|
Certificate Authorities help prevent man-in-the-middle attacks by creating and distributing signed public and private key pairs. This signature serves to verify that the public key the sender is using for encryption is truly the public key of the intended recipient. Select one: |
True |
|
Two people can verify they are communicating with each other by using a ____________, which verifies each party’s identity by being the distributor of public and private keys that both parties use. These keys are digitally signed so both parties can be assured they are communicating with each other. Select one: |
b. Certificate Authority |
|
What advantages are there to performing encryption in software, rather than hardware? Select one: |
a. No additional hardware is required |
|
What do digital signatures provide? Select one: |
d. Assurance that the stated author is the actual person that created the information, as well as assurance that the information has not been modified |
|
An encryption function takes cleartext and a key as input and returns ciphertext. Select one: |
True |
|
What happens when verifying a document with a digital signature? Select one: |
a. A message is decrypted with a corresponding public key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender |
|
The encryption algorithm used to encrypt or decrypt a piece of data is referred to as a: Select one: |
a. Cipher |
|
Symmetric key encryption gets its name because: Select one: |
d. Both parties must use the same encryption key to exchange data |
|
The process of converting ciphertext to plaintext is known as: Select one: |
c. Decryption |
|
A simple Caesar cipher uses a shift to encrypt while the XOR cipher needs a key to encrypt. Select one: |
True |
|
Symmetric key encryption requires keys to be distributed prior to communicating with the other party (i.e. the key is computed ahead of time, before initiating any communications). Select one: |
False |
|
An encryption key that is used by anyone in order to encrypt a file and send it to the owner of the encryption key so that the owner may decode it is referred to as: Select one: |
c. A public key |
|
_________ is the process of transforming cleartext into ciphertext. Select one: |
d. Encryption |
|
How does a valid digital signature assure the recipient that the document has not been tampered with? Select one: |
d. The hash contained in the digital signature was encrypted with the sender’s private key and could not have been modified without making the signature invalid. If the signature is valid, then the data must not have been tampered with. |
|
It is best for a private key to be stored on the same server as the data decryption software. Select one: |
False |
|
What is the recommended minimum key length for most applications and ciphers? Select one: |
d. 128 bits |
|
A brute force attack works by: Select one: |
d. Trying every combination of letters and numbers until the correct password/key is found |
|
Cryptography is: Select one: |
c. The study of encoding data so that confidentiality of communications can be maintained between two parties |
|
Regarding cryptography, a private key should be kept secure since: Select one: |
b. It can be used to access sensitive information |
|
Why is the length of an encryption key important? Select one: |
a. Shorter keys are less secure, meaning the data can be decrypted by an attacker |
|
How is public key cryptography different than symmetric key cryptography? Select one: |
b. Symmetric key cryptography uses the same key for both encryption and decryption |
|
Which of the following are commonly used examples that implement symmetric key encryption? Select one or more: |
b. Secure Socket Layer (SSL) c. Blowfish d. Data Encryption Standard or DES |
|
Ideally, where should encryption keys be stored? Select one: |
c. On a non-networked, physically secured storage device |
|
What could happen if an attacker were to plant a virus on a system that encrypted data in software? Select one: |
c. Both A and B |
|
Secure Sockets Layer, TLS and Pretty Good Privacy are examples of algorithms that use what type of encryption? Select one: |
b. Public key encryption |
|
The data or text that has been encrypted or encoded is referred to as: Select one: |
d. Ciphertext |
|
The encryption of storage devices is desired because: Select one: |
c. It is important to ensure data will not be exposed to unauthorized parties |
|
A hash function is: Select one: |
d. A one-way function that mathematically manipulates the input data to create an output value |
|
Encryption |
The encoding of data in such a way so that only the sender and intended recipient can decode and read it. |
|
Decryption |
The process of returning encrypted data to its original form. |
|
Key |
A piece of data used for encryption, or decryption, through use of a cipher. |
|
Brute force attack |
An attack that involves trying every possible key or password until the correct one is found. It is a simple trial and error attempt to break an encryption algorithm. |
|
Symmetric key cryptography |
A method of encryption where both parties use the same key and cipher to encode and decode the ciphertext. |
|
Digital signatures |
