SlideShare a Scribd company logo

Unit 1 QB.docx

•Download as DOCX, PDF•
•
K
karthikaparthasarath

Cyber Security essentials, question bank 2 marks and 10 marks

Education
1 of 11
UNIT –I /II MSc/MTNC Page 1 MANNAR THIRUMALAI NAICKER COLLEGE, (AUTONOMOUS) (Affiliated to Madurai Kamaraj University, Re-accredited with A Grade by NAAC ) MADURAI- 625004. Department of Computer Science Cyber Security – II M.Sc (CS) (2021 onwards) UNIT -I Question Bank with Answers
UNIT –I /II MSc/MTNC Page 2 1. What is the CIA Triad?  The three letters in "CIA triad" stand for Confidentiality, Integrity, and Availability.  The CIA triad is a common model that forms the basis for the development of security systems.  They are used for finding vulnerabilitiesand methods for creating solutions. 2. Define Authentication?  Authentication is important to any secure system, as it is the key to verifying the source of a message or that an individual is whom he or she claims.  Verifying an individual’s authorization to receive specific categories of information. 3.Types Of Factors of Authentication ? There are three authentication factors that can be used:  Something you know,  Something you have,  Something you are. 4.Define Authorization ?  While authentication relates to verifying identities, authorizationfocuses on determining what a user has permission to do.  The NIAG defines authorization as “ access privileges granted to a user, program, or process.” 5.To Write Any Four Frequency of letters in the English language? LETTER FREQUENCY E - 12.70% T- 9.06%
UNIT –I /II MSc/MTNC Page 3 A- 8.17% M- 2.41% 6. What is NIAG ? National Information Assurance Glossary, published by the United States federal government, is an unclassified glossary of Information security terms intended to provide a common vocabulary for discussing Information Assurance concepts. 7. Define Availability ?  Information systems must be accessible to users for these systems to provide any value.  The NIAG defines availability as timely, reliable access todata and information services for authorized users. 8. Define Integrity ?  In the information security realm, integrity normally refers to data integrity, or ensuring that stored data are accurate and contain no unauthorized modifications.  The logical completeness of the hardware and software implementing the protection mechanisms 9. Define Nonrepudiation ?  Assurance the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the data.  But nonrepudiation is still necessary. 10. Define Confidentiality ?  The term confidentiality is familiar to most people, even those not in the security industry.  Confidentiality as assurance that information is not disclosed to unauthorized individuals, processes, or devices.
UNIT –I /II MSc/MTNC Page 4 11. Write The Example Of “ Something You Know ”?  Information the system assumes others do not know.  This information may be secret, like a password or PIN code, or simply a piece of information that most people do not know, such as a user’s mother’s maiden name 12. Write The Example Of “Something You Have ”?  Something the user possesses that only he or she holds  A Radio Frequency ID (RFID) badge, One-Time-Password (OTP) generating Token, or a physical key. 13. Write The Example Of “Something You Are ”?  A person’s fingerprint  Voice print  Retinal scan—factors known as biometrics. 14.What are the fundamentals of information assurance?  Authentication  Authorization  Non repudiation  Confidentiality 15.Describe information assurance fundamental?  Information Assurance concerns implementation of methods that focused on protecting and safeguarding critical information and relevant information systems by assuring confidentiality, integrity, availability, and non-repudiation.
UNIT –I /II MSc/MTNC Page 5 1. Summarize the basics of ciphers and cryptanalysis? The English word cryptography derives from Greek and translates roughly to “hidden writing.” For thousands of years, groups who wanted to communicate in secret developed methods to write their messages in a way that only the intended recipient could read. In the information age, almost all communication is subject to some sort of eavesdropping, and as a result cryptography has advanced rapidly. Understanding how cryptography works is important for anyone who wants to be sure that their data and communications are safe from intruders. This section discusses cryptography, starting with basic ciphers and cryptanalysis. The ancient Egyptians began the first known practice of writing secret messages, using nonstandard hieroglyphs to convey secret messages as early as 1900 bc. Since that time, people have developed many methods of hiding the content of a message. These methods are known as ciphers. The most famous classical cipher is the substitution cipher. Substitution ciphers work by substituting each letter in the alphabet Cyber Security Fundamentals 7 © 2011 by Taylor & Francis Group, LLC with another one when writing a message. For instance, one could shift the letters of the English alphabet as shown: abcdefghijklmnopqrstuvwxyz nopqrstuvwxyzabcdefghijklm Using this cipher, the message “the act starts at midnight” would be written as “gurnpgfgnegfngzvqavtug.” The text above, showing how to decode the message, is known as the key. This is a very simple substitution cipher known as the Caesar cipher (after Julius Caesar, who used it for military communications) or ROT13 because the characters in the key are rotated thirteen spaces to the left. Cryptography is driven by the constant struggle between people who want to keep messages secret and those who work to uncover their meanings. Substitution ciphers are very vulnerable to cryptanalysis, the practice of breaking codes. With enough text, it would be simple to begin replacing characters in the ciphertext with their possible cleartext counterparts. Even without knowing about the Caesar cipher, it is easy to guess that a three-letter word at the beginning of a sentence is likely to be the. By replacing all instances of the letters g, u, and r with t, h, and e, the ciphertext changes to
