Scribd
Upload
50 views

Authentication of Its Origin and Confidentiality and Privacy Have The

The document discusses various concepts related to information security including confidentiality, privacy, authentication, encryption techniques, access controls, and policies. It defines confidentiality as preventing disclosure to unauthorized individuals and privacy as being protected from unsanctioned observation. Encryption using transposition changes the order of plaintext elements according to some rule while encryption using substitution replaces plaintext elements with ciphertext elements according to some rule.

Uploaded by

1fetter1
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
50 views

Authentication of Its Origin and Confidentiality and Privacy Have The

The document discusses various concepts related to information security including confidentiality, privacy, authentication, encryption techniques, access controls, and policies. It defines confidentiality as preventing disclosure to unauthorized individuals and privacy as being protected from unsanctioned observation. Encryption using transposition changes the order of plaintext elements according to some rule while encryption using substitution replaces plaintext elements with ciphertext elements according to some rule.

Uploaded by

1fetter1
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Information security might be considered too narrow a term, since it actually involves securing information and______________ Distinction is made

between protection of information and correctness of information (called ___________). Main challenge with asymmetric cryptography is ___________ the public key of the other entity. Before a message is accepted by a recipient of it, the recipient needs authentication of its origin and ________________ Confidentiality and Privacy have the same meaning?

Information Systems

Authentication

Authenticating

Authentication of Data

No they do not

Confidentiality is.

Quality/State of information. Prevents disclosure to unauthorized individuals.

Privacy is..

State of being from unsanctioned observation.

Non-repudiation prevents unauthorized entities from knowing the origin of message. Security policies are the (1)__________ control to execute, but the (2)____________ to implement properly.

False

(1) Least Expensive (2) Hardest

Asymmetric encryption, confidentiality of No false it does not. a public key provides confidentiality of a message. Three communities of interest identified in book are (1)Management and Professionals, (2)Information Technology, and (3)______________ The rest of organization

Failure rate over time for population of manufactured devices may be depicted graphically as a__________ Denial of Service Attack is an attempt to violate the ____________of an information system. Mandatory access control allows a user to grant some or all her rights to other users.

Bathtub Curve

Availability

False

The Simple Security Property says

A user with medium clearance will not be able to read things from a higher clearance

The star property says

User with a high clearance will not be able to write to the user with medium clearance. Information is from who you believe its from. Not fabrication to fuck you.

Authentication of Origin..

Person enters password correctly, but gets rejected. This is.

False Negative

Discretionary Access Controls is

Type of data access control in which data users are allowed to grant access to their peers. The order of the elements in a plaintext set is changed. According to some rule includes key value in this operation. Circus -> ircusc Elements of plaintext set is replaced with an element from a ciphertext set, according to some rule and possibly the key value (1) The problem is defined by the customers mission (2) (3)

What is encryption using transposition?

What is encryption using substitution?

Three important principles of IATF?

Three different types of policy in (NIST)

-Issue-specific -Program -System-specific -Incident Response Plan -Disaster recovery plan -Business continuity plan 1. Cost savings do not have to run physical 2. security-tunnel mode and

The 3 types of contingency plans

2 Important characteristics of VPN

4 types of harm

Disclosure

Disclosure Loss or modification Denial of service Repudiation loss of confidentiality

Loss or modification

loss of integrity

Denial of service

loss of availability

Repudiation

loss of authentication

Risk identification: steps in the process

Understanding our assets and the threats we face

Plan and organize the process Categorize system components Inventory and categorize assets Identify threats Specify vulnerable assets enables us to search for vulnerabilities.

Three types of policy

Program Issue-Specific System-Specific

You might also like