Cybersecurity note


  1. What is hashing?

a cryptographic algorithm that produces a fixed-length string from an input that can be of any length.


  1. What is a hash value?

a value created by running the data through a hashing algorithm.


  1. What are some common terms that are also used to refer to a hash value?

unique


  1. How does a hash value serve as a fingerprint for data?

Because the hash value is unique like fingerprint.


  1. What are the lengths of the following hash algorithms?

Message Digest 5 (MD5)

32

Secure Hashing Algorithm 1 (SHA-1)

40


  1. How does even the most minor change in data affect its hash value?

This function takes the input data and applies a series of mathematical operations to it, resulting in a fixed-length string of characters. Which is why the smallest change of the input can lead to a different output. 


  1. What types of data can be hashed?

Simple text (passwords, sentences, etc.)

Any file (document, image, program, etc.)

An entire hard drive

Everything in between


  1. Is a hash reversible?

Harsh is not reversible because you cannot reverse back to the original data.


  1. How is a hash used to verify the integrity of data?

If hashes match, the later data is identical to the original data and has not been altered or corrupted in any way (verifies the integrity of the data).

  1. Post your answer to Challenge 1 here.

USS Enterprise

  1. Post your answer to Challenge 1 here.

Highway to the Danger Zone!

  1. Post your answer to Challenge 2 here.

Talk to me, Goose!

  1. Post your answer to Challenge 3 here.

Be my wingman!

  1. What is symmetric cryptography?

Uses a single key to encrypt and decrypt data


  1. What is the difference between a block cipher and a stream cipher?

  • Block cipher encrypts chunks or blocks of data in fixed size at one time.

  • Stream cipher encrypts each bit of data at one time.


  1. What is the current standard for symmetric encryption?

Advanced Encryption Standard (AES) was chosen in 2001 to replace DES as the current standard for symmetric encryption.


  1. Is AES a block cipher or a stream cipher?

Block cipher

  1. Describe how the following AES modes of operation work:

Electronic Code Book (ECB)

The simplest mode of operation

Cipher Block Chaining (CBC)

An advanced form of block cipher encryption

  1. What are the advantages of symmetric encryption/decryption? 

Strong for shorter key lengths

Fast – suitable for real-time and bulk encryption of high-speed communication systems


  1. What are the disadvantages of symmetric encryption/decryption?

Key Distribution – how do you get the key to who needs it and prevent anyone else from getting it?

Key Management – when you change the key, how do you get the new key to who needs it and prevent anyone else from getting it?

  1. Define the following cybersecurity terms:

Confidentiality

Ensures that information is accessible only to those authorized to have access.

Integrity

Accuracy and completeness of information and processing methods.

Availability

Ensures that authorized users have access to information and associated assets when required.

Social Engineering

term used for a broad range of malicious activities accomplished through human interactions.

Dumpster Diving

Searching for someone important information by looking into the trash they throw away.

Shoulder Surfing

Looking over the shoulder as you enter the password.

Snooping

unauthorized access to information that has not been properly safeguarded. Example is looking at someone's unlocked laptop.

Familiarity

Social engineering technique that uses the premise of a supposed friendship to convince you to do something that you should not, such as provide sensitive information.

Impersonation

involves the attacker pretending to be someone else.

Phishing

Tricks the victim into providing confidential information through emails or websites that impersonate an online entity that the victim trusts.

Phishing Websites/Pharming

are fake websites that are set up to trick someone into thinking they are on an organization’s legitimate website.

  1. What is the best way to prevent a successful social engineering attempt?

Training users on how to recognize and respond to social engineering attacks is the best way to mitigate the risk of a social engineering attack.


  1. What is a Trojan horse in terms of malware?

type of malware often disguised as legitimate software or a legitimate file.


  1. How does ransomware work?

encrypts all your files and/or your entire hard drive.


  1. How is a botnet used to carry out a Distributed Denial of Service (DDoS) attack?

a network of hacked computers used to flood websites or servers with excessive traffic, causing them to crash and become inaccessible


  1. Why is eavesdropping a confidentiality concern?

involves intercepting unencrypted wifi traffic between a user and wifi router/access point/hotspot.


  1. How is wiretapping different from typical wifi eavesdropping?

form of eavesdropping where the traffic is sniffed from the physical networking cable itself (as opposed to capturing wifi signals).


  1. How does an Adversary-in-the-Middle (AITM) attack work?

formerly known as a man-in-the-middle attack, the attacker sets up as a spoof wifi access point.The victim connects to the AITM instead of the real wifi.


  1. What is the original term for an AITM attack?

Man in the middle attack


  1. How does TCP Session Hijacking work?

when an attacker takes over a valid session between two computers.


  1. How does a replay attack work?

attack where the attacker eavesdrops and sniffs and captures session credentials between a victim and server, then uses those credentials to reestablish that session.

  1. What should users ensure they do if they need to leave their computer unattended?

Configure the screen lock to be applied after a short period of non-use. Configure the screen saver to require a password to unlock.


  1. What should users do to ensure their computers and mobile devices are up-to-date?

Immediately install operating system and/or software updates. Windows Update makes sure your computer has the most recent version of system software.


  1. What software application does Microsoft Windows use to ensure a computer has the most recent version of system software?

Window Update


  1. What precautions should users take when prompted to download files?

Ensure browser settings are set to notify the user before downloading. Don’t  open suspicious attachments to emails; delete the email without opening the attachment.


  1. What configurations should be on a device to improve the security of sensitive information on the device if it is lost or stolen ?

