Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
61 Cards in this Set
- Front
- Back
|
In what year was the first message sent between a network of computer nodes? |
1969 (on October 29) |
|
|
What was the first network ever to use the TCP/IP protocol suite? |
ARPANET (Advanced Research Projects Agency Network). ARPANET was not the same as the internet (i.e. World Wide Web) we know today, but ARPANET is usually associated with being the "invention" of the internet. |
|
|
Who funded the creation of ARPANET, the oldest ancestor of the internet? |
The United States Department of Defense and ARPA (the Advanced Research Projects Agency). ARPA has been renamed three times since then, and is today called "DARPA", where the added "D" stands for "Defense". |
|
|
According to the ARPA Deputy Director during the time of ARPANET's creation, what was the purpose for the creation of ARPANET? |
"The goal was to exploitnew computer technologies to meet theneeds of military command and controlagainst nuclear threats, achieve survivablecontrol of US nuclear forces, and improvemilitary tactical and management decisionmaking." (Source: "Why the Arpanet Was Built", IEEE Annals of the History of Computing; Volume:33 , Issue: 3) |
|
|
What is believed to be the first ever law created against computer hacking, and in what year was the law created? |
The Florida Computer Crimes Act of 1978, nearly 10 years after the first ever network traffic sent over ARPANET in 1969. |
|
|
Under which 3 parts of U.S. Federal Law is hacking mostly addressed? Where can additional information be found? |
Under Title 18 "Crimes and Criminal Procedure", §1030, §2511, and §2701. §1030 defines computer fraud, §2511 defines unlawful interception of communications, and §2701 defines unlawful access of stored data. Additional information can be found on the U.S. Department of Justice's Computer Crime & Intellectual Property web portal. |
|
|
What is the most important piece of legislation on cyber crime in the United States? When was it enacted, and when was the last time it was ammended? |
The Computer Fraud and Abuse Act (CFAA) of 1984. It was last ammended in 2008. The CFAA, on average, has been ammended about once ever 5 years, but as of this year (2016), the CFAA has gone 8 years without ammendment. |
|
|
True or False: United States law specifically has provisions that make selling hacking tools, such as botnets and spyware, a crime? |
False. The Computer Fraud and Abuse Act (CFAA), as of the latest 2008 ammendment, applies to hackers themselves, but not persons who sell hacking tools. |
|
|
Which U.S. law requires government agencies to periodically have their information systems, plans, and policies are evaluated by an "independent external auditor"? |
The Federal Information Security Act of 2014. This law provides Certified Ethical Hackers a basis to work as the "independent external auditor". |
|
|
What are the three parts of the "CIA Triad"? |
Confidentiality, Integrety, and Availability |
|
|
What are 2 common methods used to ensure Confidentiality in the CIA Triad? |
Encryption, or authentication (such as passwords, biometrics, smart cards, etc.) |
|
|
What are 2 common methods used to ensure Integrity in the CIA Triad? |
Hash functions and input checking |
|
|
What type of attack compromises the Availability aspect of the CIA Triad? |
Denial of Service (DoS) Attack |
|
|
What other two aspects of a system can be compromised as one designs-in more security? |
Functionality and Ease-of-Use |
|
|
What are the 5 phases of Ethical Hacking? |
1) Footprinting; 2) Scanning and Enumeration; 3) Gaining access ; 4) Maintaining access ; and 5) Covering tracks |
|
|
What term defines "the study and methods used to crack encrypted communications"? |
Cryptanalysis |
|
|
What are the 2 types of text in cryptography? One is the input, and the other, an output. |
Input: Plaintext (i.e. something you can read and interpret). Output: Cyphertext (i.e. something you can read but can't interpret). |
|
|
In the world of encryption, what term refers to "a state of affairs where no third party will be able to successfully challenge the authenticity of a message between a sender and a receiver"? |
Non-repudiation |
|
|
What are the two primary forms of bit-level encryption? |
Substitution and Transposition |
|
|
What are the two basic types of ciphers? |
Block and stream. Block ciphers usually operate on "blocks" of symbols with a fixed size, and stream ciphers operate on each individual symbol (i.e. where the "block" is = 1). |
|
|
An encrypted message is usually generated from using what logical/mathematical operation between plaintext and the key? |
XOR (i.e. exclusive OR) |
|
|
What is the result of an XOR performed on the following bits?: 1) 0 and 0 2) 0 and 1 3) 1 and 0 4) 1 and 1 |
1) 0 2) 1 3) 1 4) 0 |
|
|
At what key length does it become possible to crack an encryption? |
When the key length is less than the length of the message. Note: Just because this makes it mathematically possible to crack an encryption, it doesn't mean that cracking can still happen in a timely fashion...a strong key could still take years to crack, which might make the whole effort pointless. |
|
|
What type of cryptographic algorithm uses the same key for both encryption and decryption? |
Symmetric |
|
|
What are the benefits and drawbacks of Symmetric encryption? |
Benefits: Simplicity and speed Drawbacks: Secure key management and scalability. Sending a key must be done over a secure method to prevent someone from copying it, and new keys must be generated for each communications channel. |
|
|
If there are N nodes on the network. How many keys must be generated in a Symmetric key encryption scheme in order to secure all communications channels? |
N * (N-1) / 2 |
|
|
Which is more common: block or stream ciphers? |
Block ciphers |
|
|
What were the two primary symmetric encryption algorithms that preceeded AES encryption? |
DES (Data Encryption Standard) and Triple-DES |
|
|
How many bits are used in DES encryption? Triple-DES? |
56 an 168 |
|
|
What is the encryption algorithm that was created by NIST, and is now the federal standard for the United States government? |
AES (Advanced Encryption Standard) encryption |
|
|
What are the three key sizes for AES encryption? |
128, 192, or 256 |
|
|
