Is the process to scramble a message or other information so that it Cannot be easily read quizlet?
Show Home Subjects Expert solutions Create Log in Sign up Upgrade to remove ads Only SGD 41.99/year
Terms in this set (50)Cryptography The art of protecting information by transforming it into an unreadable format (called cipher text) that's intended for one group or individual to decipher it. Encryption The process of scrambling data so that an unauthorized party cannot easily read it. Plaintext Normal text that has not been encrypted. ciphertext Text that has been encrypted using an algorithm. Transposition A method of encrypting text that rearranges the letters. Substitution A method of encrypting text that replaces the letters. One-time pad Plaintext combined with a secret key creates a new character, which then combines with the plaintext to produce ciphertext. Symmetric algorithms Algorithms that use a single cryptographic key for both encryption and decryption of the message. Requires less computer power. Asymmetric algorithms Algorithms that use two separate keys for encryption and decryption of a message: a public key for encryption and a private key for decryption. These algorithms are resource intensive and slower to execute. Private-key Encryption A type of encryption that uses a single key to encrypt and decrypt the file or message (Symmetric). Public Key Encryption Uses two keys: a public key that everyone can have and a private key for only the recipient (Asymmetric). Block ciphers Transforms a fixed-length block of plaintext into a common block of ciphertext of 64 or 128 bits. Usually results in bigger output data when compared to the input data. Stream ciphers Encrypt plaintext one byte or one bit at a time. Usually faster than block ciphers, and usually doesn't increase the file size. Key Management Includes the generation, exchange, storage, use, and replacement of keys used in an encryption algorithm. Most difficult part of designing a cryptosystem. Physical Access Controls Actual barriers deployed to prevent direct contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets. Logical Access Controls The hardware and software solutions used to manage access to resources and systems. These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accountability. These include encryption, smart cards, passwords, biometrics, and more. Administrative Access Controls The policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access. Administrative controls focus on personnel and business practices. Mandatory Access Control Restricts the actions that a subject can perform on an object. A subject can be a user or a process. An object can be a file, a port, or an input/output device. Discretionary Action Control Grants or restricts object access determined by the object's owner. Role-based Access Control Ensures that users with specific roles get granted permission to perform certain operations. Rule-based Access Control Uses access control lists to determine whether to grant access or not depending on the rules. Identification Enforces the rules established by the authorization policy. A subject requests access to a system resource. Every time the subject requests access to a resource, the access controls determine whether to grant or deny access. What you know Stuff that the users know, like passwords, pins, etc. Generally referred to as a password. What you have Stuff people have in their possession, including smart cards and security keys. What are biometrics? Unique physical characteristics that identifies a specific user, like a voice or a fingerprint. Uses physiological characteristics (fingerprints, DNA, etc.) and behavioral characteristics (gestures, voice, etc.) What is Multi-factor authentication? Uses at least two methods of authentication. Reduces the incidence of online identity theft because knowing one method would not give cyber criminals access to user information. What is Mantrap? A set of doors that only opens after the first door has been closed. What is Clipping levels? Certain allowed thresholds for errors before triggering a red flag. What is Intrusion Detection? Monitors a network for suspicious activities. What is a firewall and a router? One prevents unwanted network traffic, but the other connects to at least two networks with either a wired or wireless connection. What is a protocol? A set of rules that govern the exchange of data between devices. What is a smart card? A card with an embedded microchip that can communicate with a host computer or a card reader. What is an Access Control List? Defines the type of traffic allowed on a network. What is a background check? An employment screening that includes information of past employment verification, credit history, and criminal history. What is security training? Educates employees about the security policies at an organization What are policies? statements of intent. What is data classification? Categorizes data based on its sensitivity. What is a username? The name given to a user on a computer or computer network. This name is commonly an abbreviation of the user's full name or his or her alias. What is a password? A secret combination of letters, numbers, and/or characters that only the user should have knowledge of. What are the key components of a password? Should be at least eight characters, shouldn't be difficult to memorize or easy to crack, and should contain a combination of upper and lowercase letters, numbers, and special characters. What is a keyfob? A portable electronic security token that contains biometric user data, or other identification information. What is a profile? A data file containing known characteristics of an individual. What is accountability? It traces an action back to a person or process making the change to a system, collects that information, and reports that usage data. What are log failures and successes? An organization may look at the log for failures and successes. Login failures can indicate that a criminal tried to hack an account, while login successes tell an organization which users are using what resources and when. What are preventative access controls? Stops unwanted or unauthorized activity from happening. What are examples of deterrent access controls? Locks, fences, badges, guards, mantraps, cameras, intrusion alarms, separation of duties, awareness training, encryption, auditing, and firewalls all go into this category. What are examples of detective controls? Job rotation, mandatory vacations, audit trails, intrusion detection systems, honey pots, review security camera events, motion detectors, guard dogs, security guards all go into this category. What are examples of corrective controls? Intrusion detection system, mantraps, business continuity planning, antiviruses, alarms, and security policies all go into this category. What are examples of recovery controls? Backup/restore operations, fault tolerance drive systems, server clustering, database shadowing, and antivirus software all fall into this category. What are examples of compensative controls? Security policy, personnel supervision, monitoring, and work task procedures fall into this category. Sets with similar termsCyber Security Essentials Chapter 4: Protecting Da…16 terms Christina_Mehl Chapter 5 Access Controls107 terms jrea26 Fundamentals of IT and Cybersecurity Chapter 4 Stu…35 terms power_03 Access Controls99 terms jqeverage Sets found in the same folderITN 261 CHAPTERS 6&740 terms incredibleastudent ICS 281 Quiz 2 Notes152 terms livealoha808 Ethics, Law, and Policy Quiz 15 terms EaseUrMindPLUS ITN 262 Chapter 431 terms BigBambino024 Recommended textbook solutionsInformation Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions
Computer Organization and Design MIPS Edition: The Hardware/Software Interface5th EditionDavid A. Patterson, John L. Hennessy 220 solutions Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions Other Quizlet sets264 - Security & Privacy - Vocab - Gaydosz. D35 terms dgaydosz 264 - Security & Privacy - Vocab. - Stiltner.K35 terms stiltnerk 7a Vocabulary and AI Implications Questions24 terms gwen101432 Chapter 3 - ITN 266 custom55 terms EaseUrMindPLUS Related questionsQUESTION What is Electronic Code Book (ECB) Mode? 9 answers QUESTION Sessions are used to avoid the expensive negotiation of new security parameters for each connection that shares security parameters. 8 answers QUESTION What is the process by which you move an entire VM or part if a VM to another physical servers sing a cluster? 3 answers QUESTION Brute force attacks can be very slow because every character combination must be generated. 15 answers What is the process to scramble a message or other information so that it Cannot be easily read?At a basic level, encryption is the process of scrambling text (called ciphertext) to render it unreadable to unauthorized users.
What is Funcrypt?Funcrypt is a free tool that can be used to encrypt drives, folders, or partitions. False. Hiding a message in images is an example of stenography.
Is the transformation of data into an unreadable format cipher text that you can decrypt decipher only by using a secret key or password?Encryption is the method by which information is converted into secret code that hides the information's true meaning. The science of encrypting and decrypting information is called cryptography. In computing, unencrypted data is also known as plaintext, and encrypted data is called ciphertext.
What are the six P's of security?Information security management consists of what are known as the “six P's”. They are planning, policy, programs, protection, people and projects.
|