1.

Explain each of the following symmetric key algorithms in 50-100 and list at least two (2) usages for
each of symmetric key algorithms. 

1) AES

AES encryption is established by the United States National Institute of Standards and Technology (NIST)
in 2001 and it aims to offer a specification for the electronic data encryption. You can encrypt your texts
with AES encryption online and choose a key length as well.

AES encryption has three different block ciphers:

 AES-128 (128 bit)

 AES-192 (192 bit)
 AES-256 (256 bit)

2) DES

The DES (Data Encryption Standard) algorithm is a symmetric-key block cipher created in the early
1970s by an IBM team and adopted by the National Institute of Standards and Technology (NIST). The
algorithm takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys.

Example:
 64-bit key is used as input for DES, of which only 56-bits are used.
 48-bit be created from this 56-bits.

3) Triple DES

Triple Data Encryption Standard (DES) is a type of computerized cryptography where block cipher
algorithms are applied three times to each data block.

Example:
 All keys being independent
 Key 1 and key 2 being independent keys

4) Blowfish

Blowfish is a symmetric block cipher that can be used as a drop-in replacement for DES or IDEA. It takes a
variable-length key, from 32 bits to 448 bits, making it ideal for both domestic and exportable use.

Example:
 128, 192-bit encryption key
 256-bit encryption key
2. Explain each of the below mention encryption types in 80-150 words:

1. Public Key

Public key cryptography permits someone to send their public key in an open, insecure channel.
Having a friend's public key allows you to encrypt messages to them. Your private key is used to
decrypt messages encrypted to you.

2. Secret Key

This means that all parties involved must know the key to be able to communicate securely that is,
decrypt encrypted messages to read them and encrypt messages they want to send.

3. Hash key

A hash function is a mathematical function that converts an input value into a compressed numerical
value – a hash or hash value. Basically, it's a processing unit that takes in data of arbitrary length and
gives you the output of a fixed length the hash value.

3. Explain the functioning of “Digital signatures” in 100-150 words.

A digital signature is a means of verifying the validity and integrity of a message. This is can be done
by means of public key cryptography techniques combined with cryptographic hash functions, which
can also be used as digital signature to run non-repudiation functions. This commonly used to protect
the integrity of the nonmutable data in RREQ and RREP messages. When the process begins by
creating cryptographic hash the digital signature is being transmitted as encrypted file, this so-called
Digital signature. The message is then sent to the receiver with encrypted private key from the sender,
and the resulting value is affixed to the message.
 

4. Explain two (2) features of digital signatures. Write 100-150 for each function.

The core  security  services provided by digital signatures are:

 Signer  authentication. Proof of who signed the document i.e. digital signatures linking the user's
signature to an actual identifiable entity. The unique identifying “fingerprint” data in a digital
signature remains permanently embedded within a document. This security includes, the vendor
facilitates the creation of a signature based on the signer’s private key.

 Data integrity. Proof that the document has not been changed since signing. Signs that
someone has tampered with or altered a document after signing it can be easily detected.
Basically, this offers the highest and most verifiable standard for identifying an individual by an
electronic signature.
5. Answer the below questions related to timestamp.

5A) Explain two (2) functions of timestamp. Explain each in 50-100 words.

 ParseDateString(date-string,pattern)- This function uses the pattern to determine how the

specified date-string is formatted and reformats it as yyyy-MM-dd. The pattern must use the
characters d, M, and y (case-sensitive) to specify the sequence of day, month, and year.

 FormatDateString(date-string, pattern)- This function turns a standard MEP date or

timestamp into the date format specified by the pattern. The pattern must use the
characters d, M, and y (case-sensitive) to specify the sequence of day, month and
year.

5B) Summaries two features of timestamp.

The most important reason being that use of timestamp is that, it will want to create a timeline for all
the systems that were compromised. This helps to view the intrusion as a whole in story line format. If
all data is stored in UTC format a timeline is easy to build. And so, If data is not in UTC format this will
have to keep a list of each system and its according time zones and later convert it to UTC manually.

