Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
99 Cards in this Set
- Front
- Back
According to ISC2, without an appropriate classification scheme, there is no ____________ |
Data Security
|
|
What is the first step to a classification scheme? |
Security Classification Guide (SCG)
|
|
What are the commercial classification levels order (highest to lowest)?
Sensitive, Private, Public, Confidential |
Highest to lowest:
Confidential Private Sensitive Public |
|
The __________ is the subject responsible for classifying and labeling objects and for protecting and storing data on any system. (They protect CIA) |
Owner (or Data Owner) |
|
The data owner is responsible for classifying and labeling objects and for protecting and storing data on any system. Do they personally do all of the work mentioned? |
No. They hire others to do it. (sys admin?) |
|
Categorize the information system and the information processed, stored, and transmitted by that system based on an _____________. |
impact analysis |
|
FIPS 199 establishes 3 potential levels of impact (______,_______,______) on CIA. |
- Low (Limited Adverse Effect) - Moderate (Serious Adverse Effect) - High (Severe/Catastrophic Adverse Effect) |
|
What is the term that defines the range you will be working with? |
Scope |
|
After the scope is defined, the next step is to zoom in and determine what your specific assets are and how they can be properly protected. This allows you to perform ___________. |
Tailoring, or customization |
|
What are the Scoping and Tailoring metrics? (Hint: KGI KPI) |
Key Goal Indicators Key Performance Indicators |
|
Data ownership is a ________ process that details an organization's legal ownership of enterprise-wide data |
Governance |
|
What is FIPPS? |
Fair Information Practice Principles - Open framework defining privacy principles - Considers the privacy implications as part of cybersecurity |
|
What level are data owners, data custodians, and data processors? |
Upper Mgmnt Administrators Users |
|
What is the 2nd step in the NIST RMF? |
Select an initial set of security controls for the information system, based on the security categorization. |
|
What is the use of anti-spam filtering software to allow only specified e-mail addresses to get through. |
Whitelisting |
|
What is the difference between need-to-know and least privilege? |
Need-to-know is only human beings Least Privilege can be users and/or processes (users only get those access they need to perform official duties) |
|
What is an agreement between two or more parties to subvert security? |
Collusion |
|
If data is sensitive, it is appropriate to keep it in a locked area (physical) called a ___________. |
Vault |
|
What is the residual information remaining on storage media? |
Data Remanence |
|
What are the two Data Remanence Countermeasures? |
- Clearing (sanitizing through deleting/rewriting) - Purging (physical or logical techniques that render data unrecoverable even in a state-of-the art laboratory) |
|
What are 4 purging operations? |
Overwriting (7 times) Encryption (encrypt then destroy key) Degaussing (magnetic fluctuation) Physical destruction (pow) |
|
2 types of encryption for data at rest? |
- Whole Drive (decrypted to access) - File/folder level encryption (copied with encryption) |
|
What are the two original common hash functions? |
SHA1 and MD5 |
|
What replaced SHA1 and MD5? |
SHA2 (or SH256) - (longer, more collision resistant) Note: MD5 is no longer secure |
|
How many bits is the MD5 hash? SHA1? SHA2? |
MD5: 128 Bits SHA1: 160 Bits SHA2: 256 Bits |
|
What is hashing collision? |
Two different binary files creating the same hash |
|
What are the two primary uses of hashes? |
1: Verify file has not been altered (especially those sent over the Internet) 2: Storing passwords |
|
What adds padding to passwords before they are hashed? |
Salting (padding, or initial vector)
|
|
What are the Asymmetric Algorithms (A REED) |
RSA (PKI) , ECC, ElGamal, Diffie Hellman - A REED |
|
