Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security + CompTIA
Domain 6 Cryptography and PKI
| Term | Definition |
|---|---|
| Symmetric Key | algorithms depend on a shared single key for encryption & decryption. Examples: DES 3DES RC5 & AES |
| Asymmetric Key Algorithms | use a public key for encryption and private key for decryption Examples: RSA, Diffie-Hellman, El Gamal,& elliptic curve cryptography standards |
| Nonrepudiation | ensures proof or origin, submission, delivery and receipt |
| block ciphers | not as fast, encrypt on blocks of fixed length and have higher level of diffusion over stream cyphers |
| stream ciphers, | encryption performed bit-by-bit |
| ROT13 | substitution cipher - first half fo roman alphabet corresponds to second half and its is inverse in nature |
| Perfect forward secrecy or just Forward Secrecy | after the session has ended when both sides destroy keys |
| Ephemeral Key Agreement protocols | DHE ECDHE - provide forward secrecy |
| Bcrypt & PBKDF2 | - key derivation functions used for key stretching, provide means to stretch a key or password; making it stronger |
| Key Scrow | stores private key with a trusted third party |
| OCSP Stapling | puts the responsibility of OCSP requests on web server instead of the issuing CA |
| OCSP | Online Certificate Status Protocol, internet protocol used for obtaning the revocation status of an x509 digital certificate |
| Three Types of Validated Certificates | DV, OV, EV |
| DV | Domain Validation Certificate - assure domain is owned by the claiming party |
| EV | Extended Validation Certificate - assures domain is owned by party and also extends the company and location in browser bar. |
| OV | Organizational Validation - higher level of assurance - no difference to UI from DV |
| PEM, P7B | Are ASCII encoded (letters and numbers) makes them useful for email |
| DER PFX | binary encoded certificates |
| PKI | public key infrastructure - enables secure data sharing among validated parties on the internet. relies on asymmetric key cryptography using certificates digitally signed blocks of data issued by a CA |
| PEAP | encapsulates EAP (extensible authentication protocol) in a TLS tunnel, only requires a certificate on the server Thus Protected Extensible Authentication Protocol... |
| LEAP | light weight extensible authentication protocol. no digital certificates, simply a password and you're able to communicate between authentication methods and WAP - based on Microsoft CHAP - all information travels in the clear |
| EAP | Extensible Authentication Protocol - common set of frameworks that can be used to authenticate people into things like wireless networks, WPA2 & WPA use five different EAP types as authentication mechanisms. |
| CSR | Certificate Signing Request - specially formatted encrypted message sent from a SSL applicant to a certificate authority. |
Created by:
Pillsburycreative
Popular Standardized Tests sets