




Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive overview of cryptography and network security, focusing on symmetric and asymmetric encryption, data integrity algorithms, authentication protocols, and various security services. It also discusses the challenges in computer security, types of security attacks, and the role of nist in establishing security standards. Confidentiality, integrity, availability, authenticity, accountability, and non-repudiation, and explains passive and active attacks, including masquerade, replay, modification of messages, and denial of service.
Typology: Exams
1 / 8
This page cannot be seen from the preview
Don't miss anything!





Symmetric encryption - Correct Answers ✅ Used to conceal the contents of blocks or stream of data of any size, including messages, files, encryption keys, and passwords Asymmetric encryption - Correct Answers ✅ Used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures Data integrity algorithms - Correct Answers ✅ Used to protect blocks of data from alteration Authentication protocols - Correct Answers ✅ Schemes based on the use of cryptographic designed to authenticate the identity of entities The Internet and security field consist of - Correct Answers ✅ Measures to deter, prevent, detect, and correct security violations that involve the transmission of information NIST - Correct Answers ✅ National institute of standards and technology Computer security - Correct Answers ✅ The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability and confidentiality of information system resources Confidentiality types - Correct Answers ✅ 1- Data confidentiality 2- Privacy Data confidentiality - Correct Answers ✅ Assures that private or confidential information is not made available or disclosed to unauthorized individuals Privacy - Correct Answers ✅ Assures that individuals control or influence what related to them may be collected and stored and by whom and to whom information may be disclosed Integrity - Correct Answers ✅ 1- data integrity 2- system integrity Data integrity - Correct Answers ✅ Assures that information and programs are changed only in a specified and authorized manner System integrity - Correct Answers ✅ Assures that a system performs it's intended function in unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of system
Computer security challanges - Correct Answers ✅ 1- Security is not simple 2- Potential attacks on the security features need to be considered 3- Procedures used to provide particular services are often counter- intuitive 4- It is necessary to decide where to use the various security mechanism 5- Requires content monitoring 6- It is too often afterthought 7- Security mechanism typically involve more then a particulate algorithm or protocol 8- Little benefit from security investment is perceived until a security failure occur 9- Strong security is often viewed as impediment to efficient and user- friendly operation Security attacks - Correct Answers ✅ Any action that compromises the security of information owned by organization Security mechanism - Correct Answers ✅ A process that designed to detect, prevent, or recover from security attack
Security service - Correct Answers ✅ 1- processing or communication service that enhances the security of the data processing systems and the information transfers of an organization 2- intended to counter security attacks, and they make use of one or more security mechanisms to provide the security Threat - Correct Answers ✅ Potential of violation of security, which exist when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability Attack - Correct Answers ✅ An assault on system security that derives from an intelligent threat, that is, an intelligent act that is a deliberate attempt to evade security and violate the security policy of system Passive attacks - Correct Answers ✅ Attempts to learn or make use of information from system but she's not affect system resources Active attacks - Correct Answers ✅ Attempts to alter system resources or affect their operation
Active attack- modification of messages - Correct Answers ✅ Some portion of legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect Active attack- Denial of service - Correct Answers ✅ Prevents or inhabits the normal use or management of communications facilities Services categories - Correct Answers ✅ Authentication Access control Data confidentiality Data integrity Nonrepudiation Authentication - Correct Answers ✅ Assuring that communication is authentic Access control - Correct Answers ✅ The ability to limit and control the access to host systems and applications via communications links Achieved by, identify or authenticate individuals so access rights can be tailored to that individual
Data confidentiality (second def) - Correct Answers ✅ The protection of transmitted data from passive attacks The protection of traffic flow from analysis Data integrity (second def) - Correct Answers ✅ Connection oriented integrity service - Correct Answers ✅ Deals with stream of messages, assure that mags are received as sent without duplication, insertion, modification,reordering, or replays Connectionless integrity - Correct Answers ✅ Deals with individual messages without regards to any larger context, generally provides protection against messages modification only Nonrepudiation - Correct Answers ✅ Prevent either sender or receiver from denying transmitted messages Kinds of threats - Correct Answers ✅ Information access threat : intercept or modify data Service threat: exploit service flaw to inhibit use by legitimate user