Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
|
Circuit switched vice packet switched
|
In a circuit switched network, a dedicated path is maintained between the source and destination for the duration of the session
In a packet switched network, message data is divided into separate packets that may travel different routes to the same destination •The packets share the route with packets from other users |
|
|
. Traffic Flow Analysis
a. What is it and how is it addressed? |
Inference of information through the examination of message attributes rather than message contents
|
|
|
End-to-End Encryption.
|
User A instructs her e-mail application program to encrypt a message for recipient B
•When the packets leave the client system the data in the packets will be encrypted |
|
|
Link encryption.
|
A special network is needed
–It has encryption/decryption devices at every connection to every intermediate node |
|
|
a. Gateway-to-Gateway VPN.
|
The gateway-to-gateway VPN implementation replaces an expensive dedicated leased network by using encryption over the Internet
•Each branch office installs a VPN device at their Internet gateway |
|
|
b. Client-to-Gateway VPN.
|
The client-to-gateway VPN implementation replaces the need for expensive 800 phone numbers for remote access
•A VPN device is installed at the corporate Internet gateway and VPN software is installed in selected client systems, often laptops This traffic can be encrypted and encapsulated |
|
|
• Application-based end-to-end encryption take place at what layer?
|
Layer 7 Application Applications
|
|
|
• Link encryption takes place at what layer?
|
Layer 2 Data link E.g., Ethernet
|
|
|
• VPN IPSec encryption takes place at what layer?
|
Layer 3 Network E.g., IP
|
|
|
Passive attack
|
The attacker can only see the packets
|
|
|
Active attack
|
The attacker has the ability to read, copy and modify network packets and to insert new packets
|
|
|
Circuit Switched Network
|
In a circuit switched network, a dedicated path is maintained between the source and destination for the duration of the session
|
|
|
Packet Switched Network
|
In a packet switched network, message data is divided into separate packets that may travel different routes to the same destination
|
|
|
Packet
|
Messages are chopped up into packets or datagrams•Packets have a header and data
|
|
|
Packet Header
|
Contains source and destination addresses.
|
|
|
Encapsulation
|
The encapsulation feature can make the remote client appear as if it is an internal system with all the privileges of an internal client
|
|
|
Traffic Flow Analysis
|
Inference of information through the examination of message attributes rather than message contents
|
|
|
End-to-End Encryption
|
Since the data is encrypted before it leaves the system A it is protected until it is inside system
•Traffic flow analysis is very vulnerable Since encryption and decryption is taking place on user client systems, the end users are managing their keys •The end user decides what to encrypt –It is possible that they will occasionally make a mistake and forget to encrypt a sensitive message |
|
|
Link Encryption
|
A special network is needed
–It has encryption/decryption devices at every connection to every intermediate node |
|
|
Virtual Private Network
|
If traffic is encrypted and authenticated over a public network (e.g., the Internet) it simulates a private network
|