UNIT –I /II MSc/MTNC Page 6 thenptftnetfntzvqavtht Next, the analyst might notice that the fourth word is only two letters long and ends with t. There are two likely possibilities for this word: at and it. He chooses at and replaces all occurrences of n in the sentence with an a. the apt ftaetf at zvqavtht With at in place, the pattern is clearer, and the analyst guesses that if the letter g translates to t, the adjacent letter f may translate to s. the apt staets at zvqavtht The word sta_ts now looks very close to starts, and the analyst makes another substitution, indicating that rst is equivalent to efg, which reveals the full pattern of the cipher and the message. While the message is now clear, the meaning of “the act starts at midnight” is not. Code words are an excellent way of hiding a message but, unlike cryptography, cannot hide the meaning of arbitrary information without agreement on the meaning of the code words in advance https://quizizz.com/admin/quiz/62d0373ebea654001d6354dd?source=q uiz_page 2.Describe the symmetric encryption? Although symmetric encryption requires a shared key and therefore depends upon the secrecy of that key, it is an effective and fast methodfor protecting the confidentiality of the encrypted content. In this section we explain the basics of symmetric encryption and how it differs from asymmetric algorithms. Symmetric encryption is a class of reversible encryption algorithms that use the same key for both encrypting and decrypting messages. Symmetric encryption, by definition, requires both communication endpoints to know the same key in order to send and receive encrypted messages (see Exhibit 1-6). Symmetric encryption depends upon the secrecy of a key. Key exchanges or pre-shared keys present a challenge to keeping the encrypted text’s confidentiality and are usually performed out of band using different protocols. Algorithms in this category are usually fast because their operations use cryptographic primitives. As previously discussed in Basic Cryptography we explained how the cryptographic primitive substitution works.
UNIT –I /II MSc/MTNC Page 7 Permutation, or altering the order, is another cryptographic primitive that many symmetric algorithms also use in practice. The reason it is possible to brute force an XOR key that uses just one byte is that the length of the key is so small. One byte (8 bits) allows for only 256 possible key combinations. A two-byte (16 bits) key creates 65,536 possible keys, but this number is still quite easy to brute force with modern computing power. Modern cryptographic ciphers typically use 128-bit keys, which are still infeasible to brute force with today’s computing power Modern stream ciphers like RC4, designed by Ron Rivest in 1987, avoid this problem by using a pseudo-random number generation (PRNG) algorithm. Instead of performing an XOR on each byte of data with a key, a PRNG receives a chosen key, used as a “seed.” A PRNG generates numbers that are close to random but will always be the same given the same seed. RC4 uses the PRNG to create an infinitely long, one-time pad of singlebyte XOR keys. This technique allows the sender to encrypt a message with a single (relatively short) key, but for each individual byte, the XOR key is different. 3. Illustrate thepublic key encryption? This section continues this series with a brief discussion of asymmetric encryption, more commonly referred to as public key encryption. Public key encryption represents a branch of cryptography for which the distinguishing attribute of the system is the use of two linked keys for encryption and decryption, rather than a single key. While a variety of public key encryption solutions have been proposed, with some implemented and standardized, each system shares one common attribute: each public key system uses one key, known as the public key, to encrypt data, and a second key, known as the private key, to decrypt the encrypted data. Public key encryption solves one of the major issues with symmetric key encryption, namely, the use of a shared key for both sides of the conversation. In public key systems, the intended recipient of a secure communication publishes his or her public key. Anyone wishing to send a secure datagram to the recipient uses the recipient’s public key to
