FINALS | Security and Cryptography | Data and Digital Communications

Confidentiality

It is the art of ensuring that data is kept private and accessed only by the intended recipient. It does not only apply to the storage of information, but it also applies to the transmission of information.

Confidentiality

It is when we send a piece of information to be stored in a remote computer, or when we retrieve a piece of information from a remote computer, we need to conceal it during transmission.

Confidentiality

It is accomplished through encryption.

Integrity

It is the art of ensuring that data is transmitted from source to destination without alteration. It means that changes need to be done only by authorized entities and through authorized mechanisms. It is accomplished with the use of a digital signature, which is a way to know that an electronic document is legit and authentic.

Digital signature

It is a way to know that an electronic document is legit and authentic.

Availability

It is the information created and stored by an organization that needs to be available to authorized entities. Information is useless if it is not available. Information needs to be constantly changed, which means it must be accessible to authorized entities.

Authentication

It is the process of verifying that the user is exactly who he claims to be.

Single-factor authentication

It is usually done through the use of passwords or user IDS.

Two-factor authentication

It is a two-step verification that provides an extra layer of security beyond user ID and password, usually with a software code generator or a hardware-based login key.

Network Attacks

It is an intrusion on network infrastructure.

Exploit

The attacker first analyzes the environment and collects information in order to __________ the existing open ports or vulnerabilities. An attack can be performed either from outside of the organization by an unauthorized entity or from within the company by an “insider” that already has some access to the network.

Snooping

refers to unauthorized access to or interception of data.

Traffic Analysis

Although encipherment of data may make it unintelligible for the interceptor, she can obtain some other types of information by monitoring online traffic.

Snooping, Traffic Analysis

Attacks Threatening Confidentiality: HINT: S TA

Modification

After intercepting or accessing information, the attacker modifies the information to make it beneficial to herself.

Masquerading

happens when the attacker impersonates somebody else.

Replaying

The attacker obtains a copy of a message sent by a user and later tries to replay it.

Repudiation

This type of attack is different from others because it is performed by one of the two parties in the communication: the sender or the receiver.

Modification, Masquerading, Replaying, Repudiation

Attacks Threatening Integrity: HINT: Mod Mas Repl Repu

Denial of Service (DoS)

may slow down or totally interrupt the service of a system.

Denial of Service (DoS

)Attacks Threatening Availability: HINT: DoS

Network sniffing (packet sniffing)

It is a process of capturing the data packets traveling in the network. It is used by IT professionals to analyze and monitor the traffic to find such things as unexpected suspicious traffic.

Network sniffing (packet sniffing)

It is also used by attackers to collect data sent in clear text that is easily readable. In this case, the intent is to gather login names and passwords used to access the network.

Spoofing

It is a process by which an intruder masquerades as a trusted user in order to gain unauthorized access to a secure environment. One of the purposes of ________ in a corporate environment is to be able to conduct unauthorized business with another company’s clients.

IP address spoofing

is a process of creating IP packets with forged source IP address to impersonate a legitimate system. This kind of spoofing is often used in denial-of-service (DoS) attacks.

ARP spoofing

is a process of sending fake ARP messages in the network. The purpose of this type of spoofing is to associate the MAC address with the IP address of another legitimate host, causing traffic redirection to the attacker’s system.

DNS spoofing

is an attack where the wrong data is inserted into the DNS server cache, causing the DNS server to divert the traffic by returning wrong IP addresses as the results for client queries.

IP Address Spoofing, ARP Spoofing, DNS Spoofing

Examples of Spoofing: HINT: IPAS ARPS DNSS

Man-in-the-middle (MITM) attack

It is an attack that involves placing a software agent between the client and server ends before or during a communication session. With neither party being aware of the presence of the malicious agent, the agent simply relays the data transmissions between client and server as though nothing is happening.

Replay attack

It is a variation on the man-in-the-middle attack. In this case, an agent is once again placed within the client-server line of communication where it records the transaction data. The express purpose is to allow the data to be modified and replayed to the server at a later time for evil purposes.

Denial-of-Service (DoS)

It is an attack that is aimed at preventing unauthorized users from accessing services on the network.

Flooding

How does DoS disrupt the network?: A DoS attack can be in the form of ___________ the network with invalid data until traffic from authorized network users cannot be processed.

Modification

How does DoS disrupt the network?: It can also be in the form of disrupting communication between hosts and clients through the ___ of system configurations.

physical network destruction

How does DoS disrupt the network?: It can be in the form of causing ___________ ____________ _______________, such as crashing a server or router in the network.

Distributed Denial-of-Service Attack (DDoS)

An attacker can initiate a DoS attack from multiple computers or systems. This type of attack is called a __ ___ _, which is more difficult to deal with than an attack that is initiated from one system.

Trojan horse

It is a program that installs malicious software while under the guise of doing something else. Similar to the mythical Trojan horse, the malicious code is hidden in a computer program or other computer file that may appear to be useful, interesting, or at the very least harmless to an unsuspecting user. When the unsuspecting user executes this computer program or file, the malicious code is also executed, resulting in the installation of the malicious Trojan horse program.

Session hijacking

It refers to the exploitation of a valid computer to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server.

Phishing

It is an attack in which the attacker attempts to fraudulently acquire sensitive information, such as usernames, passwords, and credit card details, by masquerading as a trustworthy entity in a communication session. It is typically carried out by e-mail or instant messaging and often directs users to give details on a website.

Network Sniffing, Spoofing, Man-in-the-middle (MITM), Denial of Services, Trojan Horse, Session Hijacking, Phishing

Examples of Network Attacks: HINT: NS S MITM DoS TH SH P

Encryption

It is a method of concealing information from a recognizable text into encrypted form.

plaintext (or cleartext), ciphertext

Encryption transforms readable text, called ___________, into an unintelligible form, called _________, using an encryption algorithm.

Encryption algorithm

The purpose of an ___ __ is to scramble a message so that it remains secure even if the ciphertext is transmitted over a nonsecure medium.

Decryption

The process of recovering a plaintext from its ciphertext is called ___.

Cryptosystem

A system that encrypts and decrypts information is called a ___.

Cryptography

The art of creating and using cryptosystems is called ___.

Cryptanalysis

The art of breaking encrypted messages (usually by intruders) is called .

Cryptology

The study of cryptography and cryptanalysis is called _.

Key

Both encryption and decryption use a ____, in which in the cryptographic sense, is a long string of characters that permits a cryptosystem to encrypt or decrypt information in a distinct way.

Symmetric Cryptosystems

The same key is used for encryption and decryption. Both the originator and the recipient of a message must know the key, which is either known to the recipient through some prior arrangement or communicated in parallel with the ciphertext.

Public-Key Cryptosystems (or Asymmetric Cryptosystems)

It uses one key (public-key) for encryption and another key (private-key) for decryption. Each user is assigned a pair of unique and mathematically related keys: a public key and a private key. The private key is a secret key that is available only to the owner, and the public key is published.

Symmetric Cryptosystem, Public-Key Cryptosystem

Cryptographic Systems: HINT: SC PKC