Help
Options
Question
The original message or data that is fed into the algorithm is (BLANK)
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Question
The (BLANK) is the encryption algorithm run in reverse
Remaining cards (107)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Exam 1 com sci
| Question | Answer |
|---|---|
| The original message or data that is fed into the algorithm is (BLANK) | Plaintext |
| The (BLANK) is the encryption algorithm run in reverse | Decryption Algorithm |
| (BLANK) is the scrambled message produced as output | Plaintext |
| On average, (BLANK) of all possible keys must be tried in order to achieve success with a brute-force attack | Brute-force attack |
| The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the (BLANK) | AES |
| (BLANK) is a procedure that allows communicating parties to verify that received or stored messages are authentic | Message Authentication |
| The purpose of a (BLANK) is to produce a “fingerprint” of a file, message, or other block of data | hash functions |
| (BLANK) is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n | RSA |
| Transmitted data stored locally are referred to as (BLANK) | data at rest |
| Digital signatures and key management are the two most important applications of (BLANK) encryption | public-key |
| A (BLANK) is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained | Brute-force attack |
| Combined one byte at a time with the plaintext stream using the XOR operation, a (BLANK) is the output of the pseudorandom bit generator | keystream |
| A (BLANK) protects against an attack in which one party generates a message for another party to sign | strong has function |
| (BLANK) encryption is used primarily to provide confidentiality | Symmetric |
| Two of the most important applications of public-key encryption are (BLANK) signatures and key management | digital |
| (BLANK) attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained | brute-force attack |
| (BLANK) takes a plaintext block of 64 bits and a key of 56 bits to produce a ciphertext block of 64 bits | The DES algorithm/Triple DES |
| (BLANK) are the alternative techniques that have been developed to increase the security of symmetric block encryption for large sequences of data | Modes of operation |
| The advantage of a (BLANK) cipher is that you can reuse keys | block |
| A (BLANK) is a small block of data generated by a secret key and appended to a message | message authentication code |
| The strength of a (BLANK) against brute-force attacks depends solely on the length of the hash code produced by the algorithm | hash function |
| Public-key cryptography is (BLANK) | asymmetric cryptography |
| Public-key algorithms are based on (BLANK) | simple operations on bit pattern |
| The purpose of the (BLANK) algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages | DSS algorithm |
| An important element in many computer security services and applications is the use of (BLANK) | cryptographic algorithms |
| Some form of (BLANK) is needed for public-key distribution | protocol |
| Recognition by fingerprint, retina, and face are examples of (BLANK) | Biometric authentication |
| A (BLANK) is a password guessing program | A password cracker |
| The (BLANK) strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords | User Education |
| A (BLANK) strategy is one in which the system periodically runs its own password cracker to find guessable passwords | Reactive Password Checking |
| The most common means of human-to-human identification are (BLANK) | Facial Recognition |
| (BLANK) systems identify features of the hand, including shape, and lengths and widths of fingers | Hand Geometry |
| Each individual who is to be included in the database of authorized users must first be (BLANK) in the system | Enrolled |
| To counter threats to remote user authentication, systems generally rely on some form of (BLANK) protocol | Challenge and Response |
| A (BLANK) is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path | Client Attack |
| A (BLANK) is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored | Host Attack |
| A (BLANK) attack involves an adversary repeating a previously captured user response | Replay |
| An institution that issues debit cards to cardholders and is responsible for the cardholder’s account and authorizing transactions is the (BLANK) | Issuer |
| (BLANK) allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide | EFT |
| (BLANK) is the fundamental building block and the primary line of defense | user authentication |
| (BLANK) is the means of establishing the validity of a claimed identity provided by a user | Identification |
| Depending on the details of the overall authentication system, the (BLANK) issues some sort of electronic credential to the subscriber | registration authority |
| Many users choose a (BLANK) that is too short or too easy to guess | passsword |
| (BLANK) is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic | User authentication |
| A good technique for choosing a password is to use the (BLANK) of each word of a phrase | first letter |
| (BLANK) is the basis for most types of access control and for user accountability | User authentication |
| Depending on the application, (BLANK) on a biometric system involves either verification or identification | user authentication |
| A smart card contains an entire (BLANK) | microprocessor |
| Keylogging is a form of (BLANK) | host attack |
| In a (BLANK) some physical characteristic of the individual is mapped into a digital representation | biometric scheme |
| (BLANK) implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance | Access control |
| (BLANK) is verification that the credentials of a user or other system entity are valid | Authentication |
| (BLANK) is the granting of a right or permission to a system entity to access a system resource | Authorization |
