Cryptography:
Message integrity:
Create a checksum, append it to the message, encrypt the message, then send to recipient The use of a simple error detecting code, checksum, or frame check sequence is often used along with symmetric key cryptography for message integrity.
Certificate authority provides what benefits to a user:----Validation that a public key is associated with a particular user
A certificate authority (CA) “signs” an entities digital certificate to certify that the certificate content accurately represents the certificate owner.
Digital certificate provides -----Proof of non-repudiation of origin.
RIPEMD-160 hash -- output length ---160 bits (SHA)
ANSI X9.17 is concerned primarily with ----- Protection and secrecy of keys
Protection and secrecy of keys is the primary concern of ANSI 9.17.
ANSI X9.17 was developed to address the need of financial institutions to transmit securities and funds securely using an electronic medium. Specifically, it describes the means to ensure the secrecy of keys.
Certificate is revoked, what is the proper procedure ------Updating the certificate revocation list
When a key is no longer valid the certificate revocation list should be updated. A certificate revocation list (CRL) is a list of non-valid certificates that should not be accepted by any member of the PKI.
Link encryption:
a. Link encryption encrypts routing information.
b. Link encryption is often used for Frame Relay or satellite links.
d. Link encryption provides better traffic flow confidentiality.
Link encryption is not suitable for high-risk environments due to possible privacy weakness at each node. It is possible that an attacker could view encrypted data as encrypt decrypt function is performed at each node along the data path.
The sequence that controls the operation of the cryptographic algorithm ----- Cryptovariable/ Key
Process used in most block ciphers to increase their strength ------SP-network
The SP-network is the process described by Claude Shannon used in most block ciphers to increase their strength. SP stands for substitution and permutation (transposition), and most block ciphers do a series of repeated substitutions and permutations to add confusion and diff usion to the encryption process.
Cryptography supports all of the core principles of information security:
a. Availability
b. Confidentiality
c. Integrity
No Authenticity
A way to defeat frequency analysis as a method to determine the key is to use---Polyalphabetic ciphers
Use of several alphabets for substituting the plaintext is called polyalphabetic ciphers. It is designed to make the breaking of a cipher by frequency analysis Attacks more difficult.
Running key cipher is based on ---- Modular arithmetic
The use of modular mathematics and the representation of each letter by its numerical place in the alphabet are the key to many modern ciphers including running key ciphers.
Risk Management: Risk management identifies risks and calculates their impacts on the organization.
Risk management minimizes loss to information assets due to undesirable events through identification, measurement, and control. It encompasses the overall security review, risk analysis, selection, and evaluation of safeguards, cost–benefit analysis, management decision, safeguard identification and implementation, along with ongoing effectiveness review. Risk management provides a mechanism to the organization to ensure that executive management knows current risks, and informed decisions can be made.
Tactical security plans -----Deploy new security technology
Tactical plans provide the broad initiatives to support and achieve the goals specified in the strategic plan. Th ese initiatives may include deployments such as establishing an electronic policy development and distribution process, implementing robust change control for the server environment, reducing vulnerabilities residing on the servers using vulnerability management, implementing a “hot site” disaster recovery program, or implementing an identity management solution. These plans are more specific and may consist of multiple projects to complete the effort. Tactical plans are shorter in length, such as 6 to 18 months to achieve a specific security goal of the company.
Message integrity:
Create a checksum, append it to the message, encrypt the message, then send to recipient The use of a simple error detecting code, checksum, or frame check sequence is often used along with symmetric key cryptography for message integrity.
Certificate authority provides what benefits to a user:----Validation that a public key is associated with a particular user
A certificate authority (CA) “signs” an entities digital certificate to certify that the certificate content accurately represents the certificate owner.
Digital certificate provides -----Proof of non-repudiation of origin.
RIPEMD-160 hash -- output length ---160 bits (SHA)
ANSI X9.17 is concerned primarily with ----- Protection and secrecy of keys
Protection and secrecy of keys is the primary concern of ANSI 9.17.
ANSI X9.17 was developed to address the need of financial institutions to transmit securities and funds securely using an electronic medium. Specifically, it describes the means to ensure the secrecy of keys.
Certificate is revoked, what is the proper procedure ------Updating the certificate revocation list
When a key is no longer valid the certificate revocation list should be updated. A certificate revocation list (CRL) is a list of non-valid certificates that should not be accepted by any member of the PKI.
Link encryption:
a. Link encryption encrypts routing information.
b. Link encryption is often used for Frame Relay or satellite links.
d. Link encryption provides better traffic flow confidentiality.
Link encryption is not suitable for high-risk environments due to possible privacy weakness at each node. It is possible that an attacker could view encrypted data as encrypt decrypt function is performed at each node along the data path.
The sequence that controls the operation of the cryptographic algorithm ----- Cryptovariable/ Key
Process used in most block ciphers to increase their strength ------SP-network
The SP-network is the process described by Claude Shannon used in most block ciphers to increase their strength. SP stands for substitution and permutation (transposition), and most block ciphers do a series of repeated substitutions and permutations to add confusion and diff usion to the encryption process.
Cryptography supports all of the core principles of information security:
a. Availability
b. Confidentiality
c. Integrity
No Authenticity
A way to defeat frequency analysis as a method to determine the key is to use---Polyalphabetic ciphers
Use of several alphabets for substituting the plaintext is called polyalphabetic ciphers. It is designed to make the breaking of a cipher by frequency analysis Attacks more difficult.
Running key cipher is based on ---- Modular arithmetic
The use of modular mathematics and the representation of each letter by its numerical place in the alphabet are the key to many modern ciphers including running key ciphers.
Risk Management: Risk management identifies risks and calculates their impacts on the organization.
Risk management minimizes loss to information assets due to undesirable events through identification, measurement, and control. It encompasses the overall security review, risk analysis, selection, and evaluation of safeguards, cost–benefit analysis, management decision, safeguard identification and implementation, along with ongoing effectiveness review. Risk management provides a mechanism to the organization to ensure that executive management knows current risks, and informed decisions can be made.
Tactical security plans -----Deploy new security technology
Tactical plans provide the broad initiatives to support and achieve the goals specified in the strategic plan. Th ese initiatives may include deployments such as establishing an electronic policy development and distribution process, implementing robust change control for the server environment, reducing vulnerabilities residing on the servers using vulnerability management, implementing a “hot site” disaster recovery program, or implementing an identity management solution. These plans are more specific and may consist of multiple projects to complete the effort. Tactical plans are shorter in length, such as 6 to 18 months to achieve a specific security goal of the company.
No comments:
Post a Comment