Introduction to Cybersecurity CCY2001 Exam

Questions and Answers

What is the main objective of Cryptography in the presence of adversaries?

• Confidentiality
• Integrity
• Authenticity
• All of the above (correct)

What is the primary method to achieve Confidentiality in Cryptography?

Encryption

Which Cryptographic technique is used to ensure Integrity during message transmission?

• Public Key Encryption
• Symmetric Encryption
• Digital Certificate
• Hashing (correct)

Symmetric Encryption uses the same key for _______ and _______.

encryption, decryption

A Block Cipher encrypts data one block at a time.

True (A)

What is the purpose of a Certification Authority (CA)?

To create digital certificates (A)

What is a Digital Certificate?

An X.509 defined data structure with a Digital Signature (A)

SSL/TLS uses both asymmetric and symmetric encryption to protect data-in-transit.

True (A)

What does SSL/TLS use to establish a secure session between a client and a server?

asymmetric encryption

Pretty Good Privacy (PGP) combines ______ and ______ key technology.

symmetric, asymmetric

Flashcards are hidden until you start studying

Study Notes

Introduction to Cybersecurity

• Course outline for Cybersecurity Fundamentals:
  • 14 topics including intrusion detection, network security, and cybersecurity standards
• Professor: Dr. Hatem Abdelkader, Dr. Mohamed Samir
• Evaluation: 30% exams, 20% practical work, 10% project, 40% final exam

Cryptography Basics

• Cryptography: the art of hidden writing, concealing the meaning of a message
• Encryption: converting plaintext to ciphertext
• Decryption: converting ciphertext to plaintext
• Confidentiality, Integrity, and Authenticity (CIA triad)

Cryptography Types

• Symmetric cryptography: same key for encryption and decryption
  • Examples: Caesar Cipher, Block Ciphers, Stream Ciphers
• Asymmetric cryptography: different keys for encryption and decryption
  • Examples: Public Key Cryptography, Digital Signatures

Symmetric Cryptography

• Block Ciphers: encrypt data in blocks (e.g., AES)
• Stream Ciphers: encrypt data in streams (e.g., RC4)
• Key strength: longer keys are more secure

Asymmetric Cryptography

• Public-key cryptography: public key for encryption, private key for decryption
• Digital signatures: ensure authenticity and integrity of messages
• Examples: RSA, Elliptic Curve Cryptography (ECC)

Hash Functions

• One-way functions: easy to compute, hard to reverse
• Message Digests: summaries of message content
• Hash algorithms: MD5, SHA, HMAC

Digital Signatures

• Digital certificates: verify identity and public key
• Digital signatures: ensure authenticity and integrity of messages
• Non-repudiation: sender cannot deny sending the message

Public Key Infrastructure (PKI)

• Certificate Authorities (CAs): issue digital certificates
• Digital certificates: contain public key, identity, and expiration date
• Verify identity and public key, ensure authenticity and integrity

Secure Sockets Layer/Transport Layer Security (SSL/TLS)

• Establish encrypted connections between client and server
• Asymmetric encryption for key exchange, symmetric encryption for data transfer
• Digital certificates verify server identity

Pretty Good Privacy (PGP)

• Provide privacy, integrity, authentication, and non-repudiation for email
• Use digital signatures and public-key encryption
• Encrypt data and authenticate sender

Reports and Assignments

• Report #1: RSA
• Report #2: Diffie-Hellman
• Due date: before next lecture