What are the Symmetric Algorithms? |
RC4, AES, IDEA, DES, Triple DES, Blowfish
|
|
What is a string of bits used by an algorithm for encryption? (typically shown to humans as a hex string) |
Cryptographic Key |
|
What is the speed difference between symmetric and asymmetric encryption? |
Sym = fast Asym = slow(er) |
|
Most common Asymmetric Algorithms? |
RSA, ECC (PKI is not an algorithm. It is an infrastructure based on public key cryptography). |
|
Most common Symmetric Algorithm(s)? |
AES, (also RC4, only in early WiFi) |
|
What are the AES encryption key bit length? |
128 to 256 bit keys |
|
What block cipher, that divides a message into64-bit blocks and employs S-box-type functions, was replaced by AES. |
Data Encryption Standard (DES)
|
|
In AES, why use 128 bit key? What abut 256? |
128: Session Key (doesn't need to be as secure) 256: Data at rest (needs more security) |
|
When utilizing encryption of data-at-rest on an entire hard drive, what is the module you would use with BitLocker? (Hint: TPM) |
TPM (Trusted Platform Module) Chip |
|
What does AES stand for and what type of encryption is it? |
Advanced Encryption Standard - Symmetric |
|
What is the De facto asymmetric algorithm? |
RSA (Named for Rivest, Shamir, and Adleman |
|
What is the federal Asymmetric digital signature standard adopted by most companies/modern PKI processes? |
Asymmetric DSS |
|
What crypto method uses both Asymmetric and Symmetric encryption? |
Hybrid |
|
Who is the trusted third party that creates digital certificates and creates public/private key pairs, manages security credentials, and publishes CRLs? |
Certificate Authority |
|
What is X.509? |
A format for digital certificates |
|
Who is a licensed certificate distributor or middleman, regarding PKI? |
Registration Authority (RA) |
|
What are the two types of Certificate Authorities? |
Public (outside) - Internet CA's sell digital certs - Good on InternetPrivate (inside) - Create your own CA - Not valid on Internet (not trusted) |
|
What is a trust relationship that exists between two or more CAs through a third CA they both trust? |
A Bridge Trust |
|
Which Certificate Authority vouches for themselves? |
Root CA |
|
Who vouches for Subordinate Certificate Authorities? |
Root CA |
|
Difference between key suspension and revocation |
suspension - put on hold (Maternity Leave) revocation - revoked before expiration |
|
PKI key revocation includes Expiration, Renewal, and Destruction. Define Each. |
Expiration: self explanatory Renewal: Losing a CAC Destruction: end of life cycle or compromise |
|
The CA can store a copy of a private key offline. What is this called? |
Escrow (Only Key Recovery Agents (KRA) can pull them from "storage".) |
|
________________ is a list (file) of revoked or suspended certificate serial numbers. |
CRL (Certificate Revocation List) |
|
What is a more modern CRL name? (Hint: OCSP) |
OCSP (Online Certification Status Protocol) |
|
What digital certificate is primarily used to prove identity (authentication) |
X.509 |
|
What is a popular numbered set of PKI standards that have been defined by the RSA corporation? (Hint: PKCS) |
Public-Key Cryptography Standards |
|
What PKI Standards (other than PKCS) exist? |
FIPS (Federal Information Processing) |
|
How are public keys stored? |
Embedded within digital certificates |
|
What cryptography method exchanges keys between smartphones? |
ECC (Elliptical Curve Cryptography) |
|
What is the key exchange protocol used for secure VPN? |
IPSec (Internet Protocol Security) |
|
Where can private keys be stored? |
On a CAC or on the local user's system |
|
What protocols provide email security? |
PGP (Pretty Good Privacy)
SMIME/Exchange(allows MIME to encrypt and digitally sign email messages and encrypt attachments |
|
Which is considered the weaker system? Link or End-to-End encryption and why? |
Link, because the packets are decrypted at each hop. |
|
Within IPSec, what are the two primary features for: 1. Encryption 2. Integrity |
