Bash, the Crucial Exams Chat Bot
AI Bot
SSCP - Cryptography Basics Flashcards
ISC2 Systems Security Certified Practitioner (SSCP) Flashcards
| Front | Back |
| What does a salt do in cryptography | Adds random data to passwords before hashing to protect against precomputed attacks like rainbow tables |
| What is a brute force attack | An attempt to crack a cryptographic key or password by trying all possible combinations |
| What is a cryptographic hash function | A mathematical algorithm that generates a fixed-size string of characters (hash) from an input, which is irreversible |
| What is a cryptographic key | An essential piece of information that determines the output of a cryptographic algorithm |
| What is a digital signature | A cryptographic mechanism used to confirm the authenticity and integrity of a message or document |
| What is a man-in-the-middle (MITM) attack | When an attacker intercepts and possibly alters communication between two parties without their knowledge |
| What is asymmetric encryption | A type of encryption that uses a pair of keys: a public key for encryption and a private key for decryption |
| What is block cipher encryption | A method of encryption that divides plaintext into fixed-size blocks and encrypts each block separately |
| What is ciphertext | Encrypted data resulting from the application of a cryptographic algorithm to plaintext |
| What is cryptography | The practice of securing information by transforming it into an unreadable format to protect it from unauthorized access |
| What is decryption | The process of converting ciphertext back into plaintext using a corresponding decryption algorithm |
| What is Elliptic Curve Cryptography (ECC) | An encryption method based on the algebraic structure of elliptic curves, offering strong security with smaller keys |
| What is encryption | The process of converting plaintext into ciphertext to prevent unauthorized access |
| What is entropy in cryptographic terms | A measure of randomness or unpredictability in cryptographic systems |
| What is key management | The process of handling cryptographic keys securely throughout their lifecycle |
| What is non-repudiation in cryptographic terms | A guarantee that the sender of a message cannot deny sending it and the recipient cannot deny receiving it |
| What is Perfect Forward Secrecy (PFS) | A property of encryption protocols ensuring that if a private key is compromised, past communications remain secure |
| What is plaintext | Original readable data or message before encryption |
| What is Public Key Infrastructure (PKI) | A framework for managing digital certificates and public-key encryption to secure communications and data |
| What is RSA encryption | An asymmetric encryption algorithm widely used for secure data transmission |
| What is Steganography | Hiding data within other data, such as embedding a secret message within an image or audio file |
| What is stream cipher encryption | A method of encryption that encrypts plaintext one bit or byte at a time in sequence |
| What is symmetric encryption | A type of encryption where the same key is used for both encryption and decryption |
| What is the Advanced Encryption Standard (AES) | A widely used symmetric encryption algorithm known for its strength and efficiency |
| What is the Data Encryption Standard (DES) | An older symmetric encryption algorithm now considered insecure due to its small key size |
| What is the difference between cryptography and steganography | Cryptography protects the content of a message, while steganography hides its existence |
| What is the difference between encryption and hashing | Encryption is reversible with a key, while hashing is a one-way function and irreversible |
| What is the difference between public and private keys | The public key is used for encryption and shared openly, while the private key is kept secret and used for decryption |
| What is the main function of a digital certificate | To verify the identity of a person, system, or organization and bind that identity to a cryptographic public key |
| What is the main weakness of a one-time pad | Key management and distribution due to the requirement for a unique, random key per message exchange |
| What is the primary advantage of asymmetric encryption | Eliminates the need for secure key distribution as the public key can be shared openly |
| What is the primary advantage of symmetric encryption | Simplicity and faster performance compared to asymmetric encryption |
| What is the primary purpose of a hash function | To ensure data integrity by detecting changes to the original input data |
| What is the principle of availability in cryptography | Ensuring that information and systems remain accessible to authorized users when needed |
| What is the principle of confidentiality in cryptography | Ensuring that information is only accessible to authorized parties |
| What is the principle of integrity in cryptography | Ensuring that information has not been altered or tampered with during transmission or storage |
| What is the purpose of a key exchange protocol | To securely exchange cryptographic keys between parties over an insecure communication channel |
| What is the purpose of a one-time pad in cryptography | A method of encryption considered unbreakable when used correctly, requiring a random key as long as the plaintext |
| What is the purpose of Transport Layer Security (TLS) | To provide secure communication over a network by encrypting the data in transit |
| What is the role of a Certificate Authority (CA) | An entity that issues and manages digital certificates to ensure they are trustworthy |
This deck explains cryptographic principles, encryption techniques, and methods for securing communications and data integral to the SSCP exam.