| (BLANK) is the traditional method of implementing access control | DAC discretionary access control (letter by letter) |
| (BLANK) controls access based on comparing security labels with security clearances | MAC mandatory access control (letter by letter) |
| A concept that evolved out of requirements for military information security is (BLANK) | mandatory access control |
| A (BLANK) is an entity capable of accessing objects | subject |
| A(n) is a resource to which access is controlled | object |
| The final permission bit is the (BLANK) bit | Sticky |
| (BLANK) is based on the roles the users assume in a system rather than the user’s identity | RBAC (letter by letter) |
| A (BLANK) is a named job function within the organization that controls this computer system | role |
| (BLANK) provide a means of adapting RBAC to the specifics of administrative and security policies in an organization | Constraints |
| (BLANK) refers to setting a maximum number with respect to roles | Cardinality |
| Subject attributes, object attributes and environment attributes are the three types of attributes in the (BLANK) model | ABAC (learn letter for letter) |
| The (BLANK) component deals with the management and control of the ways entities are granted access to resources | access management |
| (BLANK) is the central element of computer security | Access control |
| The (BLANK) function determines who is trusted for a given purpose | authentication |
| An (BLANK) monitors and keeps a record of user accesses to system resources | auditing function |
| External devices such as firewalls (BLANK) provide access control services | cannot |
| The (BLANK) of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner | The principal objectives |
| (BLANK) indicate which system entities are eligible to access certain resources | Security labels |
| A user may belong to multiple (BLANK) | groups |
| An (BLANK) describes the way in which a subject may access an object | access right |
| The (BLANK) should always follow the rule of least privilege or read-only access | default set of rights |
| A user program executes in a (BLANK) in which certain areas of memory are protected from the user’s use and certain instructions may not be executed | user mode |
| Any program that is owned by, and SetUID to, the “superuser” potentially grants (BLANK) access to the system to any user executing that program | unrestricted |
| Traditional RBAC systems define the access rights (BLANK) | of individual users and groups of users |
| A (BLANK) is a defined relationship among roles or a condition related to roles | A constraint |
| An (BLANK) model can define authorizations that express conditions on properties of both the resource and the subject | An ABAC |
| A(n) (BLANK) is a structured collection of data stored for use by one or more applications | database |
| The basic building block of a (BLANK) is a table of data, consisting of rows and columns, similar to a spreadsheet | relational database |
| In relational database parlance, the basic building block is a (BLANK) which is a flat table | relation |
| In a relational database rows are referred to as (BLANK) | primary key |
| A (BLANK) is defined to be a portion of a row used to uniquely identify a row in a table | primary key |
| A (BLANK) is a virtual table | view |
| A(n) (BLANK) is a user who has administrative responsibility for part or all of the database | administrator |
| An end user who operates on database objects via a particular application but does not own any of the database objects is the (BLANK) | end user other than application owner |
| (BLANK) is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received | Inference |
| A (BLANK) is the portion of the data center that houses data processing equipment | computer room |
| (BLANK) houses cross-connects and active equipment for distributing cable to the equipment distribution area | tuples |
| (BLANK) is an organization that produces data to be made available for controlled release, either within the organization or to external users | data owner |
| (BLANK) is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients | Server |
| (BLANK) specifies the minimum requirements for telecommunications infrastructure of data centers | TIA-492 |
| A query language provides a (BLANK) interface to the database | Uniform |
| A single countermeasure is (BLANK) for SQLi attacks | Sufficient |
| To create a relationship between two tables, the attributes that define the primary key in one table must appear as attributes in another table, where they are referred to as a (BLANK) | foreign key |
| The value of a primary key must be (BLANK) for each tuple of its table | unique |
| A foreign key value can appear (BLANK) times in a table | multiple |
| A view (BLANK) provide restricted access to a relational database so it (BLANK) be used for security purposes | Cannot |
| The (BLANK) makes use of the database description tables to manage the physical database | Database management system |
| Two (BLANK) to database encryption are key management and inflexibility | disadvantages |
| Fixed (BLANK) roles operate at the level of an individual database | Server |
| (BLANK) allows users to create roles that can then be assigned access rights to portions of the database | SQL server |
| A (BLANK) generally includes backup power supplies | Data center |
| (BLANK) security of the data center itself includes barriers to entry, coupled with authentication techniques for gaining physical access | Site |
| (BLANK) security is extremely important in a facility in which such a large collection of assets is concentrated in a single place and accessible by external network connections | Network |
| Security specifically tailored to (BLANK) is an increasingly important component of an overall organizational security strategy | Databases |
| (BLANK) becomes the last line of defense in database security | Encryption |
Created by:
Catst