UNIT –I /II MSc/MTNC Page 8 encrypt the communication; however, those in possession of the public key cannot use the key to decrypt the communication. The use of a public key is a one-way cryptographic operation. This allows recipients to give out their public keys without the risk of someone using the same public keys to reveal the original content of the messages sent. This is the most obvious advantage over symmetric encryption. To decrypt the encrypted message, the recipient uses his or her private key. The private key has a mathematical relationship to the public key, but this relationship does not provide an easy way for an attacker to derive the private key from the public key. Given the fact that the recipient uses the private key to decrypt messages encoded with the public key, it is paramount that the owner of the private key keeps it secure at all times. Visually, the process of encrypting and decrypting a message using the public key method is similar to the process of using symmetric encryption with the notable exception that the keys used in the process are not the same. Exhibit 1-8 illustrates this disconnect. One of the simplest analogies for public key encryption is the lock box analogy. In essence, if an individual (Blake, for example) wanted to send a message to another individual (Ryan, for example) without exchanging a shared cryptographic key, Blake could simply place his communication in a box and secure it with a lock that only Ryan could open. For Blake to possess such a lock, the box would need to be publicly available. In this case, that lock represents Ryan’s public key. Blake could then send the locked box to Ryan. Upon receiving the box, Ryan would use his key to unlock the box to retrieve the message. In this situation, once Blake has locked (encrypted) his message to Ryan into the lock box with Ryan’s lock (public key), Blake, or anyone else who may come in contact with the lock
UNIT –I /II MSc/MTNC Page 9 box, will be unable to access the contents. Only with Ryan’s private key to the lock box will the message become retrievable. 4. Emphasize thefundamentals of Domain Name System. DNS is a fundamental piece of the Internet architecture. Knowledge of how the DNS works is necessary to understand how attacks on the system can affect the Internet as a whole and how criminal infrastructure can take advantage of it. The Internet Protocol is the core protocol the Internet uses. Each computer with Internet access has an assigned IP address so that other systems can send traffic to it. Each IP address consists of four numbers between 0 and 255 separated by periods, such as 74.125.45.100. These numbers are perfect for computers that always deal with bits and bytes but are not easy for humans to remember. To solve this problem, the DNS was invented in 1983 to create easy-to-remember names that map to IP address. The primary goal that the designers of the DNS had in mind was scalability. This goal grew from the failure of the previous solution that required each user to download a multithousand-line file named hosts.txt from a single server. To create a truly scalable system, the designers chose to create a hierarchy of “domains.” At the top of the hierarchy is the “root” domain under which all other domains reside. Just below the root domain are top-level domains (TLD) that break up the major categories of domains such as .com, .gov, and the country code Tdomains that organizations and individuals can register with the registry that manages that TLD. Below the TLDs are second-level domainsthat organizations and individuals can register with the registry that manages that TLD. Below second-level domains are the third-level
UNIT –I /II MSc/MTNC Page 10 domains and so forth, with a maximum of 127 levels. Exhibit 1-10 shows how Separating domains in this way allows different registries to manage the different TLDs. These registries are responsible for keeping the records for their assigned TLD and making infrastructure available to the Internet so users can map each domain name to its corresponding IP address. 5. Explain firewall and the classification of firewalls ? Firewall A Firewall is a device, usually a router or a computer, installed between the internal network of an organization and the rest of the Internet. It is used to control the access of the Internet. It is designed to forward some packets and filter others. It can be used to deny access to a specific host or a specific service in the organization. It is a network security system. It is used to monitor and control over all incoming and outgoing network traffic of your system. It is based on advanced and a defined set of security rules. Firewall Classification It is usually classified as Packet-filter Firewall & Proxy firewall on the basis of its working. Packet-Filter Firewall A packet-filter firewall is a router that uses a filtering table to decide which packets must be discarded i.e. not forwarded. A firewall can be used as a packet filter. It can forward or block packets based on the information in the headers: source and destination IP addresses, source and destination port addresses, type of protocol (TCP or UDP). A packet- filter firewall filter at network or transport layer. An example of a filtration table for such firewall can be shown below. Proxy Firewall The packet-filter firewall is based on the information available in the network layer and transport layer headers (IP and TCP/UDP). Sometimes we need to filter a message based on the information available in the
UNIT –I /II MSc/MTNC Page 11 message itself at the application layer. Installing a proxy computer between the customer computer and corporation computer can be a solution to this situation as shown in the figure below. How a Firewall Works Firewall can constantly monitor all incoming and outgoing traffic. Firewall is different from just a traffic analyser because we can also use set up to block certain things. A firewall might disable particular applications from accessing the network, block URLs from loading, and prevent traffic through certain network ports. Some firewalls can even be used in a mode where they block everything until you explicitly allow every single access. This is one way to block everything on a network so that you can manually set up safeguards against network-related threats.