Provides a way to cryptographically sign a message or piece of information. |
|
Public key cryptograhphy |
Uses different keys to perform encryption and decryption. |
|
Certificate Authorities |
A third party that verifies the true identity of a party during encrypted communications. |
|
Comprehensive security plan |
• encryption algorithms • certifying authorities • key distribution plan |
|
Plaintext/cleartext |
Text that has not been encoded. |
|
Cipher |
The algorithim or method used to encode the data. |
|
Key |
Used along with the cipher to encode/decode data. |
|
Ciphertext |
Text that has been encoded. |
|
Hash function |
A function that takes data as input and performs a series of mathematical operations on the data to produce a unique output – a good hash function should rarely produce the same output from different input. |
|
Hash |
A value produced by a hash function. |
|
Encrypt |
Converting cleartext to ciphertext. |
|
Decrypt |
Converting ciphertext to cleartext. |
|
Eavesdropping |
A type of attack in which the attacker is able to secretly monitor communications between two unsuspecting parties. |
|
Man-in-the-middle attack |
A type of attack where the attacker has the ability to eavesdrop on, block or manipulate communications between two unsuspecting parties. |
|
Cryptographic function |
The software or hardware mechanism that transforms cleartext into ciphertext, or vice versa. Most modern cryptographic functions are quite complex and complex mathematical calculations. |
|
Symmetric key encryption |
Both parties use the same key and cipher to encode and decode the ciphertext. |
|
Key |
A piece of data used for encryption, or decryption, through use of a ciphert. This has the advantage of being relatively simple to implement. Unfortunately security is often sacrificed, since the key must be distributed. |
|
Exclusive OR (XOR) |
A common computer operation frequently used to check the value of a bit. XOR is particularly useful because it is easy to construct specialized digital circuits to perform this operation. When presented with two values to inspect, XOR ensures that exactly one of the values is true ("1"). If any other combination of values is encountered, XOR produces a result of false ("0"). Consider the following: •1 XOR 0 = True (1) •0 XOR 0 = False (0) •0 XOR 1 = True (1) •1 XOR 1 = False (0) |
|
Cipher vs key |
Cipher is the function or operation. Key is the value. |
|
___________ is the term given to data or text that has been encoded. • Cleartext |
Ciphertext |
|
Plaintext or cleartext is the term for: • The algorithm used to encrypt or decrypt data or text |
• The data or text that is not encrpted |
|
A ___________ analyzes data and produces a unique value based on that data. It is used in the creation of digital signatures. • Hash function |
Hash function |
|
Which of the following is one definition of the word "cipher"? • Data that has been successfully encrypted AND decrypted |
The algorithm or method used to encrypt/decrypt data |
|
___________ is the term that describes the study of encoding data so it is kept confidential between two parties. • Encryption |
Cryptography |
|
Both the XOR (Exclusive OR) cipher and the ROT 13 Caesar Cipher are examples which use: • Double key encryption |
Single key encryption |
|
A(n) ___________ function basically works as a black box, where cleartext and a key go in, and ciphertext comes out. • Decryption |
Encryption |
|
The word hellow is encrypted into the text ydssm. Which of the following is considered the cyphertext in this example? • Ciphertext is not used in this example |
ydssm |
|
___________ is the piece of data that is used to encrypt or decrypt a message or other blocks of data. • Hash function |
Key |
|
A(n) ________ function takes ciphertext (data that has been encrypted) and a secret key as input and uses the secret key to decode the data back into the original, unaltered cleartext. • Encryption |
Decryption |
|
Symmetric key distribution |
• Distribute the key ahead of time. • Use complex mathematics to transmit part of the key over the network. |
|
Symmetric key algorithm examples |
• Advanced Encryption Standard (AES) (Rijindael) • Data Encryption Standard (DES) • Triple-DES (TDES) • Serpent • Blowfish • Secure Sockets Layer (SSL) |
|
A ________ key is an encryption key made available to anyone wanting to transmit data to the key’s creator. • Private |
Public |
|
With modern technology, an encryption key with a length of 128 bits would: • Take one year to crack |
Take an effectively infinite time to crack |
|
In order to double the amount of time it would take an attacker to crack an encryption key, you could: • Add one bit to the length of the encryption key |
Add one bit to the length of the encryption key |
|
When using ________ encryption, two people decide on a mutual encryption key in order to securely exchange data wit one another. • Private key |
Symmetric key |
|
Blowfish and data encryption standard or DES are examples of algorithms that use: • Multiple key encryption |
Symmetric key encryption |
|
If an attacker discovers another person’s private encryption key, then they have successfully ________. • Ciphered the system |
Cracked the key |
|
