24 Questions
What is the primary purpose of the Diffie-Hellman key exchange algorithm?
To create encryption keys for symmetric algorithms
What is a limitation of the Diffie-Hellman key exchange algorithm?
It is extremely slow for bulk data encryption
What is the purpose of using asymmetric algorithms in secure communication?
To provide confidentiality and authentication
What is a limitation of firewalls in network security?
They cannot protect against internal threats
What is the purpose of using symmetric algorithms in secure communication?
To encrypt bulk data
What is a common use case for the Diffie-Hellman key exchange algorithm?
Establishing IPsec VPNs
What is a risk associated with improperly secured wireless LANs?
All of the above
What is a common scenario where a laptop or portable storage device can pose a security risk?
When infected with malware outside the corporate network
What is the primary goal of network security?
To create a secure platform for computers, users, and programs
What is the term used to describe individuals who use their abilities to find vulnerabilities in systems or networks and report them to the owners?
White hat
What is the term used to describe someone who attempts to gain unauthorized access with malicious intent?
Cracker
What is the most important domain of network security?
Security policy
What type of threats can networks face?
Both internal and external threats
What is the primary focus of information security?
Protecting print, electronic, or any other form of confidential information
What is the general term used to describe a computer programming expert?
Hacker
What is the purpose of a security policy in an organization?
To provide guidelines for people accessing technology and information assets
What is the primary objective of confidentiality in secure communications?
To prevent unauthorized access to the message
What type of encryption technique is used to encrypt each block of plaintext independently?
Block Cipher
Which type of DoS attack involves sending a large amount of traffic to a network in order to overwhelm its resources?
TCP SYN flood attack
What is the main objective of authentication in secure communications?
To guarantee the authenticity of the sender
What is the main limitation of using ECB mode in DES operation?
It produces identical ciphertext blocks for identical plaintext blocks
What is the main purpose of integrity in secure communications?
To guarantee that the message has not been altered during transmission
Which type of DoS attack involves sending a large amount of ping requests to a network in order to overwhelm its resources?
Smurf Attack
What is the main advantage of using symmetric encryption techniques?
They are faster and more efficient than asymmetric encryption techniques
Study Notes
Reconnaissance Attacks
- Types of reconnaissance attacks include internet information queries, ping sweeps, port scans, and packet sniffers
- These attacks are used to gather information about a target system or network
DoS Attacks
- Types of DoS attacks include ping of death, smurf attack, TCP SYN flood attack, packet fragmentation and reassembly, email bombs, CPU hogging, malicious applets, misconfiguring routers, and out-of-band attacks
- Examples of out-of-band attacks include WinNuke, Land.c, Teardrop.c, and Targa.c
Securing Communications
- Three primary objectives of securing communications are authentication, integrity, and confidentiality
- Authentication guarantees that a message is not a forgery and comes from the claimed sender
- Integrity guarantees that a message has not been intercepted and altered
- Confidentiality guarantees that a captured message cannot be deciphered
Encryption
- There are two types of symmetric encryption techniques: block ciphers and stream ciphers
Data Encryption Standard (DES)
- DES operation encrypts each 64-bit plaintext block using a 56-bit key
- If two identical plaintext blocks are encrypted using the same key, their ciphertext blocks are the same
- This makes DES vulnerable to attacks
Triple Data Encryption Standard (3DES)
- 3DES encryption and decryption use three iterations of DES encryption and decryption
Diffie-Hellman Key Exchange
- Diffie-Hellman is commonly used to exchange data securely over the internet using IPsec VPN, SSL, TLS, or SSH
- It is not an encryption mechanism, but rather a key exchange algorithm
- It is used to create keys for symmetric encryption algorithms
Symmetric vs Asymmetric Key Algorithms
- Symmetric algorithms use the same key for encryption and decryption
- Asymmetric algorithms use a pair of keys: a public key for encryption and a private key for decryption
- Asymmetric algorithms are used for confidentiality and authentication
Firewalls
- Firewalls cannot protect against attacks that bypass the firewall
- Firewalls may not fully protect against internal threats
- Improperly secured wireless LANs can be accessed from outside the organization
- Infected laptops or devices can be used to launch internal attacks
Network Security
- Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure
- The goal of network security is to create a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment
Information Security
- Information security refers to the processes and methodologies designed and implemented to protect confidential, private, and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption
Evolution of Network Security
- Threats to networks include network attacks, internal threats, and external threats
- Attacks can be structured or unstructured
Hacker Types
- White hat hackers use their abilities to find vulnerabilities in systems or networks and report them to the owners for fixing
- Black hat hackers use their knowledge of computer systems to break into systems or networks with malicious intent
- Crackers attempt to gain unauthorized access to systems or networks with malicious intent
- Hackers are general terms that describe computer programming experts
Learn about different types of reconnaissance attacks and DoS attacks, including ping sweeps, port scans, and packet sniffers, as well as types of DoS attacks like ping of death and TCP SYN flood attacks.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free