Bash, the Crucial Exams Chat Bot
AI Bot
SSCP - Cryptography Basics Flashcards
ISC2 Systems Security Certified Practitioner (SSCP) Flashcards
| Front | Back |
| What does a salt do in cryptography | Adds random data to passwords before hashing to protect against precomputed attacks like rainbow tables |
| What is a brute force attack | An attempt to crack a cryptographic key or password by trying all possible combinations |
| What is a cryptographic hash function | A mathematical algorithm that generates a fixed-size string of characters (hash) from an input, which is irreversible |
| What is a cryptographic key | An essential piece of information that determines the output of a cryptographic algorithm |
| What is a digital signature | A cryptographic mechanism used to confirm the authenticity and integrity of a message or document |
| What is a man-in-the-middle (MITM) attack | When an attacker intercepts and possibly alters communication between two parties without their knowledge |
| What is asymmetric encryption | A type of encryption that uses a pair of keys: a public key for encryption and a private key for decryption |
| What is block cipher encryption | A method of encryption that divides plaintext into fixed-size blocks and encrypts each block separately |
| What is ciphertext | Encrypted data resulting from the application of a cryptographic algorithm to plaintext |
| What is cryptography | The practice of securing information by transforming it into an unreadable format to protect it from unauthorized access |
| What is decryption | The process of converting ciphertext back into plaintext using a corresponding decryption algorithm |
| What is Elliptic Curve Cryptography (ECC) | An encryption method based on the algebraic structure of elliptic curves, offering strong security with smaller keys |
| What is encryption | The process of converting plaintext into ciphertext to prevent unauthorized access |
| What is entropy in cryptographic terms | A measure of randomness or unpredictability in cryptographic systems |
| What is key management | The process of handling cryptographic keys securely throughout their lifecycle |
| What is non-repudiation in cryptographic terms | A guarantee that the sender of a message cannot deny sending it and the recipient cannot deny receiving it |
| What is Perfect Forward Secrecy (PFS) | A property of encryption protocols ensuring that if a private key is compromised, past communications remain secure |
| What is plaintext | Original readable data or message before encryption |
| What is Public Key Infrastructure (PKI) | A framework for managing digital certificates and public-key encryption to secure communications and data |
| What is RSA encryption | An asymmetric encryption algorithm widely used for secure data transmission |
| What is Steganography | Hiding data within other data, such as embedding a secret message within an image or audio file |
| What is stream cipher encryption | A method of encryption that encrypts plaintext one bit or byte at a time in sequence |
| What is symmetric encryption | A type of encryption where the same key is used for both encryption and decryption |
| What is the Advanced Encryption Standard (AES) | A widely used symmetric encryption algorithm known for its strength and efficiency |
| What is the Data Encryption Standard (DES) | An older symmetric encryption algorithm now considered insecure due to its small key size |
| What is the difference between cryptography and steganography | Cryptography protects the content of a message, while steganography hides its existence |
| What is the difference between encryption and hashing | Encryption is reversible with a key, while hashing is a one-way function and irreversible |
| What is the difference between public and private keys | The public key is used for encryption and shared openly, while the private key is kept secret and used for decryption |
| What is the main function of a digital certificate | To verify the identity of a person, system, or organization and bind that identity to a cryptographic public key |
| What is the main weakness of a one-time pad | Key management and distribution due to the requirement for a unique, random key per message exchange |
| What is the primary advantage of asymmetric encryption | Eliminates the need for secure key distribution as the public key can be shared openly |
| What is the primary advantage of symmetric encryption | Simplicity and faster performance compared to asymmetric encryption |
| What is the primary purpose of a hash function | To ensure data integrity by detecting changes to the original input data |
| What is the principle of availability in cryptography | Ensuring that information and systems remain accessible to authorized users when needed |
| What is the principle of confidentiality in cryptography | Ensuring that information is only accessible to authorized parties |
| What is the principle of integrity in cryptography | Ensuring that information has not been altered or tampered with during transmission or storage |
| What is the purpose of a key exchange protocol | To securely exchange cryptographic keys between parties over an insecure communication channel |
| What is the purpose of a one-time pad in cryptography | A method of encryption considered unbreakable when used correctly, requiring a random key as long as the plaintext |
| What is the purpose of Transport Layer Security (TLS) | To provide secure communication over a network by encrypting the data in transit |
| What is the role of a Certificate Authority (CA) | An entity that issues and manages digital certificates to ensure they are trustworthy |
Front
What is symmetric encryption
Click the card to flip
Back
A type of encryption where the same key is used for both encryption and decryption
Front
What is the Data Encryption Standard (DES)
Back
An older symmetric encryption algorithm now considered insecure due to its small key size
Front
What is the purpose of a key exchange protocol
Back
To securely exchange cryptographic keys between parties over an insecure communication channel
Front
What is the role of a Certificate Authority (CA)
Back
An entity that issues and manages digital certificates to ensure they are trustworthy
Front
What is a man-in-the-middle (MITM) attack
Back
When an attacker intercepts and possibly alters communication between two parties without their knowledge
Front
What is encryption
Back
The process of converting plaintext into ciphertext to prevent unauthorized access
Front
What is the difference between cryptography and steganography
Back
Cryptography protects the content of a message, while steganography hides its existence
Front
What is Elliptic Curve Cryptography (ECC)
Back
An encryption method based on the algebraic structure of elliptic curves, offering strong security with smaller keys
Front
What is Public Key Infrastructure (PKI)
Back
A framework for managing digital certificates and public-key encryption to secure communications and data
Front
What is non-repudiation in cryptographic terms
Back
A guarantee that the sender of a message cannot deny sending it and the recipient cannot deny receiving it
Front
What is Perfect Forward Secrecy (PFS)
Back
A property of encryption protocols ensuring that if a private key is compromised, past communications remain secure
Front
What is decryption
Back
The process of converting ciphertext back into plaintext using a corresponding decryption algorithm
Front
What is the difference between public and private keys
Back
The public key is used for encryption and shared openly, while the private key is kept secret and used for decryption
Front
What is the primary purpose of a hash function
Back
To ensure data integrity by detecting changes to the original input data
Front
What is entropy in cryptographic terms
Back
A measure of randomness or unpredictability in cryptographic systems
Front
What is the purpose of Transport Layer Security (TLS)
Back
To provide secure communication over a network by encrypting the data in transit
Front
What is the principle of confidentiality in cryptography
Back
Ensuring that information is only accessible to authorized parties
Front
What is the Advanced Encryption Standard (AES)
Back
A widely used symmetric encryption algorithm known for its strength and efficiency
Front
What is cryptography
Back
The practice of securing information by transforming it into an unreadable format to protect it from unauthorized access
Front
What is key management
Back
The process of handling cryptographic keys securely throughout their lifecycle
Front
What is a brute force attack
Back
An attempt to crack a cryptographic key or password by trying all possible combinations
Front
What is a cryptographic key
Back
An essential piece of information that determines the output of a cryptographic algorithm
Front
What is the primary advantage of asymmetric encryption
Back
Eliminates the need for secure key distribution as the public key can be shared openly
Front
What is stream cipher encryption
Back
A method of encryption that encrypts plaintext one bit or byte at a time in sequence
Front
What is RSA encryption
Back
An asymmetric encryption algorithm widely used for secure data transmission
Front
What is the main weakness of a one-time pad
Back
Key management and distribution due to the requirement for a unique, random key per message exchange
Front
What does a salt do in cryptography
Back
Adds random data to passwords before hashing to protect against precomputed attacks like rainbow tables
Front
What is plaintext
Back
Original readable data or message before encryption
Front
What is asymmetric encryption
Back
A type of encryption that uses a pair of keys: a public key for encryption and a private key for decryption
Front
What is Steganography
Back
Hiding data within other data, such as embedding a secret message within an image or audio file
Front
What is the difference between encryption and hashing
Back
Encryption is reversible with a key, while hashing is a one-way function and irreversible
Front
What is the principle of availability in cryptography
Back
Ensuring that information and systems remain accessible to authorized users when needed
Front
What is block cipher encryption
Back
A method of encryption that divides plaintext into fixed-size blocks and encrypts each block separately
Front
What is the main function of a digital certificate
Back
To verify the identity of a person, system, or organization and bind that identity to a cryptographic public key
Front
What is the purpose of a one-time pad in cryptography
Back
A method of encryption considered unbreakable when used correctly, requiring a random key as long as the plaintext
Front
What is a cryptographic hash function
Back
A mathematical algorithm that generates a fixed-size string of characters (hash) from an input, which is irreversible
Front
What is the principle of integrity in cryptography
Back
Ensuring that information has not been altered or tampered with during transmission or storage
Front
What is ciphertext
Back
Encrypted data resulting from the application of a cryptographic algorithm to plaintext
Front
What is the primary advantage of symmetric encryption
Back
Simplicity and faster performance compared to asymmetric encryption
Front
What is a digital signature
Back
A cryptographic mechanism used to confirm the authenticity and integrity of a message or document
1/40
This deck explains cryptographic principles, encryption techniques, and methods for securing communications and data integral to the SSCP exam.