Public key cryptography |
Also called asymmetric key cryptography. In most instances, each person publishes one key publicly. Parties who wish to communicate with that person will then use that public key to encrypt the data that they wish to transmit. Each person/party has two keys. •Public key which is published and can be accessed by anyone. •Private key, also known as the secret key, that is kept confidential. The two keys are mathematically related. •Information encrypted with the public key can be decrypted only with the private key. |
|
Digital signature |
The inverse of how traditional encryption works, with the user’s private key being used to sign the document, and others using the public key to verify the signature. |
|
Examples of Certificate Authorities |
•Verisign •GlobalSign •Entrust •GoDaddy •Thawte (Owned by Verisign) |
|
Examples of public key algorithms/protocols |
• Secure Sockets Layer (SSL) • Pretty Good Privacy (PGP) • Secure Shell (SSH) |
|
Secure Shell (SSH) |
Utilizes public key cryptography during the initial stages of the connection, while the identities of one or both parties are being validated. This is done to ensure that an attacker is not performing a man in the middle attack and posing as either the client or (more often) server. Once the identities of one or both parties have been verified, SSH utilizes traditional symmetric key cryptography for the actual transfer of data. This is done to take advantage of the speed of traditional symmetric key cryptography. |
|
Secure Sockets Layer (SSL) |
Utilizes public key cryptography during the initial stages of the connection, while the identities of one or both parties are being validated. This is done to ensure that an attacker is not performing a man in the middle attack and posing as either the client or (more often) server. Once the identities of one or both parties have been verified, SSL utilizes traditional symmetric key cryptography for the actual transfer of data. This is done to take advantage of the speed of traditional symmetric key cryptography. |
|
An output value produced by a mathematical function that utilizes the data input, especially in the use of creating digital signatures, is referred to as a: • Protocol |
Hash |
|
What is a digital signature? • A cryptographic value attached to data to certify the integrity of the data |
A cryptographic value attached to data to certify the integrity of the data |
|
What is a private key? • An encryption key that is accidentally exposed to the public |
An encryption key kept secret by the owner |
|
By acting as the creators and distributors of digitally signed encryption keys, Certificate Authorities use public key encryption to: • Prevent data decryption |
Prevent man-in-the-middle attacks |
|
The ideal location to store a private key is: • On a stand-alone computer system that is not networked |
On a stand-alone computer system that is not networked |
|
________ serve as third parties that can verify the true identity of a person during encrypted communications. • Cipher Authorities |
Certificate Authorities |
|
How does symmetric key cryptography differ from public key cryptography? • Symmetric key uses the same key for encryption and decryption |
Symmetric key uses the same key for encryption and decryption |
|
A ______ key should be kept secure because it can be worth a lot of money since it can decrypt valuable data. • Private |
Private |
|
In order to avoid using a certificate authority that is in alliance with an attacker, it is recommended that you: • Avoid using certificate authorities |
Use certificate authorities that are well known and reputable |
|
Which of the following uses public key cryptography? • ROT 13 |
Secure Sockets Layer (SSL) |
|
Software encryption |
For organizations who want to perform data encryption in software, several commercial products exist. Folder Locker, SensiGuard, SafeHouse and SecureIT are just a few of the products available. The high-end versions of newer versions of Windows (Enterprise or Ultimate) now feature a product named "BitLocker" which is a whole drive encryption utility built into the Windows OS. The encryption key is entered by the user at startup and stored in RAM, encrypting and decrypting data on the fly as it is written to/read from the hard disk. The data is encrypted using 128 bit or longer keys using the AES encryption algorithm. |
|
Hardware encryption |
For organizations who want to perform all encryption and decryption in hardware, several companies offer hard disks that perform all of the cryptographic functions in specially designed hardware. These devices offer some enhanced security over software protection, though this comes with a much higher monetary price. One manufacturer offering whole drive encryption in hardware is Seagate, who uses 128 bit or greater keys with AES, similar to the Microsoft BitLocker system. |
|
Encryption summary |
