Cryptovariable
is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext
Cryptology
the science of encryption is known as
cryptography
is the process of making and using codes to secure the transmission of information.
Message digest
is a fingerprint of the author's message that is to be compared with the recipient's locally calculated hash of the same message
three basic operations in cryptography
substitution, transposition, XOR
Julius Caesar
was associated with an early version of the substitution cipher.
1553
year was the idea of a passphrase (password) introduced
Bit stream cipher
encryption method that involves converting plaintext to ciphertext one bit at a time
Vernam
Cipher using a 26 x 26 block of letters
Hashing functions
do not require the use of keys.
false positive
is not the failure of an IDPS system to react to an actual attack event
false attack stimulus
The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is not known as a
NIDPS
is not reliably ascertain if an attack was successful or not.
enhanced Web scanner
To assist in the footprint intelligence collection process, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses.
Intrusion detection and prevention systems
perform monitoring and analysis of system events and user behaviors.
A known vulnerability
is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss
Alarm filtering
is the method by which an alarm system reports the origin of a system failure, rather than a list of systems failed
is the process of classifying IDPS alerts so that they can be more effectively managed
A(n) server-based IDPS
does not protect the server or host's information assets
A(n) partially distributed IDPS
control strategy combines the best of the other two strategies
Fingerprinting
is the organized research of the Internet addresses owned or controlled by a target organization.
HIDPSs
benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files
network-based
IDPS is focused on protecting network information assets
To use a packet sniffer legally, the administrator must
be on a network that the organization owns
be under direct authorization of the network's owners
have knowledge and consent of the content's creators
knowledge-based IDPS
A signature-based IDPS is sometimes called
monitoring
port is also known as a switched port analysis (SPAN) port or mirror port
idle
scanning will allow the Nmap user to bounce your scan across a firewall by using one of the idle DMZ hosts as the initiator of the scan.
passive
vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software
List and describe the three advantages of NIDPSs
1. Good network design and placement of NIDPS devices can enable an organization to use a few devices to monitor a large network.
2. NIDPSs are usually passive devices and can be deployed into existing networks with little or no disruption to normal netwo
List and describe the four advantages of HIDPSs
1. A HIDPS can detect local events on host systems and also detect attacks that may elude a network-based IDS.
2. A HIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing.
3. The use of switche
False
The screened subnet protects the DMZ systems and information from outside threats by providing a network with intermediate security, which means the network is less secure as the general public networks but more secure than the internal network.
In order
True
it is important that e-mail traffic reach your e-mail server and only your e-mail server
if Kerberos servers are subjected to denial-of-service attacks
a client cannot still request additional services
A VPN
does not allow a user to use the Internet as if it were a private network
Most current operating systems require specialized software to connect to VPN servers
as support for VPN services is built into the clients
Telnet services
The presence of external requests can indicate a potential attack
war dialer
An attacker who suspects that an organization has dial-up lines can use the device to locate the connection points
Secure VPNs
use security protocols and encrypt traffic transmitted across unsecured public networks like the Internet
tunnel mode VPNs
is not the end-to-end transport of encrypted data.
Transport
mode, the data within an IP packet is encrypted, but the header information is not
tunnel mode
is that an intercepted packet reveals nothing about the true destination system.
SESAME
is a result of a European research and development project and is similar to Kerberos
leased circuits
A trusted VPN uses from a service provider who gives contractual assurance that no one else is allowed to use these circuits and that they are properly maintained and protected.
tunnel
mode VPN establishes two perimeter tunnel servers to encrypt all traffic that will traverse an unsecured network, with the entire client packet is encrypted and added as the data portion of a packet addressed from one tunneling server to another.
What must a VPN that proposes to offer a secure and reliable capability while relying on public networks accomplish?
Encapsulation of incoming and outgoing data, wherein the native protocol of the client is embedded within the frames of a protocol that can be routed over the public network as well as be usable by the server network environment.
- Encryption of incoming
Adopted by NIST in 1976 as a federal standard
DES does not use a 64-bit block size and key
3DES
was not created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time
When an asymmetric cryptographic process uses the sender's private key to encrypt a message
the sender's public key must be used to decrypt the message.
Common implementations of a Registration Authority (RA)
include functions to issue digital certificates to users and servers.
Steganography
is a data hiding method that involves embedding information within other files, such as digital pictures or other images
DES
did not became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES
the Rijndael ?Block Cipher
AES implements a block cipher
PKI, a(n) registration authority issues
manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information
Diffie-Hellman
key exchange uses asymmetric encryption to exchange session keys.
symmetric
A method of encryption that requires the same secret key to encipher and decipher the message
DES uses
64-bit block size
RSA
algorithm, developed in 1977, was the first public key encryption algorithm published for commercial use
The CA periodically distributes
to all users that identifies all revoked certificates.
DSS
Digital signatures should be created using processes and products that are based on the
steganography
the process of hiding messages within the digital encoding of a picture or graphic
advanced encryption standard
The successor to 3DES
public key encryption
The more common name for asymmetric encryption
registration
authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and
A digital certificate
is an electronic document or container file that contains a key value and identifying information about the entity that controls the key.
Describe symmetric and asymmetric encryptions.
Symmetric Encryption. Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called private key encryption or symmetric encryption. Symmetric encryption methods use mathematical operations that can
Describe digital certificates.
Digital certificates are public-key container files that allow computer programs to validate the key and identify to whom it belongs. The certificate is often issued and certified by a third party, usually a certificate authority. A digital signature atta