Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
70 Cards in this Set
- Front
- Back
|
Integrity
|
Provides assurances that data has not been modified |
|
|
hash
|
a number derived form performing a calculation on data, such as a message or file |
|
|
Confidentiality
|
ensures that data is only viewable by authorized users |
|
|
Symmetric encryption
|
|
|
|
Asymmetric encryption
|
uses two key (public and private) created as a matched pair |
|
|
Authentication
|
Validates and identity |
|
|
Non-repudiation
|
is a process designed to prevent a party from denying an action |
|
|
MD5
|
Message Digest 5 |
|
|
Message Digest 5
|
a hashing algorithm |
|
|
SHA
|
Secure Hash Algorithm |
|
|
Secure Hash Algorithm
|
a hashing algorithm
|
|
|
HMAC
|
Hash-based Message Authentication Code |
|
|
Hash-based Message Authentication Code
|
is a secret code the is coupled with hashing algorithm to increase integrity
|
|
|
FCIV
|
File Checksum Integrity Verifier |
|
|
File Checksum Integrity Verifier
|
a free command prompt utility that computes and verifies cryptographic hash values
|
|
|
RIPEMD
|
Race Integrity Primitives Evaluation Message Digest
|
|
|
RIPEMD, NTLM are...? |
Hashing algorithms
|
|
|
Race Integrity Primitives Evaluation Message Digest
|
a hashing algorithm
|
|
|
LANMAN
|
LAN Manager |
|
|
LAN Manager
|
a legacy authentication protocol
|
|
|
NTLM
|
New Technology LAN Manager |
|
|
New Technology LAN Manager
|
a legacy protocol used with MD4 algorithm, but both are compromised
|
|
|
AES
|
Advanced Encryption Standard |
|
|
Advanced Encryption Standard
|
a strong symmetric block cipher. has a key the is 128, 192, or 256
|
|
|
DES
|
Data Encryption Standard |
|
|
Data Encryption Standard
|
uses only a 56 bit key so it is now susceptible to brut force attacks.
|
|
|
3DES
|
Triple Data Encryption Standard |
|
|
Triple Data Encryption Standard
|
a encryption algorithm that is an improvement over DES since is uses 56 bits, 112 bits or 168 bits.
|
|
|
RC4
|
Ron's Code or Rivest's Cipher...is a symmetric stream cipher created by Ron Rivest |
|
|
One-time pads
|
a hardcopy printouts of keys in a pad of paper. Two people have the pads and after identifying which key to use they destroy the page and the person reading uses the key and destroys their page. |
|
|
Blowfish
|
a strong symmetric block cipher |
|
|
Twofish
|
a strong symmetric block cipher |
|
|
Asymmetric Encryption Rule
|
Only a private key can decrypt information encrypted by a matching public key Only a public key can decrypt information encrypted by a matching private key. |
|
|
Certificates
|
are used in asymmetric encryption to pass on public keys from their owners. |
|
|
Certificates include what info...? (6)
|
Serial Number issuer Validity Dates Subject Public Key Usage |
|
|
RSA
|
Rivest, Shamir, and Adleman (RSA) |
|
|
Rivest, Shamir, and Adleman (RSA) what is it?
|
a tool for creating public and private keys. Very secure and used for credit card transactions on the internet
|
|
|
Diffie-Hellman
|
is a key exchange algorithm used to privately share a symmetric key between 2 parties. |
|
|
ECC
|
Elliptic Curve Cryptography
|
|
|
Elliptic Curve Cryptography
|
is a key algorithm used on wireless devices since it uses smaller key sizes using less power than other encryption methods.
|
|
|
Steganography
|
hides data in other data. and example would be hiding data in a written file very small so that it looks like a dot or a dash. |
|
|
Quantum Cryptography
|
entails sending streams of modified protons (either emitting light up and down or side to side). each photon can be read as either a 1 or a zero which allows them to be used to create an encryption key.
|
|
|
SSL
|
Secure Sockets Layer |
|
|
Secure Sockets Layer
|
an encryption protocol used to encrypt internet traffic
|
|
|
TLS
|
Transport Layer Security |
|
|
Transport Layer Security (TLS)
|
is a replacement for SSL which is an encryption protocol for internet traffic |
|
|
What is required to run SSL and TLS?
|
a CA since certificates are necessary for them to run. |
|
|
|
|
|
|
Which key encrypts and decrypts for e-mail digital signatures?
|
Public decrypts |
|
|
Which key encrypts and decrypts for e-mail?
|
Public Key Encrypts Private Key Decrypts |
|
|
Which key encrypts and decrypts for websites?
|
Public Key Encrypts Private Key Decrypts |
|
|
Signing e-mail with digital signatures provides what security measures? (3)
|
Authentication Non-repudiation Integrity |
|
|
S/MIME
|
Secure / Multipurpose Internet Mail Extensions |
|
|
Secure / Multipurpose Internet Mail Extensions (S/MIME)
|
one of the most popular standards used to digitally sign and encrypt e-mail.
|
|
|
PGP/GPG
|
Pretty Good Privacy and GNU Privacy Guard both are e-mail encryption protocols that use and RSA Algorithm and public and private keys for encryption and decryption. |
|
|
How does HTTPS us Symmetric and Asymmetric encryption?
|
it uses Asymmetric Encryption to transmit a Symmetric key. Once both parties have the same key the actual data is encrypted using Symmetric Encryption.
|
|
|
How do SSL and TLS us Asymmetric and Symmetric encryption in secure web sessions???
|
The websites public key encrypts a symmetric key and the symmetric key encrypts data within the web session
|
|
|
Public Key Infrastructure (PKI)
|
Is used to request, create, manage, store, distribute and revoke digital certificates. |
|
|
CA
|
Certificate Authority |
|
|
Certificate authority
|
certificates |
|
|
Hierarchical trust model
|
Root CA I Intermediate CA I Child CA I End User |
|
|
RA
|
Registration Authority
|
|
|
Registration Authority
|
an individual in a large organization that assists in the certificate registration process.
|
|
|
6 Common reasons to revoke a certificate
|
Key Compromise CA compromise Change in affiliation Superseded Cease of Operation Certificate hold |
|
|
CRL
|
Certificate Revocation List |
|
|
OCSP
|
Online Certificate Status Protocol |
|
|
Online Certificate Status Protocol
|
allows the client to query the CA with the serial number and then responds with healthy, revoked or unknown.
|
|
|
What does it mean is an OCSP responds with unknown?
|
the certificate is a forgery
|
|
|
Key Escrow
|
|
|
|
Recovery Agent
|
An designated individual who can recover or restore cryptographic keys (private keys).
|