6. What do you understand by the term “Encryption strength”? Explain in 50-100 words.

This is a proportion of the number of bits in the key used to encrypt information during an SSL session.
The greater the number, the more it takes for computer(s) to decrypt enciphered information. The
strength of encryption relies exclusively upon the internet browser and the webserver it demands the
association with.

7. Explain each of following terms in 50-150 words.

1. Message digest 5 (MD5)- it is a hash function used in cryptography. Like other message-digest
algorithms, it was largely developed for digital signature applications which make use of a large
compressed file in a secure fashion. The algorithm of Message Digest 5 makes use of a message of any
length and outputs a 128-bit message digest of the input.

2. Secure hash algorithm (SHA)- Secure Hash Algorithm  is the name of a series of  hash algorithms.
produces a 160-bit hash value from an arbitrary length string. Like MD5, it is also used widely in
applications such as SSH, SSL, S-MIME (Secure / Multipurpose Internet Mail Extensions), and IPSec.

3. Public key infrastructure (PKI)- Public key infrastructure (PKI) is a catch-all term for everything used to
establish and manage public key encryption, one of the most common forms of internet encryption. The
most important concepts to understand to grasp how PKI works are keys and certificates. PKI gets its
name because each participant in a secured communications channel has two keys.
4. Pretty good privacy (PGP)- is a methodology used for encrypting and decrypting digital files and
communications over the Internet. PGP uses a symmetric encryption key to encrypt messages, and a
public key is used with each sent and received message. First, the receiver must use its private key to
decrypt the key and then decrypt the message through the decrypted symmetric key.

5. GNU privacy guard (GnuPG)- is an encryption tool that allows easy access to certain symmetric and
asymmetric functions. It can be used primarily for encryption of documents and email. Basically, this
program generates public/private key pair. This set of two related keys allows individuals with your
public key to encrypt text and data such that only your private key can decrypt them, and allows you to
digitally sign documents with your private key such that your signature can be verified with your public
key.

8. Explain the importance of reviewing helpdesk records to troubleshoot encryption issues. Explain in
40-80 words.

A help desk is a multi-dimensional asset, assigned to help in lessening downtime in IT administrations

and functions and making them accessible for the greatest time. It is uniquely centered around end
client usefulness, and, in this way, is responsible for quick necessities, incidents, and technical issues of
end clients.

9. What important information will you collect by reviewing system logs for encryption issues and
compromises. Write your response in 50-100 words

Event-based logs usually the most important because it contain records describing system events,
application events, or user events. Basically, an audit trail should include sufficient information to
establish what events occurred and who (or what) caused them in the real time manner. Also, Logs
are useful when performing auditing and forensic.

10. Explain each the following security threats in 50-100 words.

1. Eavesdropping- An eavesdropping attack, also known as a sniffing or snooping attack, is a theft of

information as it is transmitted over a network by a computer. In other words, listening secretly to a
private conversation.

2. Data Interception- Refers to the obstruction of data transmission to and from the device, and remotely
altering the messages. This happen when data is being transferred this can be intercepted if someone
uses some hijacking software and pretends to be the destination for communications across a network.
3. Data corruption- Data corruption is errors in computer data that happens while the computer is
reading, writing, storing, transmitting, or processing the data. A corrupted hard drive directory can cause
files to apparently "go missing" and lead to further data loss or corruption, such files being overwritten
with new data as a corrupted directory may no longer accurately reflect what disk space is free or
available vs. the disk space that contains data.

4. Data falsification- it is an act of Data tampering deliberately modifying (destroying, manipulating, or

editing) data through unauthorized channels. the intrusion is malicious and the effects on the data
always dire. So, the threat is action whereby false data deceives an authorized entity.

5. Authentication issues. it means that for some reason, the phone/tablet couldn't verify the password
and thus, it can't connect to the network. In particularly sensitive or high-risk login situations, too many
unsuccessful authentication attempts may cause account lockout, where a user must take extra steps to
authenticate their identity.