Recommended

Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Techglyphs
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
Cryptography- "A Black Art"
Cryptography- "A Black Art"Cryptography- "A Black Art"
Cryptography- "A Black Art"Aditya Raina
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICijsrd.com
 
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdf
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdfWINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdf
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdfsadinenitejaswi23cse
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptographyHossain Md Shakhawat
 

Recommended

Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Techglyphs
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
Cryptography- "A Black Art"
Cryptography- "A Black Art"Cryptography- "A Black Art"
Cryptography- "A Black Art"Aditya Raina
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICijsrd.com
 
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdf
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdfWINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdf
WINSEM2023-24_BCSE309L_TH_VL2023240500748_2024-03-19_Reference-Material-II.pdfsadinenitejaswi23cse
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptographyHossain Md Shakhawat
 
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEYMETHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEYIJNSA Journal
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfYasmine Anino
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
Cryp Essay
Cryp EssayCryp Essay
Cryp EssayCarmen Sanborn
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptographyMuhammadalizardari
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Cryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCarla Bennington
 
Data encryption
Data encryptionData encryption
Data encryptionBalvant Biradar
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptxsunil sharma
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesMona Rajput
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxInfosectrain3
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...Editor IJCATR
 
A Study On Cryptographic Techniques
A Study On Cryptographic TechniquesA Study On Cryptographic Techniques
A Study On Cryptographic TechniquesStacy Taylor
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptPayalChopra9
 
BASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxBASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxkarthikaparthasarath
 
Fundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docxFundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docxkarthikaparthasarath
 

More Related Content

Similar to Unit 1 QB.docx

METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEYMETHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEYIJNSA Journal
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfYasmine Anino
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Cryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCarla Bennington
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptxsunil sharma
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesMona Rajput
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxInfosectrain3
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...Editor IJCATR
 
A Study On Cryptographic Techniques
A Study On Cryptographic TechniquesA Study On Cryptographic Techniques
A Study On Cryptographic TechniquesStacy Taylor
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptPayalChopra9
 

Similar to Unit 1 QB.docx (20)

METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEYMETHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...
 
Cryp Essay
Cryp EssayCryp Essay
Cryp Essay
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data Communication
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptography
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Cryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCryptography And Embedded Systems Used
Cryptography And Embedded Systems Used
 
Data encryption
Data encryptionData encryption
Data encryption
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptx
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniques
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptx
 
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
A New Method for Encrypting Digital Data Using Symmetric Key in Information E...
 
A Study On Cryptographic Techniques
A Study On Cryptographic TechniquesA Study On Cryptographic Techniques
A Study On Cryptographic Techniques
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
 

More from karthikaparthasarath

BASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxBASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxkarthikaparthasarath
 
Fundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docxFundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docxkarthikaparthasarath
 
Software Engineering Question Bank.docx
Software Engineering Question Bank.docxSoftware Engineering Question Bank.docx
Software Engineering Question Bank.docxkarthikaparthasarath
 
BASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxBASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxkarthikaparthasarath
 
ATTACKER TECHNIQUES AND MOTIVATION.pptx
ATTACKER TECHNIQUES AND MOTIVATION.pptxATTACKER TECHNIQUES AND MOTIVATION.pptx
ATTACKER TECHNIQUES AND MOTIVATION.pptxkarthikaparthasarath
 
Unit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxUnit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxkarthikaparthasarath
 
BUilt in Functions and Simple programs in R.pdf
BUilt in Functions and Simple programs in R.pdfBUilt in Functions and Simple programs in R.pdf
BUilt in Functions and Simple programs in R.pdfkarthikaparthasarath
 
Heuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptHeuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptkarthikaparthasarath
 
Heuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptHeuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptkarthikaparthasarath
 
