11- Name the three goals of information security. (This is not the same as the t
ID: 3592170 • Letter: 1
Question
11- Name the three goals of information security. (This is not the same as the three properties of a secure system.)
12- What is the difference between identification and authentication?
13- - What are the three “factors” that can be used in authentication? (Just name them.)
14- A cryptographic hash algorithm is a one-way function; information processed with such a hash algorithm cannot later be recovered. Name one use for a cryptographic hash and briefly explain how the hash is used in your example. (There are several uses; I only want one of them.)
15- What would be the effect on public key cryptography if mathematicians discover an easy way of finding the prime factors of large numbers? Explain why.
16- In the Unites States, organizations sometimes use Social Security Number or a part of it as an authenticator. Is this a good or bad idea? Explain your answer.
17- Explain in detail why a public key embedded in a digital certificate is much harder to tamper with than the public key alone? (Hint: This question asks about the certificate, not about trusting a certificate authority.)
18- Distinguish between a vulnerability and an exploit.
19- What is the purpose of a key exchange algorithm? With what type of cryptosystem is such an algorithm needed?
20- Briefly describe how the techniques of public key cryptography can be used to implement a digital signature. Be sure you distinguish correctly the use of public and private keys.
21- Explain why using a computationally intensive (i.e. slow) hash algorithm is important when storing password data
22- Distinguish between authentication and authorization.
23- What is the principle of least privilege?
24- What is a default deny policy? (This is also called a “closed” policy in places in the textbook.)
25- Explain the difference between symmetric key encryption and asymmetric (public) key
Explanation / Answer
Answer 11) The three goals of Information Security are :
Answer 12)
Answer 14) The three factors which can be used for authentication are :
Answer 18) Vulnerabilty is basically that drawback of a system which allows the hacker or the unauthorised user to bypass the secuirty system and enter into the main system easily without even letting the security team know. It provides a direct window to enter. That section of the system is considered to be very weak in comparison to the others therefore could be easily breached.
Exploit is the actual act of breaching the vulnerabilities by the hackers in order to enter into the main system.
Identification Authorisation Is done at the initial level Is done after identification Does not grant permission for access as it just identifies the user grants access to the user if inputted credentials matche with the credentials stored in the system For example : Identification by a username For example : After entering username, asking for password and than allowing the access if matches.Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.