1. Encapsulating Security Payload (ESP) 2. Authentication Header (AH) |
|
What protocol uses the Diffie-Hellman technique to establish session keys? |
OAKLEY |
|
IPSec uses ________, the de facto standard, exchange keys |
IKE = Hybrid (ISAKMP + OAKLEY) |
|
List 3 main secure Point-to-Point Tunneling Protocols? |
HTTPS SSL (Secure Socket Layer) TLS (Transport Layer Security) |
|
What are 2 protocols that replaced FTP, allowing secure file transfer? |
SSH (Secure Socket Host) S-FTP (S-FTP uses SSH) |
|
In cryptanalytic attacks, what is a Frequency Analysis? |
e.g. Looking for frequency of a or e in English... |
|
In cryptanalytic attacks, what is an algorithm error? |
Exploiting known weaknesses in program (engineers built without crypto in mind) |
|
In cryptanalytic attacks,what is a dictionary attack? |
List of common passwords using dictionary files (lists) |
|
What is a rubber hose attack? |
Extortion, bribery, or threats of violence |
|
What is a birthday attack? |
Trying to force a collision against hash passwords - (reverse hash matching) |
|
What is a legitimate use to hide copyright information called? |
Digital Watermarking (a photographer protecting their images) |
|
What is an attack in which Messages usually start with the same type of beginning and close with the same type of ending, allowing an attacker to "brute force" the rest of a message? |
Known Plaintext |
|
What is the attack called when an attacker has only several cyphertext messages? |
Cipher-text only |
|
In this attack, the attacker has the plaintext and ciphertext, but can choose the plaintext that gets encrypted to see the corresponding ciphertext
|
Chosen Plain-text (goal is to figure out the key) |
|
In this attack, the attacker can choose the ciphertext to be decrypted and has access to the resulting decrypted plaintext. Again, the goal is to figure out the key.This is a harder attack to carry out compared to the previously mentioned attacks, andthe attacker may need to have control of the system that contains the cryptosystem.
|
Chosen cipher-text (goal is to figure out the key) |
|
Digital signatures have to do with what type of cryptography? |
Asymmetric |
|
What are the 2 main things Asymmetric crypto provides? |
Confidentiality and Authentication |
|
What key do you use to encrypt keys for confidentiality mode? (sending symmetric session key) |
Recipients Public Key |
|
What key do you use to encrypt hashes for Authentication mode (proving your identity) |
Sender's private key |
|
____________ is an encrypted hash generated by a sender of data to provide origin authentication (proof of sender ID) |
Digital Signature |
|
Digital signatures provide confidentiality. T/F |
False! Only authentication! |
|
A message digest is another name for a ____? |
Hash |
|
What are the 2 main Asymmetric Algorithms? |
RSA and ECC |
|
How long are RSA keys? |
1024 Bit (largely obsolete) 2048 Bit (Norm) |
|
What is RSA mainly used for? |
To transfer and protect keys |
|
1. How long are ECC keys? 2. Are they public and private? 3. How are they used? |
1. 256 Bit (smaller, but with same strength as RSA) (mystery 160 bit)
2. Yes! 3. Smartphones and tablets |
|
What cryptography algorithm streams one bit at a time? |
RS4 (stream cipher) |
|
What is El Gamal? |
Asymmetric encryption algorithm based on Diffie-Hellman |
|
What are the 3 levels of Certificate Authorities? |
Top: Root CA Middle: CA Lower: RA |
|
What type of encryption is used on removable media? |
File/folder encryption |
|
What type of encryption is used for data in motion? |
AES (Symmetric) |
|
PKI uses what algorithm? |
RSA |
|
How are Public Private keys initially created? |
Multiplying two large prime numbers |
|
What is the protocol used for session communication (client to client or client to server)? |
TLS (Transport Layer Security) or SSL (Secure Socket Layer) |
|
The session key can also be called the __________. |
secret key |
|
What is a one-time pad? |
A one-time use encryption method. Use the key, then throw it away. (First unbreakable paper cipher) |