UNIT III Process Synchronization.docx
UNIT III Process Synchronization.docxUNIT III Process Synchronization.docx
UNIT III Process Synchronization.docxkarthikaparthasarath
 
Android Lab Mannual 18SUITSP5.docx
Android Lab Mannual 18SUITSP5.docxAndroid Lab Mannual 18SUITSP5.docx
Android Lab Mannual 18SUITSP5.docxkarthikaparthasarath
 
Activity playfair cipher.pptx
Activity playfair cipher.pptxActivity playfair cipher.pptx
Activity playfair cipher.pptxkarthikaparthasarath
 
Cyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxCyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxkarthikaparthasarath
 
UNIT II - CPU SCHEDULING.docx
UNIT II - CPU SCHEDULING.docxUNIT II - CPU SCHEDULING.docx
UNIT II - CPU SCHEDULING.docxkarthikaparthasarath
 

More from karthikaparthasarath (20)

BASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxBASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptx
 
Fundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docxFundamentals of Computers MCQS.docx
Fundamentals of Computers MCQS.docx
 
Software Engineering Question Bank.docx
Software Engineering Question Bank.docxSoftware Engineering Question Bank.docx
Software Engineering Question Bank.docx
 
BASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptxBASIC COMPUTER ORGANIZATION unit 1.pptx
BASIC COMPUTER ORGANIZATION unit 1.pptx
 
ATTACKER TECHNIQUES AND MOTIVATION.pptx
ATTACKER TECHNIQUES AND MOTIVATION.pptxATTACKER TECHNIQUES AND MOTIVATION.pptx
ATTACKER TECHNIQUES AND MOTIVATION.pptx
 
Unit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxUnit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptx
 
BUilt in Functions and Simple programs in R.pdf
BUilt in Functions and Simple programs in R.pdfBUilt in Functions and Simple programs in R.pdf
BUilt in Functions and Simple programs in R.pdf
 
Heuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptHeuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.ppt
 
simple programs.docx
simple programs.docxsimple programs.docx
simple programs.docx
 
Heuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.pptHeuristic Search Techniques Unit -II.ppt
Heuristic Search Techniques Unit -II.ppt
 
UNIT III Process Synchronization.docx
UNIT III Process Synchronization.docxUNIT III Process Synchronization.docx
UNIT III Process Synchronization.docx
 
Android Lab Mannual 18SUITSP5.docx
Android Lab Mannual 18SUITSP5.docxAndroid Lab Mannual 18SUITSP5.docx
Android Lab Mannual 18SUITSP5.docx
 
Activity playfair cipher.pptx
Activity playfair cipher.pptxActivity playfair cipher.pptx
Activity playfair cipher.pptx
 
Activity Hill Cipher.pptx
Activity Hill Cipher.pptxActivity Hill Cipher.pptx
Activity Hill Cipher.pptx
 
Activity Caesar Cipher.pptx
Activity Caesar Cipher.pptxActivity Caesar Cipher.pptx
Activity Caesar Cipher.pptx
 
Cyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxCyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptx
 
Unit I Q&A.docx
Unit I Q&A.docxUnit I Q&A.docx
Unit I Q&A.docx
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
UNIT I - Part 1.pptx
UNIT I - Part 1.pptxUNIT I - Part 1.pptx
UNIT I - Part 1.pptx
 
UNIT II - CPU SCHEDULING.docx
UNIT II - CPU SCHEDULING.docxUNIT II - CPU SCHEDULING.docx
UNIT II - CPU SCHEDULING.docx
 

Recently uploaded

Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)Dr. Mazin Mohamed alkathiri
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 

Recently uploaded (20)

Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 

Unit 1 QB.docx

  • 1. UNIT –I /II MSc/MTNC Page 1 MANNAR THIRUMALAI NAICKER COLLEGE, (AUTONOMOUS) (Affiliated to Madurai Kamaraj University, Re-accredited with A Grade by NAAC ) MADURAI- 625004. Department of Computer Science Cyber Security – II M.Sc (CS) (2021 onwards) UNIT -I Question Bank with Answers
  • 2. UNIT –I /II MSc/MTNC Page 2 1. What is the CIA Triad? ď‚· The three letters in "CIA triad" stand for Confidentiality, Integrity, and Availability. ď‚· The CIA triad is a common model that forms the basis for the development of security systems. ď‚· They are used for finding vulnerabilitiesand methods for creating solutions. 2. Define Authentication? ď‚· Authentication is important to any secure system, as it is the key to verifying the source of a message or that an individual is whom he or she claims. ď‚· Verifying an individual’s authorization to receive specific categories of information. 3.Types Of Factors of Authentication ? There are three authentication factors that can be used: ď‚· Something you know, ď‚· Something you have, ď‚· Something you are. 4.Define Authorization ? ď‚· While authentication relates to verifying identities, authorizationfocuses on determining what a user has permission to do. ď‚· The NIAG defines authorization as “ access privileges granted to a user, program, or process.” 5.To Write Any Four Frequency of letters in the English language? LETTER FREQUENCY E - 12.70% T- 9.06%
  • 3. UNIT –I /II MSc/MTNC Page 3 A- 8.17% M- 2.41% 6. What is NIAG ? National Information Assurance Glossary, published by the United States federal government, is an unclassified glossary of Information security terms intended to provide a common vocabulary for discussing Information Assurance concepts. 7. Define Availability ? ď‚· Information systems must be accessible to users for these systems to provide any value. ď‚· The NIAG defines availability as timely, reliable access todata and information services for authorized users. 8. Define Integrity ? ď‚· In the information security realm, integrity normally refers to data integrity, or ensuring that stored data are accurate and contain no unauthorized modifications. ď‚· The logical completeness of the hardware and software implementing the protection mechanisms 9. Define Nonrepudiation ? ď‚· Assurance the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the data. ď‚· But nonrepudiation is still necessary. 10. Define Confidentiality ? ď‚· The term confidentiality is familiar to most people, even those not in the security industry. ď‚· Confidentiality as assurance that information is not disclosed to unauthorized individuals, processes, or devices.
  • 4. UNIT –I /II MSc/MTNC Page 4 11. Write The Example Of “ Something You Know ”? ď‚· Information the system assumes others do not know. ď‚· This information may be secret, like a password or PIN code, or simply a piece of information that most people do not know, such as a user’s mother’s maiden name 12. Write The Example Of “Something You Have ”? ď‚· Something the user possesses that only he or she holds ď‚· A Radio Frequency ID (RFID) badge, One-Time-Password (OTP) generating Token, or a physical key. 13. Write The Example Of “Something You Are ”? ď‚· A person’s fingerprint ď‚· Voice print ď‚· Retinal scan—factors known as biometrics. 14.What are the fundamentals of information assurance? ď‚· Authentication ď‚· Authorization ď‚· Non repudiation ď‚· Confidentiality 15.Describe information assurance fundamental? ď‚· Information Assurance concerns implementation of methods that focused on protecting and safeguarding critical information and relevant information systems by assuring confidentiality, integrity, availability, and non-repudiation.
  • 5. UNIT –I /II MSc/MTNC Page 5 1. Summarize the basics of ciphers and cryptanalysis? The English word cryptography derives from Greek and translates roughly to “hidden writing.” For thousands of years, groups who wanted to communicate in secret developed methods to write their messages in a way that only the intended recipient could read. In the information age, almost all communication is subject to some sort of eavesdropping, and as a result cryptography has advanced rapidly. Understanding how cryptography works is important for anyone who wants to be sure that their data and communications are safe from intruders. This section discusses cryptography, starting with basic ciphers and cryptanalysis. The ancient Egyptians began the first known practice of writing secret messages, using nonstandard hieroglyphs to convey secret messages as early as 1900 bc. Since that time, people have developed many methods of hiding the content of a message. These methods are known as ciphers. The most famous classical cipher is the substitution cipher. Substitution ciphers work by substituting each letter in the alphabet Cyber Security Fundamentals 7 © 2011 by Taylor & Francis Group, LLC with another one when writing a message. For instance, one could shift the letters of the English alphabet as shown: abcdefghijklmnopqrstuvwxyz nopqrstuvwxyzabcdefghijklm Using this cipher, the message “the act starts at midnight” would be written as “gurnpgfgnegfngzvqavtug.” The text above, showing how to decode the message, is known as the key. This is a very simple substitution cipher known as the Caesar cipher (after Julius Caesar, who used it for military communications) or ROT13 because the characters in the key are rotated thirteen spaces to the left. Cryptography is driven by the constant struggle between people who want to keep messages secret and those who work to uncover their meanings. Substitution ciphers are very vulnerable to cryptanalysis, the practice of breaking codes. With enough text, it would be simple to begin replacing characters in the ciphertext with their possible cleartext counterparts. Even without knowing about the Caesar cipher, it is easy to guess that a three-letter word at the beginning of a sentence is likely to be the. By replacing all instances of the letters g, u, and r with t, h, and e, the ciphertext changes to
