Study guides, Class notes & Summaries

Why is normalizing log data important in a centralized logging setup? its difficult to analyze abnormal logs log normalizing detects potential attacks the data must be decrypted before sending it to the log server uniformly formatted logs are easier to store and analyze its difficult to analyze abnormal logs; Incorrect Not quite. Normalization, in this context, means making the format of logs uniform between systems. What type of attacks does a flood guard protect against? Check all that...

Which of the following do asymmetric cryptosystems provide? Check all that apply. Authenticity Confidentiality Non-repudiation. Confidentiality is provided by the encryption and decryption functionality, while authenticity and non-repudiation are ensured by the signing and verification processes

How is authentication different from authorization? authentication is verifying an identity, authorization is verifying access to a resource; Authentication is proving that an entity is who they claim to be, while authorization is determining whether or not that entity is permitted to access resources. What are some characteristics of a strong password? Check all that apply, is at least eight characters long includes numbers and special characters; A strong password should contain a mix of...

Phishing, baiting, and tailgating are examples of ________ attacks. Malware Password Social engineering Network Social engineering An attacker could redirect your browser to a fake website login page using what kind of attack? Injection attack DNS cache poisoning attack DDoS attack SYN flood attack DNS cache poisoning attack A(n) _____ attack is meant to prevent legitimate traffic from reaching a service. Injection Password Denial of Service DNS Cache poisoning Denial of Service T...

What are the components that make up a cryptosystem? Check all that apply encryption algorithms decryption algorithms key generation algorithms; A cryptosystem is a collection of algorithms needed to operate an encryption service. This involves generating encryption keys, as well as encryption and decryption operations. What is steganography? the practice of hiding messages; Steganography involves hiding messages, but not encoding them. What makes an encryption algorithm symmetric? the s...

In the CIA Triad, "Confidentiality" means ensuring that data is: not accessible by unwanted parties In the CIA Triad, "Integrity" means ensuring that data is: accurate and wasn't tampered with

Authn is short for ________. Authentication. Authz (Authorization) Authorization is concerned with determining ______ to resources. access. Authorization deals with determining access to resources In addition to the client being authenticated by the server, certificate authentication also provides ______. Server authentication. The client will validate the server's certificate, thereby providing server authentication and client authentication. Kerberos uses _____ as authentication tokens....

Plaintext is the original message, while _____ is the encrypted message. Cyphertext The specific function of converting plaintext into ciphertext is called a(n) ______. x***** permutation Encryption algorithm Studying how often letters and pairs of letters occur in a language is referred to as _______. frequency analysis True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs. false The practice of hiding me...

In the CIA Triad, "Confidentiality" means ensuring that data is: not accessible by unwanted parties; "Confidentiality," in this context, means preventing unauthorized third parties from gaining access to the data. In the CIA Triad, "Integrity" means ensuring that data is: accurate and was not tampered with; "Integrity," in this context, means ensuring that the data remains intact, uncorrupted, and not tampered with. The data that gets sent is the exact same as the data that gets rec...

What is an attack vector? a mechanism by which an attacker can interact with your network or systems; An attack vector can be thought of as any route through which an attacker can interact with your systems and potentially attack them. Disabling unnecessary components serves which purposes? Check all that apply. closing attack vectors reducing the attack surface; Every unnecessary component represents a potential attack vector. The attack surface is the sum of all attack vectors. So, disab...