CryptographyWk1

What is the CIA triad

Confidentiality, Integrity, Avalability

What is the BEST definition of threat in accordance to the book

A potential violation of security

What is the BEST definition of attack in accordance with the book

Assault on a security system

What are the two main types of passive attacks according to the book

Eavesdropping, Release of message contents

What is the type of active attack in which one entity is pretending to be another

masquerade

What is the type of active attack in which someone modifies data between client and server

man in the middle

How many bits long is a block cipher usually

128

Which of the encryption types only uses one key

symmetric

Which of the encryption types uses two keys

asymmetric

What are the 3 major types of device security

firewall, IDS, IPS

What is the term in which it assures that a user, sender or receiver cannot deny an action that they took

nonrepudiation

What is traffic padding

inserting bits into gaps in a data stream to frustrate traffic analysis

What is notorization

The use of trusted 3rd party to assure certain properties of a data exchange

What are the 3 cryptographic algorithms

keyless, single key, two key

True or False: The emphasis in dealing with active attacks is on prevention rather then detection

False

Does a block or stream cipher process data bit by bit or byte by byte

stream

Does a block or stream cipher process data in chunks of usually 128 bits

block

______ is the protection of data from passive attacks

confidentiality

Data ______ ensures that data cannot be altered or destroyed

integrity

Which word best fits the definition: a branch of mathematics that deals with the transformation of data

cryptography

Which authentication service more commonly uses certificates

peer entity authentication

which authentication service more commonly uses a MAC or digital signature

data origin authentication

Data that is appended to existing data unit is known as a

digital signature

True or False: Authentication protocols and encryption protocols are examples of security mechanisms

True

True or False: Data origin authentication does not provide protection against the modification of data units

True

True or False: security services include access control, data confidentiality, and data integrity but do not include authentication

False

A _____ level breach in security could cause significant degradation in the mission but the organization can still perform its primary functions

Medium

The OSI security architecture contains Security services, Security attacks and what other component

Security mechanism

What are the 3 key components of computer security

Confidentiality, Integrity, Availability

Eavesdropping is which type of attack

passive

Confidentiality covers the regions data confidentiality and _____ (choose the best fit)

privacy

Integrity covers the regions data integrity and _____ (choose the best fit)

data authenticity

Authentication, Access control, Data confidentiality, Data Integrity, Nonrepudiation and Availability service are all examples of what

Security services

Of the following: Cryptographic algorithms, routing control, authentication exchange, traffic padding, nonrepudiation, notarization which of the following is NOT a security mechanism

nonrepudiation

Asymmetric encryption is affiliated with what key encryption

two-key

What does ISOC stand for

Internet society

What does ITU stand for

International telecommunication union

What does ISO stand for?

International Organization for standardization

What are the 2 major terms of network security

Communication, Device security

Does this definition match trust or trustworthiness better; A characteristic of an entity that reflects the degree to which the entity is deserving of trust.

trustworthiness