True or False: AES encryption ensures non-repudiation? |
False. AES encryption is a symmetric-key algorithm. Only Asymmetric key algorithms can provide non-repudiation. |
|
|
What type of encryption uses two keys, one public and one private? |
Asymmetric encryption |
|
|
In an Asymmetric encryption scheme, which key is used for encryption, and which key is used for decryption? |
The public key is used for encryption, and the private key is used for decryption. |
|
|
How does Asymmetric encryption solve the problem of non-repudiation? |
If the receiver of a message is certain to have the public key of a sender, then non-repudiation is solved if the sender encrypts his/her message with the private key. Only the distributed public key will decrypt the message encrypted with the private key, ensuring that the person receiving the message can verify who sent it. |
|
|
What type of Assymetric encryption is used in Secure Socket Layer (SSL) and IPSec? |
The Diffie-Hellman key exchange protocol |
|
|
What type of attack is the Diffie-Hellman key exchange protocol vulnerable to? How does it work? |
A man-in-the-middle attack. In this attack public key transmission is intercepted and an attacker, who generates and sends to each party trying to communicate a false public key. The attacker then uses his/her private key to decrypt all message traffic. |
|
|
What type of Asymmetric encryption uses less processing power than most other methods, and is thus optimal for mobile devices? |
Eliptic Curve Cryptography (ECC) |
|
|
Which type of encryption - Symmetric or Asymmetric - is usually slower (i.e. more resource-intensive)? |
Asymmetric encryption |
|
|
What is a hash algorithm? |
A one-way mathematical function that takes an input and typically produces a fixed-length string (usually a number), or hash, based on the arrangement of the data bits in the input. |
|
|
What hash algorithm was exposed as vulnerable by US-CERT in August 2010, but is still used in some cases for download verification and password storage? |
MD5 (Message Digest algorithm) |
|
|
What are the 3 hash algorithms developed by the NSA (National Security Agency)? |
SHA-1, SHA-2, and SHA-3. Theoretical vulnerabilities in SHA-1 were discovered in 2005, and requirements have been levied on the U.S. government to transition to SHA-2, and by 2012, to SHA-3, but some organizations haven't kept up with this pace. |
|
|
What is a typical attack against a hash algorithm, and how does it work? |
Collision attack. A collision attack is whenever an attacker is able to find another input to a hash algorithm that generates the same output as the expected input. |
|
|
What is a rainbow table, and what is it used for? |
A rainbow table is a table of hash algorithm outputs using every combination of inputs. Rainbow tables save attackers time because they only need to compare a hashed password with the rainbow table to reverse-engineer it, instead of performing the brute force attack themselves. |
|
|
What can you add to a hash algorithm to prevent collision attacks? |
A salt - or random collection of bits that are used as a key in addition to the hash algorithm. This makes using rainbow tables ineffective. |
|
|
What part of the CIA triad do hash algorithms support? |
Integrity. Any deviation in the original file will produce a significantly different hash value. |
|
|
What is the practice of concealing a message inside another medium, such as another file or image? |
Steganography |
|
|
What is a Certificate Authority (CA) in PKI? |
A CA creates and issues digital certificates that can be used to verify identity. Because the CA provides the certificate and key (public), the user can be certain that the public key actually belongs to the intended recipient. |
|
|
Where does the Certificate Authority track which certificates have problems or have been revoked? |
The Certificate Revocation List (CRL) |
|
|
What are the two types of PKI trust models that use Certificate Authorities? |
Single authority system and heirarchichal trust system. |
|
|
In a heirarchical trust system, what are the lower-level authorities under the root Certificate Authorities called? |
Registration authorities |
|
|
What is the industry standard by which digital certificates are managed in PKI? |
X.509 |
|
|
What are the 9 fields that are typically in a digital certificate? |
1) Version 2) Serial number 3) Subject - who and what is being identified 4) Algorithm ID (or Signature Algorithm) 5) Issuer 6) Valid From and Valid To 7) Key Usage 8) Subject's Public Key 9) Optional fields |
|
|
What is SSH and what TCP port does it use? |
SSH stands for Secure Shell. It basically is a secure form of Telnet, and it uses TCP port 22. |
|
|
What is SSL, and what two security measures does it use? |
SSL (Secure Sockets Layer) is encryption at the transport layer for communication across the internet. SSL uses RSA encryption and digital certificates. |
|
|
What are the 6 steps for an SSL connection? |
1) Client sends "Hello" message 2) Server sends "Hello" message with SSL version, Session ID, and Certificate message 3) Server sends "Hello done" message 4) Client verifies the certificate and sends the Client Key Exchange message (including a secret key that the client creates and then encrypts with the server's public key) 5) Client sends a Finished message with a hash included 6) Server compares the hash against its computed hash and then sends a Finished message. |
|
|
What is Internet Protocol Security (IPsec)? |
IPsec is a network layer tunneling protocol. It is capable of carrying nearly any application. |
|
|
What two modes can IPsec be used in? |
Tunnel, where the entire packet is encrypted, and transport, where just the data payload is encrypted. |
|
|
What is a "Known Plaintext Attack"? |
An attack where a hacker has successfully gotten copies (hopefully many) of both the paintext and cyphertext of a message and attempts to reverse engineer the key that generated the cyphertext. |
|
|
What kind of cryptographic attack involves repeating a portion of a cryptographic exchange in hopes of fooling a system into setting up a communications channel? |
Replay attack |
|
|
What practice allows for ensuring encryption is "uncrackable", even by persistent and powerful brute force attacks? |
Combining a long key and changing it within a reasonable time period. |