  • 6. UNIT –I /II MSc/MTNC Page 6 thenptftnetfntzvqavtht Next, the analyst might notice that the fourth word is only two letters long and ends with t. There are two likely possibilities for this word: at and it. He chooses at and replaces all occurrences of n in the sentence with an a. the apt ftaetf at zvqavtht With at in place, the pattern is clearer, and the analyst guesses that if the letter g translates to t, the adjacent letter f may translate to s. the apt staets at zvqavtht The word sta_ts now looks very close to starts, and the analyst makes another substitution, indicating that rst is equivalent to efg, which reveals the full pattern of the cipher and the message. While the message is now clear, the meaning of “the act starts at midnight” is not. Code words are an excellent way of hiding a message but, unlike cryptography, cannot hide the meaning of arbitrary information without agreement on the meaning of the code words in advance https://quizizz.com/admin/quiz/62d0373ebea654001d6354dd?source=q uiz_page 2.Describe the symmetric encryption? Although symmetric encryption requires a shared key and therefore depends upon the secrecy of that key, it is an effective and fast methodfor protecting the confidentiality of the encrypted content. In this section we explain the basics of symmetric encryption and how it differs from asymmetric algorithms. Symmetric encryption is a class of reversible encryption algorithms that use the same key for both encrypting and decrypting messages. Symmetric encryption, by definition, requires both communication endpoints to know the same key in order to send and receive encrypted messages (see Exhibit 1-6). Symmetric encryption depends upon the secrecy of a key. Key exchanges or pre-shared keys present a challenge to keeping the encrypted text’s confidentiality and are usually performed out of band using different protocols. Algorithms in this category are usually fast because their operations use cryptographic primitives. As previously discussed in Basic Cryptography we explained how the cryptographic primitive substitution works.
  • 7. UNIT –I /II MSc/MTNC Page 7 Permutation, or altering the order, is another cryptographic primitive that many symmetric algorithms also use in practice. The reason it is possible to brute force an XOR key that uses just one byte is that the length of the key is so small. One byte (8 bits) allows for only 256 possible key combinations. A two-byte (16 bits) key creates 65,536 possible keys, but this number is still quite easy to brute force with modern computing power. Modern cryptographic ciphers typically use 128-bit keys, which are still infeasible to brute force with today’s computing power Modern stream ciphers like RC4, designed by Ron Rivest in 1987, avoid this problem by using a pseudo-random number generation (PRNG) algorithm. Instead of performing an XOR on each byte of data with a key, a PRNG receives a chosen key, used as a “seed.” A PRNG generates numbers that are close to random but will always be the same given the same seed. RC4 uses the PRNG to create an infinitely long, one-time pad of singlebyte XOR keys. This technique allows the sender to encrypt a message with a single (relatively short) key, but for each individual byte, the XOR key is different. 3. Illustrate thepublic key encryption? This section continues this series with a brief discussion of asymmetric encryption, more commonly referred to as public key encryption. Public key encryption represents a branch of cryptography for which the distinguishing attribute of the system is the use of two linked keys for encryption and decryption, rather than a single key. While a variety of public key encryption solutions have been proposed, with some implemented and standardized, each system shares one common attribute: each public key system uses one key, known as the public key, to encrypt data, and a second key, known as the private key, to decrypt the encrypted data. Public key encryption solves one of the major issues with symmetric key encryption, namely, the use of a shared key for both sides of the conversation. In public key systems, the intended recipient of a secure communication publishes his or her public key. Anyone wishing to send a secure datagram to the recipient uses the recipient’s public key to
