Bash, the Crucial Exams Chat Bot
AI Bot
SSCP - Cryptography Basics Flashcards
ISC2 Systems Security Certified Practitioner (SSCP) Flashcards
Study our SSCP - Cryptography Basics flashcards for the ISC2 Systems Security Certified Practitioner (SSCP) exam with 40+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| What does a salt do in cryptography | Adds random data to passwords before hashing to protect against precomputed attacks like rainbow tables |
| What is a brute force attack | An attempt to crack a cryptographic key or password by trying all possible combinations |
| What is a cryptographic hash function | A mathematical algorithm that generates a fixed-size string of characters (hash) from an input, which is irreversible |
| What is a cryptographic key | An essential piece of information that determines the output of a cryptographic algorithm |
| What is a digital signature | A cryptographic mechanism used to confirm the authenticity and integrity of a message or document |
| What is a man-in-the-middle (MITM) attack | When an attacker intercepts and possibly alters communication between two parties without their knowledge |
| What is asymmetric encryption | A type of encryption that uses a pair of keys: a public key for encryption and a private key for decryption |
| What is block cipher encryption | A method of encryption that divides plaintext into fixed-size blocks and encrypts each block separately |
| What is ciphertext | Encrypted data resulting from the application of a cryptographic algorithm to plaintext |
| What is cryptography | The practice of securing information by transforming it into an unreadable format to protect it from unauthorized access |
| What is decryption | The process of converting ciphertext back into plaintext using a corresponding decryption algorithm |
| What is Elliptic Curve Cryptography (ECC) | An encryption method based on the algebraic structure of elliptic curves, offering strong security with smaller keys |
| What is encryption | The process of converting plaintext into ciphertext to prevent unauthorized access |
| What is entropy in cryptographic terms | A measure of randomness or unpredictability in cryptographic systems |
| What is key management | The process of handling cryptographic keys securely throughout their lifecycle |
| What is non-repudiation in cryptographic terms | A guarantee that the sender of a message cannot deny sending it and the recipient cannot deny receiving it |
| What is Perfect Forward Secrecy (PFS) | A property of encryption protocols ensuring that if a private key is compromised, past communications remain secure |
| What is plaintext | Original readable data or message before encryption |
| What is Public Key Infrastructure (PKI) | A framework for managing digital certificates and public-key encryption to secure communications and data |
| What is RSA encryption | An asymmetric encryption algorithm widely used for secure data transmission |
| What is Steganography | Hiding data within other data, such as embedding a secret message within an image or audio file |
| What is stream cipher encryption | A method of encryption that encrypts plaintext one bit or byte at a time in sequence |
| What is symmetric encryption | A type of encryption where the same key is used for both encryption and decryption |
| What is the Advanced Encryption Standard (AES) | A widely used symmetric encryption algorithm known for its strength and efficiency |
| What is the Data Encryption Standard (DES) | An older symmetric encryption algorithm now considered insecure due to its small key size |
| What is the difference between cryptography and steganography | Cryptography protects the content of a message, while steganography hides its existence |
| What is the difference between encryption and hashing | Encryption is reversible with a key, while hashing is a one-way function and irreversible |
| What is the difference between public and private keys | The public key is used for encryption and shared openly, while the private key is kept secret and used for decryption |
| What is the main function of a digital certificate | To verify the identity of a person, system, or organization and bind that identity to a cryptographic public key |
| What is the main weakness of a one-time pad | Key management and distribution due to the requirement for a unique, random key per message exchange |
| What is the primary advantage of asymmetric encryption | Eliminates the need for secure key distribution as the public key can be shared openly |
| What is the primary advantage of symmetric encryption | Simplicity and faster performance compared to asymmetric encryption |
| What is the primary purpose of a hash function | To ensure data integrity by detecting changes to the original input data |
| What is the principle of availability in cryptography | Ensuring that information and systems remain accessible to authorized users when needed |
| What is the principle of confidentiality in cryptography | Ensuring that information is only accessible to authorized parties |
| What is the principle of integrity in cryptography | Ensuring that information has not been altered or tampered with during transmission or storage |
| What is the purpose of a key exchange protocol | To securely exchange cryptographic keys between parties over an insecure communication channel |
| What is the purpose of a one-time pad in cryptography | A method of encryption considered unbreakable when used correctly, requiring a random key as long as the plaintext |
| What is the purpose of Transport Layer Security (TLS) | To provide secure communication over a network by encrypting the data in transit |
| What is the role of a Certificate Authority (CA) | An entity that issues and manages digital certificates to ensure they are trustworthy |
About the Flashcards
Flashcards for the ISC2 Systems Security Certified Practitioner (SSCP) exam reinforce core cryptography vocabulary and concepts students need to master. Card topics include definitions of plaintext and ciphertext, encryption and decryption processes, symmetric and asymmetric algorithms, block and stream ciphers, and common algorithms such as AES, DES, RSA, elliptic curve cryptography, and steganography basics.
Cards also cover hashing, digital signatures and certificates, public key infrastructure and key management, the CIA principles and non-repudiation, entropy and salts, key exchange and Perfect Forward Secrecy, plus common threats like brute force and man-in-the-middle attacks and protections such as TLS.
Topics covered in this flashcard deck:
- Cryptography fundamentals
- Encryption and decryption
- Symmetric vs asymmetric
- Hashes and digital signatures
- Key management and PKI
- Attacks and protections