Dr. Elizabeth I. Horvath CNT 2402 Hernn E. Ortega 1 Review Questions Chapter 9 1. What is cryptology? (Page.

264) Is the science of encryption, and actually encompasses two disciplines: cryptography and cryptanalysis. 2. What is cryptography? (Page. 264) From the Greek words kryptos, meaning hidden, and graphein, meaning to writerefers to the processes involved in encoding and decoding messages so that others cannot understand them. 3. How is encryption used to secure networks in general, and how is it used in firewalls ?(Page. 263/4) Encryption is a process that turns information that is plainly readable (plaintext) into scrambled form (ciphertext) in order to preserve the authenticity, integrity, and privacy of the information that passes through the security perimeter. In other words, encryption renders information unreadable to all but the intended recipients. Firewall and VPN vendors add encryption to their products to provide protection against active attacks, which are also known as session hijacks. These are attacks involving a communication session that has already been established between a server and a client. The hacker inserts confusing or misleading commands into packets, thus disabling the server and enabling the hacker to gain control of the session. These are different from passive attacks, such as packet sniffing, in which a program scans for open ports that can be compromised. 4. Which aspect of digital data passing between networks is preserved by cryptography? Data 5. Which functions of a firewall might not be compatible with or are compromised by using encryption? Sometimes, executable code may find its way into a system by firewalls only working at the network level and not at the application level. 6. What problems encountered by firewalls are made worse by using encryption? If executable code embedded find its way through the firewall, a hacker may corrupt or cause computers to crash, or even take control of the systems. 7. What name is given to an attack in which the attacker intercepts a public key exchange and acts as a go-between for the network session? (Page. 279) Man-in-the-Middle

Dr. Elizabeth I. Horvath CNT 2402 Hernn E. Ortega 2

8. What name is given to an attack in which the attacker randomly guesses a key value or password through trial and error? A dictionary Attack. 9. What name is given to a general type of attack where an attacker is attempting to guess a key value or password from a list of known, likely, or published possible values? Ciphertext attacks along with frequency analysis can us published frequency patterns of different languages.Digital signatures are encrypted and can be verified by a central registry, or files sent by a company are authentic. Digital certificates are issued by a certificate authority (CA) and acts like an electronic notary public to verify origin and integrity. 10. What is the difference between a digital signature and a digital certificate? Digital signatures are encrypted messages that can be independently verified by a central facility (registry) as authentic but can also be used to prove certain characteristics of the message or file with which they are associated. They are often used in Internet software updates. A digital certificate is similar to a digital signature and asserts that a public key is associated with a particular identity.

11. What is the main advantage of using symmetric encryption? The main advantage of using symmetric encryption is the same key is use to encrypt and decrypt, also, Symmetric encryption is efficient and easy to process, as long as both the sender and the receiver possess the encryption key. Of course, if either copy of the key becomes compromised, an intermediary can decrypt and read the messages. One challenge in symmetric key encryption is getting a copy of the key to the receiver, a process that must be conducted out- of-band (that is, through a channel or band different from the one carrying the ciphertext) to avoid interception.

12. What is the advantage of using asymmetric encryption? The two main advantages of asymmetric encryption are that the two parties don't need to have already shared their secret in order to communicate using encryption and that both authentication and nonrepudiation are possible. (Authentication means that you can encrypt the message with my public key and only I can decrypt it with my private key. Non-repudiation means that you can "sign" the message with your private key and I can verify that it came from you with your public key.)

Dr. Elizabeth I. Horvath CNT 2402 Hernn E. Ortega 3 13. You handle security for a corporation with 10 branch offices and 5000 employees. You are tasked with issuing security keys to each of these employees. How would you handle this?

14. What is IPSec? IPSEC IP Security (IPSec) is the predominant cryptographic authentication and encryption protocol suite in use today. It is used to support a variety of applications, just as is SSH. A framework for security development within the TCP/IP family of protocol standards, IPSec provides application support for all uses within TCP/IP, including VPNs. 15. What does an IPSec policy do? Administrator creates IPSec policies to configure IPSec security services on local computers or remote network computers. Depending on the needs of IPSec, you can configure the services at differing level of security. 16. What is an X.509 digital certificate? Public keys can be freely disseminated. In fact, the success of the various public key protocols requires a systematic and trustworthy way of distributing public keys and securely storing their associated private keys. The X.509 digital certificate is the packaging that enables the distribution of a single public key. The X.509 standard is the subsection of the International Telecommunication Union (ITU) X.500 directory standard that defines certificates. 17. What protocols protect online purchases? There are many of cryptosystems help to secure Web activity, especially transactions between customers browsers and the Web servers at electronic commerce sites. Among the protocols used for this purpose are Secure Electronic Transactions, Secure Sockets Layer, Secure Hypertext Transfer Protocol, Secure Shell, and IP Security. Secure Electronic Transactions (SET) was developed by MasterCard and VISA in 1997 to provide protection from electronic payment fraud. It works by encrypting the credit card transfers with DES for encryption and RSA for key exchange, much as other algorithms do. SET provides the security for both Internet-based credit card transactions and the encryption of card swipe systems in retail stores. 18. What can digital certificates authenticate that IPSec cannot? A digital certificate is a secure proof of identity. If you (or your computer) holds a digital certificate, then if contacted by another computer, it is possible for the remote computer to verify that it is talking to the computer it should be talking to.

Dr. Elizabeth I. Horvath CNT 2402 Hernn E. Ortega 4 IPsec has a number of techniques available to verify authenticity and identity. One of the techniques available is the use of certificates. Certificate security for IPsec is often used on corporate VPNs, because they offer better security than usernames/passwords. 19. Digital certificates contain digital signatures and public keys as well as detailed information about the digital certificate holder. However, the quality of all that information depends on one thing that neither you nor the digital certificate holder can control. What is it? 20. What is a hybrid security control? Hybrid Systems Pure asymmetric key encryption is not widely used except in the area of certificates. For other purposes, it is typically employed in conjunction with symmetric key encryption, creating a hybrid system. In this method, asymmetric encryption is used to exchange a symmetric key, so that two organizations can conduct quick, efficient, secure communications based on symmetric encryption.