Save
Busy. Please wait.
Log in with Clever
or

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever
or

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't know
Remaining cards (0)
Know
0:00
share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Winters Exam 3

TermDefinition
Cryptography the process of making and using codes to secure the transmission of information
Cryptanalysis the process of obtaining the original message from an encrypted message without knowing the algorithm and keys used to perform the encryption
Encryption the process of converting an original message into a form that is unreadable to unauthorized individuals
Decryption the process of converting ciphertext message back into plaintext
Cipher/Cryptosystem an encryption method
Ciphertext/Cryptogram the encoded message resulting for an encryption
Decipher to decrypt, decode, or convert, ciphertext into the equivalent plaintext
Encipher to encrypt, encode, or convert, plaintext into the equivalent ciphertext
Steganography the hiding of messages
Work factor the amount of effort required to perform cryptanalysis
Substitution cipher the encryption technique that substitutes one value for another
Monoalphabetic ______________ substitution uses one alphabet
Polyalphabetic ______________ substitution uses more than one alphabet
Transposition ______________ cipher simply rearranges the values with a block to create the ciphertext
Vernam ______________ cipher uses a set of characters only one time for each encryption process
Book/Running Key ______________ cipher uses the text in a book as the key to decrypt a message
Hash functions mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes made to it
Message authentication code allows only specific recipients (symmetric key holders) to access the message digest
Secure Hash Standard a secure algorithm for computing a condensed representation of a message of a data file
Symmetric (private key) Encryption methodologies that require the same secret key to encipher and decipher the message is considered ______________ encryption
Asymmetric (public key) Encryption methodologies that require to different but related keys, and either key can be used to encrypt or decrypt the message is ______________ encryption
Public Key Infrastructure an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely
Digital certificates public-key container files that allow computer programs to validate the key and identify to whom it belongs
Certificate authority ______________ issue, manages, authenticates, signs and revokes user’s digital certificates
Registration authority operates under the trusted collaboration of the certificated authority and can handle day-to-day certification functions
Nonrepudiation Digital signature can be used to verify that the message was sent by the sender. This process is known as ______________
Digital signatures ______________ help authenticate the origin of a message
Digital certificates ______________ authenticate the cryptographic key is embedded in the certificate.
Steganography the process of hiding information within a file is a modern version
man-in-the-middle A/n ______________ attack attempt to intercept a public key or even to insert a known key structure in place of the requested public key
Correlation ______________ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the cipertext
Dictionary A/n ______________ attack encrypts every word in a dictionary using the same cryptosystem as used by the target in an attempt to locate a match between the target ciphertext and the list of encrypted words
Timing attacks A/n ______________ uses statistical analysis of patterns and inter-keystroke timings to discern session information.
secure facility a physical location that has in place controls to minimize the risk of attacks from physical threats
ID card - typically concealed Badge - typically visible What is the major difference between ID cards and badges?
tailgating ______________ occurs when an authorized person present a key to open a door and other people with or without authorization may enter
fail-safe If a door lock fails and the door becomes unlocked
fail-secure If a door lock fails and the door becomes locked
mantrap a small enclosure that has a separate entry and exit points
1. thermal detection systems 2. fixed temperature sensors 3. rate of rise sensors What are the three basic types of fire detection system?
1. photoelectric sensors 2. ionization sensors 3. air-aspirating detection Smoke detectors operate in one of three ways. Name them.
dry pipe A/n ______________ fire suppression system is designed to work in areas where electrical equipment is used.
1. temperature 2. filtration 3. humidity 4. static elctricity What are the four environmental variables controlled by HVAC that can cause damage to information systems?
1. stand by or offline 2. ferroresonant standby 3. line-interactive 4. true online What are the four basic configurations of UPS?
TEMPEST a technology that prevents the loss of data that may result from the emission of electromagnetic radiation
1. direct observation 2. interception of data transmission 3. electromagnetic interception What are the three methods of data interception?
project A/n ______________ plan instructs individuals who are executing the implementation of an information security plan.
1. planning the project 2. supervising tasks and action steps 3. wrapping up What are the major steps in executing a project plan?
1)list of major task 2)work to be accomplish 3)individuals assigned to perform da task 4)start and end dates for the task 5)amount of effort to complete task 6)estimated capital expenses 7)estimated non-capital expenses 8)dependencies between tasks What goes into a work breakdown structure?
Measured results are compared to expected results. When significant deviation occurs, corrective action is taken to bring the task back into compliance or the project is revised. What is a negative feedback loop?
1. effort and money allocated 2. elapsed time or schedule impact 3. quality or quantity of the deliverable When executing a plan a project manager can adjust one of three planning parameters, what are they?
direct A/n ______________ changeover involves stopping the old method and beginning the new.
phased A/n ______________ implementation involves a measured rollout of the planned system.
pilot In ______________ implementation, the entire security system is put in a single office as a test.
parallel The ______________ operations strategy involves running the new methods alongside the old
CHECK STICKY NOTES Describe the Bull's Eye Method
Technology governance ______________ is a complex process that organizations use to manage the effects and costs of technology implementation, innovation, and obsolescence
accreditation the authorization of an IT system to process, store or transmit information assuring that systems are of adequate quality
information technology When positioning the information security department within an organization, the model commonly used by large organizations places the information security department within the ______________ department
CIO the executive in charge of the organization’s information
CISO this person must direct the information security department
security managers they are accountable for the day-to-day operations of the information security program
security technicians they configure firewalls, deploy IDPS, implement security software, etc
CISSP CISM SSCP CAP CISA SCP CCE Name 5 of the certifications for information security
consultants Individuals hired for a specific one time purpose and are not employees are considered ______________
contract employees Individuals hired for a specific one time purpose and are employees are considered ______________
separation of duties ______________ is used to reduce the chance of an individual violating information security and breaching the confidentiality, integrity or availability of information
two-person control the requirement that two individuals review and approve each other’s work before the work is categorized as finished
job rotation the requirement that every employee be able to perform the work of another
least privilege The principle that employees should be provided access to the minimum amount of information for the minimum amount of time necessary for them to perform their duties is ______________
Created by: mgolf
Popular Computers sets

 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards