COMP 3704 Final
Encoding - correct answer purpose is to transform data so that it can be
represented in various formats and
consumed by end systems. The goal is not to keep data secret, it's to ensure that it
can be properly represented
Encryption - correct answer Data transformation with the sole purpose of
keeping the data secret.
Number Systems (Base) - correct answer The 'base' of a number system simply
indicates how many numbers are
possible in a single position before we have to move over to the next position
Binary - correct answer Base 2 (Valid digits are 0 and 1 only)
Octal - correct answer Base 8 (Valid digits 0 -7)
Decimal - correct answer Base 10 (Valid digits 0-9)
Hexadecimal - correct answer Base 16 (Valid digits are 0-9 and A-F)
Cryptography - correct answer Constructing and analyzing protocols that
prevent third parties or the public
from reading private messages
Cryptanalysis - correct answer Analyzing information systems in order to study
the hidden aspects
,Used to breach cryptographic security systems and gain access to the contents
of encrypted messages, even if cryptographic key is unknown
Cryptographic Primitives - correct answer Pseudo Random Number Generator
(PRNG)
One Way Hash Function
Digital Signature
Symmetric (AKA Private Key) Cryptography
Asymmetric (AKA Public Key) Cryptography
Encryption - correct answer Symmetric Encryption
One shared key
Asymmetric Encryption
One key-pair
One Private Key
One Public Key
Data - correct answer ---- can be any character, number, text, word, or binary
representation but is lacking context. ----- that is given context and meaning then becomes information
,Information - correct answer Any communication or representation of
knowledge.Such as facts, data, or opinions In any medium or form including but not limited to: textual,
numerical, graphic, cartographic, narrative audiovisual
Information System - correct answer Any organized system for the collection,
organization, storage and communication of information.. A discrete set of information resources
organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of
information.
Information Technology - correct answer Any equipment or interconnected
system or subsystem of equipment that is used in the automatic...
Acquisition Storage Management Movement Control
Display Switching Interchange Transmission Reception
Information Security - correct answer The practice of preventing unauthorized
access, use, disclosure, disruption, modification, inspection, recording or destruction of information
ROT-13 Cipher - correct answer Move character 13 places in it's alphabetic
position. A-Z = 1-26 . first/early form of a cipher and cryptography used by Ceaser
Communication Security: Enigma Machine - correct answer Invented at the
end of WWI. Used commercially in '20s, and by military/governments before & during WWII. Although it
had some cryptographic weaknesses, it failed due to operator mistakes, procedural flaws, and allied
capture of key table and hardware
Hackers - correct answer Technical experts; skilled, often young, computer
programmers, who almost whimsically probe the defenses of a computer system, searching out the
limits and the possibilities of the machine. Despite their seemingly subversive role, hackers are a
recognized asset in the computer industry, often highly prized.
Security threats - correct answer Spam Malware Botnets Social Engineering
Mainstream Viruses Hacking Tools
The CIA Triad: - correct answer Confidentiality, Integrity and Availability
, Confidentiality - correct answer The property that sensitive information is not
disclosed to unauthorized individuals, entities, or processes
Integrity - correct answer The property that sensitive data has not been
modified or deleted in an unauthorized and undetected manner
Availability - correct answer The property that information is accessible in a
timely and reliable manner
InfoSec Mechanisms - correct answer Authentication (AuthN) ,Authorization
(AuthZ), Non-Repudiation / Accounting
Authentication - correct answer Verify (with a certain level of confidence) the
identity of a user, process, device, or other entity. and Encompasses identity verification, message origin
authentication, and message content authentication.
Authorization - correct answer Grant and restrict information and system
privileges to a user, program, process, or other entity. Once you have been identified, what actions can
you perform?
Non-Repudiation - correct answer Protect against an individual falsely denying
having performed a particular action. Provides the capability to determine whether a given individual
took a particular action such as creating information, sending a message, approving information, and
receiving a message. How can the improper storage of passwords be a non-repudiation issue? If more
than one person knows the password at any time non-repudiation is nulled This includes system admins
storing passwords in the clear This also includes password complexity scanning and cracked passwords
Makes evidence against computer crimes less admissible in court
Prioritize the CIA properties for these types of information - correct answer
Your bank card PIN
An electronic money transfer / bill payment
Your healthcare records
Your laptop