11. Explain the term “Transmission Control Protocol” and its application in 150-200 words.

TCP (Transmission Control Protocol) is a standard that defines how to establish and maintain a network
conversation through which application programs can exchange data. TCP works with the Internet
Protocol (IP), which defines how computers send packets of data to each other. As well as, a connection-
oriented communications protocol that facilitates the exchange of messages between computing devices
in a network. Basically, a standard for exchanging data between different devices in a computer
network. To elaborate further, TCP is intended for use as a highly reliable host-to-host protocol between
hosts in packet-switched. The Source Port and Destination Port provide the addresses of the source and
destination communicating processes on their respective machines. Sequence Number locates the data
carried by the TCP segment in the sender's byte stream.

12. Explain the following terms. (Each in 50-150 words).

1. Wired Equivalent Privacy (WEP)

It is a security algorithm introduced to provide data confidentiality for wireless networks, which aims to
add a layer of security to the wireless network through offering a strong encryption to the data. Also, to
make wireless networks as secure as wired networks, such as those connected by Ethernet cables.

2. Wi-Fi Protected access (WPA)

It is a security standard for users of computing devices equipped with wireless internet connections and
provide more sophisticated data encryption and better user authentication than Wired Equivalent
Privacy (WEP). So basically, its purpose is to address serious weaknesses in the previous system, the
Wired Equivalent Privacy (WEP) standard. Which produce 128-bit “temporary key integrity protocol”
(TKIP).

3. Wi-Fi Protected access 2 (WPA2)

WPA2 is the security method added to WPA for wireless networks that provides stronger data protection
and network access control. It provides enterprise and consumer Wi-Fi users with a high level of
assurance that only authorized users can access their wireless networks. Basically, this is just an upgrade
of the previous WPA.

13. Explain each of the following certificate related infrastructure in 50-150 words?

1) Certificate authorities

Digital Certificates are verifiable small data files that contain identity credentials to help websites,
people, and devices represent their authentic online identity (authentic because the CA has verified the
identity). Also, a company or organization that acts to validate the identities of entities (such as
websites, email addresses, companies, or individual persons) and bind them to cryptographic keys
through the issuance of electronic documents.

2) Registration authorities

A Registration Authority (RA) is a function for certificate enrollment used in PKIs. It is responsible for
receiving certificate signing requests. In other words, this is an authority in a network that verifies user
requests for a digital certificate and tells the certificate authority (CA) to issue it.

3) Repository services

Repository Services Locate this document in the navigation structure. This is commonly used by Banks for
derivatives and securities financing transactions. Which, Service is a separate, multi-threaded process
that retrieves, inserts, and updates metadata in the repository database tables.

The repository contains the instructions required to:

 extract, transform, and load data

 and store administrative information such as:

o permissions,

o and privileges.
14. List three (3) most common asymmetric key algorithms and summarise their usages in 40-80 words.

1. DES Symmetric Encryption Algorithm.

DES converts 64-bit blocks of plaintext data into ciphertext by dividing the block into two
separate 32-bit blocks and applying the encryption process to each independently. Ultimately,
64-bit blocks of encrypted text are produced as the output.

2. 3DES Symmetric Encryption Algorithm.

This is an upgraded version of the DES algorithm. 3DES was developed to overcome the
drawbacks of the DES algorithm. Meaning, a newer version of DES, which much harder to crack
than its DES predecessor. It also became a widely used encryption algorithm in payment
systems, standards, and technology in the finance industry.

3. AES Symmetric Encryption Algorithm.

AES is a family of block ciphers that consists of ciphers of different key lengths and block sizes,
which works on the methods of substitution and permutation. First, the plaintext data is turned
into blocks, and then the encryption is applied using the encryption key. The encryption process
consists of various sub-processes such as sub bytes, shift rows, mix columns, and add round keys.

15. What do you understand by reply attacks? Write your response in 100-150 words.

A replay attack is an attack on the security protocol using replays of data transmission from a different
sender into the intended into receiving system or repeat the valid transmission of data between a
genuine user and a site. This is a typical breach of secured communication between peers that threatens
the very design of authentication and key distribution protocols. This sometimes also called a playback
attack, is a cyber-attack in which the malicious entity intercepts and then repeats a valid data
transmission going through a network. Ultimately, the hackers owing to the validity of the original data
(which typically comes from an authorized user) the network's security protocols treat the attack as if it
were a normal data transmission.