  • 8. UNIT –I /II MSc/MTNC Page 8 encrypt the communication; however, those in possession of the public key cannot use the key to decrypt the communication. The use of a public key is a one-way cryptographic operation. This allows recipients to give out their public keys without the risk of someone using the same public keys to reveal the original content of the messages sent. This is the most obvious advantage over symmetric encryption. To decrypt the encrypted message, the recipient uses his or her private key. The private key has a mathematical relationship to the public key, but this relationship does not provide an easy way for an attacker to derive the private key from the public key. Given the fact that the recipient uses the private key to decrypt messages encoded with the public key, it is paramount that the owner of the private key keeps it secure at all times. Visually, the process of encrypting and decrypting a message using the public key method is similar to the process of using symmetric encryption with the notable exception that the keys used in the process are not the same. Exhibit 1-8 illustrates this disconnect. One of the simplest analogies for public key encryption is the lock box analogy. In essence, if an individual (Blake, for example) wanted to send a message to another individual (Ryan, for example) without exchanging a shared cryptographic key, Blake could simply place his communication in a box and secure it with a lock that only Ryan could open. For Blake to possess such a lock, the box would need to be publicly available. In this case, that lock represents Ryan’s public key. Blake could then send the locked box to Ryan. Upon receiving the box, Ryan would use his key to unlock the box to retrieve the message. In this situation, once Blake has locked (encrypted) his message to Ryan into the lock box with Ryan’s lock (public key), Blake, or anyone else who may come in contact with the lock
  • 9. UNIT –I /II MSc/MTNC Page 9 box, will be unable to access the contents. Only with Ryan’s private key to the lock box will the message become retrievable. 4. Emphasize thefundamentals of Domain Name System. DNS is a fundamental piece of the Internet architecture. Knowledge of how the DNS works is necessary to understand how attacks on the system can affect the Internet as a whole and how criminal infrastructure can take advantage of it. The Internet Protocol is the core protocol the Internet uses. Each computer with Internet access has an assigned IP address so that other systems can send traffic to it. Each IP address consists of four numbers between 0 and 255 separated by periods, such as 74.125.45.100. These numbers are perfect for computers that always deal with bits and bytes but are not easy for humans to remember. To solve this problem, the DNS was invented in 1983 to create easy-to-remember names that map to IP address. The primary goal that the designers of the DNS had in mind was scalability. This goal grew from the failure of the previous solution that required each user to download a multithousand-line file named hosts.txt from a single server. To create a truly scalable system, the designers chose to create a hierarchy of “domains.” At the top of the hierarchy is the “root” domain under which all other domains reside. Just below the root domain are top-level domains (TLD) that break up the major categories of domains such as .com, .gov, and the country code Tdomains that organizations and individuals can register with the registry that manages that TLD. Below the TLDs are second-level domainsthat organizations and individuals can register with the registry that manages that TLD. Below second-level domains are the third-level
  • 10. UNIT –I /II MSc/MTNC Page 10 domains and so forth, with a maximum of 127 levels. Exhibit 1-10 shows how Separating domains in this way allows different registries to manage the different TLDs. These registries are responsible for keeping the records for their assigned TLD and making infrastructure available to the Internet so users can map each domain name to its corresponding IP address. 5. Explain firewall and the classification of firewalls ? Firewall A Firewall is a device, usually a router or a computer, installed between the internal network of an organization and the rest of the Internet. It is used to control the access of the Internet. It is designed to forward some packets and filter others. It can be used to deny access to a specific host or a specific service in the organization. It is a network security system. It is used to monitor and control over all incoming and outgoing network traffic of your system. It is based on advanced and a defined set of security rules. Firewall Classification It is usually classified as Packet-filter Firewall & Proxy firewall on the basis of its working. Packet-Filter Firewall A packet-filter firewall is a router that uses a filtering table to decide which packets must be discarded i.e. not forwarded. A firewall can be used as a packet filter. It can forward or block packets based on the information in the headers: source and destination IP addresses, source and destination port addresses, type of protocol (TCP or UDP). A packet- filter firewall filter at network or transport layer. An example of a filtration table for such firewall can be shown below. Proxy Firewall The packet-filter firewall is based on the information available in the network layer and transport layer headers (IP and TCP/UDP). Sometimes we need to filter a message based on the information available in the
  • 11. UNIT –I /II MSc/MTNC Page 11 message itself at the application layer. Installing a proxy computer between the customer computer and corporation computer can be a solution to this situation as shown in the figure below. How a Firewall Works Firewall can constantly monitor all incoming and outgoing traffic. Firewall is different from just a traffic analyser because we can also use set up to block certain things. A firewall might disable particular applications from accessing the network, block URLs from loading, and prevent traffic through certain network ports. Some firewalls can even be used in a mode where they block everything until you explicitly allow every single access. This is one way to block everything on a network so that you can manually set up safeguards against network-related threats.