Cryptography is a way to secure data stored on your computer, removable media or being transmitted over the Internet. It involves the encryption and decryption of data. Using encryption reduces the risk of your data being compromised if it is intercepted or your computer is stolen. Key points regarding encryption are: • Symmetric encryption uses the same key to encrypt and decrypt data. • Asymmetric encryption uses different keys to encrypt and decrypt data. • Encryption key length is vital to security. The longer the key, the more secure it is. • Distribution of encryption keys must be considered to avoid an attacker obtaining the key. • Digital signatures verify the integrity of the data. • Certificate Authorities verify the identity of the party during encrypted communications. • Data can be encrypted in software or hardware. |
|
When encrypting a storage device, which is the most secure place to store a key? Select one: |
a. On a separate (from the encrypted device) and secured storage device |
|
Regarding cryptography, what is a private key? Select one: |
a. An encryption key that is kept confidential and used to decrypt data that has been encrypted with the corresponding public key in public key cryptography |
|
Which of the following could best help an attack to successfully occur on an encryption system? Select one: |
b. A short encryption key length |
|
The study of encrypting data so that confidentiality between two parties is maintained is known as: Select one: |
c. Cryptography |
|
A cracked encryption key is a key that: Select one: |
b. Has been discovered by some method and is now compromised |
|
Which of the following statements is true? Select one: |
d. All of the above are correct |
|
A hash function is: Select one: |
a. A one-way function that mathematically manipulates the input data to create an output value |
|
______ is the technical term for the encryption algorithm used to encrypt or decrypt a piece of data. Select one: |
a. Key |
|
A simple Caesar cipher uses a shift to encrypt while the XOR cipher needs a key to encrypt. Select one: |
True |
|
By acting as the creators and distributors of ______, certificate authorities use public key encryption to prevent man-in-the-middle attacks. Select one: |
c. Digitally signed public and private keys |
|
What is a certificate authority (CA)? Select one: |
c. An organization that certifies public keys as being legitimate by signing public keys with their private key |
|
Certificate Authorities assure involved parties that the right people are sending or receiving the correct information by: Select one: |
a. Distributing public and private keys with digital signatures to the sender and the receiver to be verified during the transfer process |
|
A(n) ______ function takes data and a secret key as input and uses the secret key to scramble/encode the data, producing ciphertext that cannot be deciphered by anyone other than the appropriate parties. Select one: |
b. encryption |
|
The words sunny day are encrypted to produce the text wndda lia. Which of the following is considered to be the cleartext in this example? Select one: |
a. Sunny day |
|
Why must a private key not be stored with the data it has encrypted? Select one: |
d. If an attacker is able to hack into that system, they will have everything they need to read the sensitive information. |
|
An encryption function takes ciphertext and a key as input and returns cleartext, provided the correct key is used. Select one: |
False |
|
What happens when signing a document with a digital signature? Select one: |
c. A person’s message is hashed to a message digest and then encrypted with a private key to form the actual signature |
|
Which of the following is true? Select one: |
c. Software encryption is more vulnerable to tampering than hardware encryption |
|
Which of the following is true? Select one: |
c. A key length of 128 bits provides significant security for most applications |
|
It is important to use reputable certificate authorities since: Select one: |
c. An attacker could pose as a certificate authority or a certificate authority could be in alliance with an attacker |
|
What is a public key? Select one: |
d. An encryption key that is deliberately made available to anyone that wants it so that they may transmit encrypted data to the key’s owner/creator |
|
Secure Sockets Layer or SSL, which uses a encryption algorithm, is the encryption technique that is used by Secure HTTP, thus enabling e-commerce. Select one: |
c. public key |
|
Which of the following is an example of a brute force attack? Select one: |
c. Trying every combination of letters and numbers until the correct password/key is found |
|
The lowest level of attack or simplest attack for cracking an encryption key would be a dictionary attack, which is basically trying to crack a key by trial and error. Select one: |
False |
|
The length of an encryption key is important because: Select one: |
a. The length determines the maximum number of possible keys that an attacker will have to try before the correct key is discovered |
|
Using symmetric key encryption alone, data is vulnerable to a man-in-the-middle attack. Select one: |
True |
|
When using ______ cryptography, two people decide on a mutual key in a safe or secure way in order to exchange encrypted data with one another. Select one: |
a. Public key |
|
What is used along with an encryption algorithm (cipher) to encode and decode data? Select one: |
b. Key |
Share This
Flashcard
