Software Encryption Methods Quiz

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

What is the primary purpose of a Hardware Security Module (HSM) mentioned in the text?

  • Accelerating symmetric and asymmetric encryption (correct)
  • Encrypting data at rest
  • Verifying a sender's identity
  • Managing public keys used in digital certificates

Which technology is associated with verifying a sender's identity to the receiver?

  • Secure Shell (SSH)
  • Digital Certificate (correct)
  • Public Key Infrastructure (PKI)
  • Secure Sockets Layer (SSL)

What function does Public Key Infrastructure (PKI) serve according to the text?

  • Storing data backups
  • Distributing digital certificates
  • Managing public keys in digital certificates (correct)
  • Creating encrypted emails

Which protocol is considered somewhat obsolete and used mostly for web servers and browsers?

<p>Secure Sockets Layer (SSL) (A)</p> Signup and view all the answers

What is the main purpose of Secure/Multipurpose Internet Mail Extensions (S/MIME) mentioned in the text?

<p>Encrypting email communication (A)</p> Signup and view all the answers

What is the primary function of Bastille as mentioned in the text?

<p>Proactively configuring an operating system for increased security (B)</p> Signup and view all the answers

Which type of Intrusion Detection System relies more on baselines than signatures?

<p>Anomaly-based IDS (C)</p> Signup and view all the answers

What is the main focus of Nessus and OpenVAS as mentioned in the text?

<p>Conducting vulnerability scanning from a remote host (C)</p> Signup and view all the answers

Which type of IDS uses rules or patterns of known malicious traffic to detect threats?

<p>Signature-based IDS (C)</p> Signup and view all the answers

What is the essential role of penetration testers as mentioned in the text?

<p>Discover security weaknesses that may lead to system compromise (A)</p> Signup and view all the answers

Which aspect is considered crucial for good Linux security according to the text?

<p>Detecting malicious activity (C)</p> Signup and view all the answers

What distinguishes Anomaly-based IDS from Signature-based IDS?

<p>'Anomaly-based IDS uses baselines, while Signature-based IDS relies on patterns of known malicious traffic. (A)</p> Signup and view all the answers

Flashcards are hidden until you start studying

Study Notes

Hash Algorithms

  • Common hash algorithms include MD5, SHA, RIPEMD, and HMAC

Symmetric Cryptographic Algorithms

  • Use the same single key to encrypt and decrypt data
  • Common symmetric cryptographic algorithms include DES, 3DES, AES, RC, IDEA, Blowfish, and Twofish

Asymmetric Cryptographic Algorithms (Public Key Cryptography)

  • Use two keys (key pairs): public key and private key
  • Public key is known to everyone and can be freely distributed
  • Private key is known only to the individual to whom it belongs
  • Common asymmetric cryptographic algorithms include RSA, ECC, and DSA

Cryptography Basics

  • Cryptography: scrambling information so that only authorized individuals can use it
  • Encryption: process of changing original data into scrambled data
  • Decryption: process of changing scrambled data back to its original state
  • Plaintext: unencrypted data that is the input for encryption or the output of decryption
  • Ciphertext: scrambled and unusable output of encryption
  • Cleartext: usable (unencrypted) data that is transmitted or stored and is not intended to be encrypted
  • Cipher (or Algorithm): procedures based on a mathematical formula to encrypt and decrypt the data
  • Key: mathematical value entered into a cipher to produce the ciphertext
  • Cryptoanalysis: sophisticated statistical analysis on ciphertext to try to discover the underlying key to the cryptographic algorithm

Steganography

  • Hiding the existence of data
  • Divides data into smaller pieces and hides them in unused portions of a file

Implementing Encryption

  • Through software: Microsoft’s EFS (Encrypting File System), Apple’s FileVault, and PGP (Pretty Good Privacy)
  • Through hardware: USB Device Encryption, Self-Encrypting Drives (SEDs), and Trusted Platform Module (TPM)

Network Security

  • Firewalls provide an essential layer of security
  • All network services require a port number to communicate
  • IANA (Internet Assigned Numbers Authority) contains a list of port numbers and their uses
  • System Ports (0 to 1023): well-known ports used by system processes
  • User Ports (1024 to 49,151): registered ports assigned by IANA for specific service
  • Dynamic and/or Private Ports (49,152 to 65,535): used for private or customized services
  • Linux systems use a Packet-Filtering Firewall system
  • Netfilter is integrated into all Linux kernels and offers packet filtering, network address translation, and port translation
  • Front-ends for netfilter’s firewall functionality include iptables, firewalld, and UFW (Uncomplicated Firewall)

Firewall Configuration

  • iptables: standard firewall included in most Linux distributions
  • firewalld: updated version of iptables, used in Red Hat based distributions
  • UFW (Uncomplicated Firewall): simpler to use than iptables
  • Zones in firewalld: block, public, and private network zones

Encrypting Partitions and Volumes

  • Usually done when Linux is installed through kernel-space tools
  • dm_crypt: the most common Linux kernel module that handles encryption at the kernel level
  • LUKS (Linux Unified Key Setup): command line front-end for dm_crypt

Encrypting Files and Directories

  • Used after Linux is installed through user-space tools
  • PGP (Pretty Good Privacy): common command line tool for encrypting files and directories
  • GPG (GNU Privacy Guard or GnuPG): implementation of OpenPGP for encrypting files and folders
  • GnuPG Shell and GPA (GNU Privacy Assistant): GUI front-ends for GPG

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

More Like This

Week 7
18 questions

Week 7

LowRiskBlack avatar
LowRiskBlack
Cybersecurity Quiz
5 questions

Cybersecurity Quiz

GenialDiopside2779 avatar
GenialDiopside2779
Use Quizgecko on...
Browser
Browser