Screen lock, locator applications, remote wipe application.


  1. What are the 2 ways social media companies make money?

Selling user-generated data to other companies. Using targeted advertising toward user based on information in their profile, what they post, etc.


  1. What is the importance of metadata to social media companies?

They collect and analyzing metadata on each of their users to targeted advertising to individuals interest.


  1. What are some best practices regarding posts on social media as it relates to social engineering attacks?

Information individuals post on social media is often used for targeted social engineering (phishing) attacks.Users should always review and set strict privacy settings for their accounts to limit who can access profile information, posts, etc.


  1. What is the expectation of privacy for an employee using organizational assets to communicate both work-related and private emails and messages?

If an employee is using organizational assets, they should not expect privacy of any communications which use those assets.


  1. What is company confidential information (CCI)?

information the company either is legally required to protect or chooses to protect from disclosure to unauthorized personnel.


  1. What should companies who plan to process and store confidential customer information do?

Companies should obtain permission from customers to process and store any confidential information.


  1. What are examples of confidential employee information?

Personally identifiable information (PII) entered into a human resource database. Example are home address or banking & payroll information.


  1. Why should organizations store CCI on a company network hard drive as encrypted data?

This is the most effective way to ensure that is secured with proper network access controls and encryption.This will also protect CCI from the being stolen and held for ransom (threaten to sell and/or release CCI if ransom is not paid).


  1. Why should organizations use data wiping software on devices no longer in use?

Data wiping software should be used on the hard drives of any computer prior to getting rid of it. If this is not done, “deleted” files could be recovered using data recovery tools.

  1. What is the difference between symmetric cryptography and asymmetric cryptography?

Symmetric cryptography is a single key cryptography and asymmetric cryptography needs two keys.


  1. What are the advantages of asymmetric encryption/decryption?

Only the private key must be kept secret, the public key can be shared freely.

Also supports authentication


  1. How does asymmetric encryption/decryption use the two keys in the key pair?

Data encrypted with someone’s public key can only be decrypted with their private key.


  1. How is asymmetric encryption/decryption used to ensure the confidentiality of data?

Anyone intercepting the message will not be able to decrypt the message because they don’t have the private key.


  1. How is asymmetric encryption/decryption used to authenticate the sender of data, serving as a digital signature?

This authenticates that anything originated by that entity actually came from that entity.


  1. What are the disadvantages of asymmetric encryption/decryption?

Strength is dependent on the infeasibility of solving certain hard mathematical problems. 

Asymmetric encryption/decryption is much slower than symmetric. It is not suitable for real-time or bulk encryption.

  1. What is the difference between encoding and cryptography?

Encoding is a technique to transform data from one format to another so that it can be understood and consumed by different systems.

Cryptography (literally meaning “secret writing”) is the art of transforming data in a manner that makes it unreadable by an unauthorized user. 


  1. Describe the characteristics of encoding as it relates to interoperability, security purpose, and reversibility?

Encoding ensures interoperability between systems. It allows systems that use different data representations to share information.

Encoding has no security purpose. The conversion algorithm is not kept secret.

Encoding is a reversible process. You can transfer data from one representation to another and then go back to the original representation without any loss of information.


  1. What is ASCII?

ASCII was the original way developed to convert text and other keyboard entries or computer commands (that humans understand) into numeric values (that computers can understand) and vice versa.


  1. How is ASCII used to encode text and other keyboard entries?

ASCII is a 7-bit binary code that can be used to represent 128 different characters, including:

  • Upper and lower case letters

  • Numbers

  • Non-alphanumeric characters (punctuation, etc.).

  • Non-printing control characters. 


  1. How much storage (in bits/bytes) does one ASCII character use?

Every character could be encoded as one byte of data.


  1. What is Extended ASCII?

Extended ASCII utilized the first bit (unused by ASCII) to define 128 additional characters from other languages.


  1. What is Unicode and how is more useful than ASCII?

Unicode has enough space for every character from every human language as well as emojis, with room to spare.


  1. Complete the chart below with the required information concerning UTF-8, UTF-16, and UTF-32.

UTF-8

UTF-16

UTF-32

Basic Code Unit

8 bits long

16 bits long.

32 bits long.

Bytes of Data Used Per Character

1 - 4 bytes 

2 or 4 bytes of data.

4 bytes of data.

Most common use

coding web pages

Windows and Javascript

rarely used since it always uses 4 bytes of data to represent each character 


  1. What is Base64 encoding and why is it used?

Base64 encoding is a way of transforming any digital data into what looks like a long string of gibberish letters and numbers and used because some systems are only capable of handling ASCII characters as data.


  1. What are the 64 possible character options for standard Base64 encoding?

Base64 encoding has 64 possible character options.

  • All upper and lower case letters.

  • All 10 possible digits.

  • The (+) sign and forward slash (/)


  1. How many digits (bits) represent a Base64 character?

Each character is represented by a 6-digit (6 bit) binary number.


  1. What are the 3 steps in the Base64 encoding process?

Step 1

Divide the bit-stream into 6-bit blocks.

Step 2

Determine the Base64 character that corresponds to that 6-bit block.

Step 3

convert that Base64 character into its 8-bit ASCII equivalent.


  1. What is padding in Base64 and why is it needed?

It’s the 2 or 4 “extra” bits needed for the last 6-bit block. It is needed when the original binary cannot be divided into a 24-bit sequence.


  1. What is an indicator in a Base64-encoded string that padding bits have been added?

The equal sign is the indicator in a Base64-encoded string that padding bits have been added.