Introduction to Cybersecurity CCY2001 Exam

Questions and Answers

What is the main objective of Cryptography in the presence of adversaries?

Confidentiality

Integrity

Authenticity

All of the above (correct)

What is the primary method to achieve Confidentiality in Cryptography?

Encryption

Which Cryptographic technique is used to ensure Integrity during message transmission?

Public Key Encryption

Symmetric Encryption

Digital Certificate

Hashing (correct)

Symmetric Encryption uses the same key for _______ and _______.

encryption, decryption

A Block Cipher encrypts data one block at a time.

True

What is the purpose of a Certification Authority (CA)?

To create digital certificates

What is a Digital Certificate?

An X.509 defined data structure with a Digital Signature

SSL/TLS uses both asymmetric and symmetric encryption to protect data-in-transit.

True

What does SSL/TLS use to establish a secure session between a client and a server?

asymmetric encryption

Pretty Good Privacy (PGP) combines ______ and ______ key technology.

symmetric, asymmetric

Study Notes

Introduction to Cybersecurity

• Course outline for Cybersecurity Fundamentals:
  • 14 topics including intrusion detection, network security, and cybersecurity standards
• Professor: Dr. Hatem Abdelkader, Dr. Mohamed Samir
• Evaluation: 30% exams, 20% practical work, 10% project, 40% final exam

Cryptography Basics

• Cryptography: the art of hidden writing, concealing the meaning of a message
• Encryption: converting plaintext to ciphertext
• Decryption: converting ciphertext to plaintext
• Confidentiality, Integrity, and Authenticity (CIA triad)

Cryptography Types

• Symmetric cryptography: same key for encryption and decryption
  • Examples: Caesar Cipher, Block Ciphers, Stream Ciphers
• Asymmetric cryptography: different keys for encryption and decryption
  • Examples: Public Key Cryptography, Digital Signatures

Symmetric Cryptography

• Block Ciphers: encrypt data in blocks (e.g., AES)
• Stream Ciphers: encrypt data in streams (e.g., RC4)
• Key strength: longer keys are more secure

Asymmetric Cryptography

• Public-key cryptography: public key for encryption, private key for decryption
• Digital signatures: ensure authenticity and integrity of messages
• Examples: RSA, Elliptic Curve Cryptography (ECC)

Hash Functions

• One-way functions: easy to compute, hard to reverse
• Message Digests: summaries of message content
• Hash algorithms: MD5, SHA, HMAC

Digital Signatures

• Digital certificates: verify identity and public key
• Digital signatures: ensure authenticity and integrity of messages
• Non-repudiation: sender cannot deny sending the message

Public Key Infrastructure (PKI)

• Certificate Authorities (CAs): issue digital certificates
• Digital certificates: contain public key, identity, and expiration date
• Verify identity and public key, ensure authenticity and integrity

Secure Sockets Layer/Transport Layer Security (SSL/TLS)

• Establish encrypted connections between client and server
• Asymmetric encryption for key exchange, symmetric encryption for data transfer
• Digital certificates verify server identity

Pretty Good Privacy (PGP)

• Provide privacy, integrity, authentication, and non-repudiation for email
• Use digital signatures and public-key encryption
• Encrypt data and authenticate sender

Reports and Assignments

• Report #1: RSA
• Report #2: Diffie-Hellman
• Due date: before next lecture

Description

Course evaluation quiz for Introduction to Cybersecurity course at AAST-MT College of Computing and Information Technology. Covers exam and practical work questions.