16. List and explain five (5) security problems and challenges arise due to organisational issues?

1. Cyber-attack- such as phishing campaigns, are typically designed to steal personal data. also,
ransomware and denial-of-service attacks, have several possible aims, ranging from extorting
money to disrupting business operations for political reasons.
2. Data breach- this happen because of malicious insiders and employee negligence pose a
significant risk. Company lost data as a result.
3. Unplanned IT and telecom outages- Systems crash, files are lost, and documents go missing.
When the problem isn’t immediately obvious, you’ll need to halt or limit the amount of work that
can be done until you find out what’s wrong.
4. Interruption to utility supply- If the organization’s water, gas, or electricity is compromised, the
business operations will probably be affected. Without power, the systems won’t run. In that
event, it have to close off part or all of the office until the issue was resolved.
 5. Adverse weather- Bad weather can severely disrupt the organization, with anything from strong
winds to heavy snow potentially leading to downtime.

17. Summarise the features and functions of access control permission in 100-200 words.

Access control is a security technique that regulates who or what can view or use resources in a
computing environment, and a set of policies to control who is granted access to a physical location.
Basically, a set of policies to decide who gets access to a restricted physical location.

Access Control Features

 Access  certain elements for a specific campaign, such as a service or short code. This is
particularly useful for resellers who must limit  access  by campaign.

 Use a subset of the  functions  available; for example, you may not wish all your users to be able
to send a broadcast message or see confidential reports.

18. Explain the functioning and features of the following in 100-200 words for each.

1. Symmetrical Encryption-

This is said to be the simplest and best-known encryption technique only used to both encrypt and
decrypt electronic information., The entities communicating via symmetric encryption must exchange the
key so that it can be used in the decryption process.

 Because the algorithm behind symmetric encryption is less complex and executes faster, this is
the preferred technique when transmitting data in bulk.

 The plaintext is encrypted using a key, and the same key is used at the receiving end to decrypt
the received ciphertext. The host in the communication process would have received the key
through external means.

 Widely used symmetric encryption algorithms include AES-128, AES-192, and AES-256.

2. Asymmetrical Encryption

This type of encryption is relatively new as compared to symmetric encryption and is also referred to as
public-key cryptography.

 Asymmetric encryption is more secure than symmetric encryption as it uses two keys for the
process.
 The public key used for encryption is available to everyone, but the private key is not disclosed.
 This encryption method is used in everyday communication over the internet.
 When a message is encrypted using a public key, it can only be decrypted using a private key.
However, when a message is encrypted using a private key, it can be decrypted using a public
key.
  Digital certificates in the client-server model can be used to discover public keys.
 The drawback of this encryption is that it takes more time than the symmetric encryption
process.
 Common asymmetric encryption techniques include RSA, DSA, and PKCS.

19. Summarise the features and functions of “One-way encryption”?

One-way encryption is also called a "one-way hash function," the one-way means that it is extremely
difficult to turn the digest back into the original message. It is also exceedingly rare that two different
message inputs can result in the same digest output. Not the Same as Hash Tables. Cryptographic
hashes differ from hash tables. The functions are used for data integrity and often in combination with
digital signatures.

A one-way hash function, also known as a message digest, fingerprint or compression function, is a
mathematical function which takes a variable-length input string and converts it into a fixed-length
binary sequence.

20. List two techniques to analyse data security requirements.

1. Data loss prevention (DLP)

Often, the weakest link in network security is the human element. DLP technologies and policies
help protect staff and other users from misusing and possibly compromising sensitive data or
allowing said data out of the network.

2. Access control

Access control allows you to increase your network protection by limiting user access and
resources to only the parts of the network that directly apply to individual users’ responsibilities.

21. What are the essential information should include in a security plan. List any three (3).

 Availability
It is referring to the ability to access information or resources in a specified location and in the
correct format. When a system is regularly not functioning, information and data availability is
compromised, and it will affect the users.
 Integrity
It is referring to methods of ensuring that the data is real, accurate and guarded from
unauthorized user modification, this ultimately the user wants to trust the information of
security components.
 Confidentiality
means allowing authorized users to access sensitive and protected information, which
information and data should be disclosed to authorized users only.