended recipient can read it?

The recipient's Public Key. (Only the recipient's matching private key can decrypt it).

You run a file through an MD5 algorithm, and it outputs a fixed-length string. You change just one single character in the file and run it again. What happens to the output string, and what concept does this demonstrate?

The output string changes completely (the Avalanche Effect). This demonstrates Hashing, which verifies data integrity.

If a server's private key is stolen, how does a web browser find out that the server's digital certificate should no longer be trusted before its official expiration date?

It checks the CRL (Certificate Revocation List) or uses OCSP (Online Certificate Status Protocol) to verify if the certificate has been revoked.