Internet Security

avatar
Created by
Zak Whitaker

Cards (17)

  • What is a firewall?
    Hardware or software that controls access to and from a network
  • What is done during packet filtering?
    Packets of data is inspected by the firewall to check which port it is attempting to use
  • What happens if a packet is allowed through a packet filter?
    The port is opened for the duration of the connection, otherwise it is automatically rejected
  • What is the problem with packet filtering?
    Malware packets could be disguised as packets that are allowed through whitelisted ports
  • What happens during stateful inspection?
    The payload of a packet is examined before allowing access into a network
  • What is the function of proxy servers?
    They make web requests on behalf of your own computer, hiding the request IP address from the recipient
  • What is the function of a proxy server?
    • Enables anonymous surfing
    • Can be used to filter online content
    • Logs user data with their requests
    • Provides cache of a commonly used website
  • What is encryption?
    Encoding a plaintext message so that it cannot be deciphered unless you have a key to decrypt it
  • What is the problem with symmetric encryption?
    It is vulnerable to man in the middle attacks
  • What is a man in the middle attack?
    Where a third-party intercepts a key and uses it to decrypt a file that wasn't intended for them
  • An advantage of symmetric encryption is that it is relatively fast
  • Asymmetric encryption is used for email. The process is:
    • Recipients public key used to encrypt data
    • Data sent
    • Data received by recipient is decrypted with recipient's private key
  • What is hybrid encryption?
    The beginning of the session uses asymmetric encryption to share a private key for symmetric encryption. This is faster than asymmetric encyption
  • How is a digital signature created?
    Irreversibly reducing the unencrypted message to produce a hash, which is then encrypted with the sender's private key
  • What is the process of creating a digital signature?
    • Hash is calculated from file
    • Hash encrypted with sender's private key
    • Digital signature created
    • Digital signature attached to file
    • File encrypted with receivers public key
    • File sent
    • File decrypted with receiver's private key
    • Digital signature decrypted with sender's public key
    • Hash value recalculated and compared to ensure file is valid
  • What is a digital certificate, and when is it created?
    When a sender digitally signs a message, they also send their digital certificate.
    A trusted known as a Certificate Authority (CA) provides a digital certificate which includes:
    • A serial number
    • name of the CA
    • expiry date
    • name of holder
    • holder's public key
    • CA's digital signature used to verify validity of certificate
  • What are digital certificates used for?
    Verifying the identity of the owner of each public key