FBLA COMP CPU SCI: Cyber Security and Impact :1:@3
an intranet that can be partially accessed by authorized outside users, enabling businesses to exchange information over the Internet securely.
Typically, larger enterprises allow users within their intranet to access the public Internet through firewall servers that have the ability to screen messages in both directions so that company security is maintained. When part of an intranet is made accessible to customers, partners, suppliers, or others outside the company, that part becomes part of an extranet.
Extranet
public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party.
Public Key Infrastructure
use a computer to gain unauthorized access to data in a system
Hacking
The term "cracking" means trying to get into computer systems in order to steal, corrupt, or illegitimately view data. The popular press refers to such activities as hacking, but hackers see themselves as expert, elite programmers and maintain that such illegitimate activity should be called "cracking."
Cracking
a work or invention that is the result of creativity, such as a manuscript or a design, to which one has rights and for which one may apply for a patent, copyright, trademark, etc. Things your company doesn't want someone stealing basically.
Intellectual Property
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner.
Web of Trust
In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.
Certificate Authority
Digital signatures use public key cryptography. That being said, public key encryption by itself cannot be used for non-repudiation, so you'll always want digital signatures, regardless of which one is faster.
Public Key Encryption vs
Digital Signatures
Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. Example: On the Internet, a digital signature is used not only to ensure that a message or document has been electronically signed by the person that purported to sign the document, but also, since a digital signature can only be created by one person, to ensure that a person cannot later deny that they furnished the signature.
Non-repudiation
Challenge-Handshake Authentication Protocol (CHAP) authenticates a user or network host to an authenticating entity, such as an ISP.
CHAP
the Microsoft version of the Challenge-Handshake Authentication Protocol, CHAP. MS-CHAP is used as one authentication option in Microsoft's implementation of the PPTP protocol for virtual private networks. It is also used as an authentication option with RADIUS[2] servers which are used for WiFi security using the WPA-Enterprise protocol. It is further used as the main authentication option of the Protected Extensible Authentication Protocol (PEAP).
MS-CHAP
Password authentication protocol (PAP); PAP and CHAP are both used to authenticate PPP sessions and can be used with many VPNs. Basically, PAP works like a standard login procedure; the remote system authenticates itself to the using a static user name and password combination. The password can be encrypted for additional security, but PAP is subject to numerous attacks. In particular, since the information is static, it is subject to password guessing as well as snooping.
PAP
Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. RADIUS allows a company to maintain user profiles in a central database that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point. Easier to track services as well.
RADIUS
Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Kerberos is built in to all major operating systems, including Microsoft Windows, Apple OS X, FreeBSD and Linux.
Kerberos
Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.
EAP
PPP (Point-to-Point Protocol) refers to a family of computer networking protocols that provide a standard way to transport multiprotocol data over point-to-point links. PPP has three main components: a way to encapsulate multiprotocol datagrams; a Link Control Protocol to establish, configure and test the data-link connection; and a group of network control protocols that establish and configure different types of network-layer protocols.
PPP
"Redundant Array of Independent Disks." RAID is a method of storing data on multiple hard disks.
Raid 0: It's also known as "disk striping." With RAID 0, data is written across multiple disks. This means the work that the computer is doing is handled by multiple disks rather than just one, increasing performance.
Raid 1: is a fault-tolerance configuration known as "disk mirroring." With RAID 1, data is copied seamlessly and simultaneously, from one disk to another, creating a replica, or mirror. If one disk gets fried, the other can keep working. It's the simplest way to implement fault tolerance and it's relatively low cost.
Raid 5: RAID 5, data and parity (which is additional data used for recovery) are striped across three or more disks. If a disk gets an error or starts to fail, data is recreated from this distributed data and parity block— seamlessly and automatically. Most popular in businesses
Raid 10: a combination of RAID 1 and 0 and is often denoted as RAID 1+0. It combines the mirroring of RAID 1 with the striping of RAID 0. It's the RAID level that gives the best performance, but it is also costly, requiring twice as many disks as other RAID levels, for a minimum of four. This is the RAID level ideal for highly utilized database servers or any server that's performing many write operations.
RAID
Uninterruptible Power Supply, a power supply that includes a battery to maintain power in the event of a power outage
UPS
Makes a full copy of data and puts it on another media. Takes longer to perform a full backup so this are usually not done as often as the other backup types.
Full backup
Copies only the data that has changed since the last backup operation of any type. Takes less time and is used more often.
Incremental Backup
A differential backup operation is similar to an incremental the first time it is performed, in that it will copy all data changed from the previous backup. However, each time it is run afterwards, it will continue to copy all data changed since the previous full backup.
Differential Backup
a method of offsite data storage in which files, folders, or the entire contents of a hard drive are regularly backed up on a remote server or computer with a network connection. Helpful if main servers hardware are destroyed or attacked.
Remote Backup
Risk mitigation planning is the process of developing options and actions to enhance opportunities and reduce threats to project objectives. Risk mitigation implementation is the process of executing risk mitigation actions. Risk mitigation progress monitoring includes tracking identified risks, identifying new risks, and evaluating risk process effectiveness throughout the project.
Risk Mitigation Planning
Cryptography is a method of storing and transmitting data in a particular obfuscated form so that only those for whom it is intended can read and process it.
Cryptography
Triple DES uses three individual keys with 56 bits each. The total key length adds up to 168 bits, but experts would argue that 112-bits in key strength is more like it.
Triple DES (Encryption)
a public-key encryption algorithm, RSA is considered an asymmetric algorithm due to its use of a pair of keys. You've got your public key, which is what we use to encrypt our message, and a private key to decrypt it. The result of RSA encryption is a huge batch of mumbo jumbo that takes attackers quite a bit of time and processing power to break.
RSA (Encryption)
this symmetric cipher splits messages into blocks of 64 bits and encrypts them individually.
Blowfish (Encryption)
Keys used in this algorithm may be up to 256 bits in length and as a symmetric technique, only one key is needed.
Twofish (Encryption)
algorithm trusted as the standard by the U.S. Government and numerous organizations. Although it is extremely efficient in 128-bit form, AES also uses keys of 192 and 256 bits for heavy duty encryption purposes.
AES (Encryption)
The Data Encryption Standard (DES) is a symmetric-key block cipher. DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only)
DES (Encryption)