Confidentiality, Integrity, Availability

Only users who should have access permissions are able to access information

The data is not modified by an unauthorized source

A suspicious agent seeking to access something unauthorized

What is a Vulnerability?

A flaw in a system or other data-container that could be exploited by threats to access secured information.

Any data, device, or component that supports some system function, where it's important to protect it.

Encryption that is performed with the same key (to decrypt and encrypt)

Asymmetric Encryption

Encryption that uses a pair of keys to encrypt and decrypt, one private and one public. Anyone can encrypt a message using the public key, but only the private key holder can decrypt.

What role does a salt play in encrypting/decrypting?

Puts a random string of characters before a message before encrypting, to randomize the message. It makes pre calculated passwords ineffective.

What role does a pepper play in encrypting/decrypting?

Puts a random string of characters (calculated using a separate algorithm-- and unique to the password) before the passwords, to make rainbow tables ineffective.

What role does encoding play in encryption?

It makes it harder to immediately read--- instead putting into a form that is essentially gibberish so it puts a barrier between an average user and the encrypted information.

Stores the information in a massive table, where you're able to navigate by index. Attacked with rainbow tables (compare popular passwords to frequency of passwords appearing)

What is a Certificate Authority?

A service that issues certificates directly to a site

What is a Root Certificate Authority?

A service that verifies the certificates of certificate authorities, a usually more established credible source, verified by the OS.

What is Let's Encrypt?

A free certificate service for sites

What's the process of TLS handshake?

1) Authenticates certificates of user and site 2) Establishes which cipher suites and encryption processes each will use 3) Receives public key for encryption, send premaster secret, site uses private key to decrypt.

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

Computer Security T1

Computer Security Test 1 CSDS 344 Study Flashcards, CWRU

Question	Answer
CIA	Confidentiality, Integrity, Availability
Confidentiality	Only users who should have access permissions are able to access information
Integrity	The data is not modified by an unauthorized source
Availability	The systems are available.
What Virtual Machine are we using in class?	We are using Ubuntu
What is a Threat?	A suspicious agent seeking to access something unauthorized
What is a Vulnerability?	A flaw in a system or other data-container that could be exploited by threats to access secured information.
What is an Asset?	Any data, device, or component that supports some system function, where it's important to protect it.
Symmetric Encryption	Encryption that is performed with the same key (to decrypt and encrypt)
Asymmetric Encryption	Encryption that uses a pair of keys to encrypt and decrypt, one private and one public. Anyone can encrypt a message using the public key, but only the private key holder can decrypt.
What role does a salt play in encrypting/decrypting?	Puts a random string of characters before a message before encrypting, to randomize the message. It makes pre calculated passwords ineffective.
What role does a pepper play in encrypting/decrypting?	Puts a random string of characters (calculated using a separate algorithm-- and unique to the password) before the passwords, to make rainbow tables ineffective.
What role does encoding play in encryption?	It makes it harder to immediately read--- instead putting into a form that is essentially gibberish so it puts a barrier between an average user and the encrypted information.
What algorithms do we use? What are their roles?	SHA256, PBDKF2,
What is hashing?	Stores the information in a massive table, where you're able to navigate by index. Attacked with rainbow tables (compare popular passwords to frequency of passwords appearing)
What is a Certificate Authority?	A service that issues certificates directly to a site
What is a Root Certificate Authority?	A service that verifies the certificates of certificate authorities, a usually more established credible source, verified by the OS.
What is Let's Encrypt?	A free certificate service for sites
What type of encryption does TLS use?	Asymmetric encryption.
What's the process of TLS handshake?	1) Authenticates certificates of user and site 2) Establishes which cipher suites and encryption processes each will use 3) Receives public key for encryption, send premaster secret, site uses private key to decrypt.

Created by: ente

Popular Computers sets

Definitions for Word Processing and the main parts of the MS Word 2010 window

WP Page Formatting

WP Paragraph Formatting terms

Review business letter parts

Review the three paragraph formats (block, indented, hanging indent)

WP font formatting features in Word 2010

Arkansas CBA unit 1 Hardware

"Know" box contains:
Time elapsed:
Retries: