CNS UNIT 1
Introduction Cryptography and Network Security
2 marks
What is Active Attack?
An intrusion into a computer network which attempts to delete or modify the data stored on the computers which form part of the network. This is one of the most serious forms of attack since many companies' operations critically depend on data.
What is Passive attack?
An intrusion into a computer network which reads the data passing along some of the transmission lines without modifying it.
Differentiate active and passive attack
S.No Active Attack Passive Attack
1 An intrusion into a computer network which attempts to delete or modify the data stored on the computers which form part of the network An intrusion into a computer network which reads the data passing along some of the transmission lines without modifying it.
2 Identify the intrusion because of modification and difficult to prevent active attacks,because of wide variety of potential physical ,software and network vulnerabilites. Difficult to detect ,measures are available to prevent their success.
Define Authentication
Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity, such as a smart card, retina scan, voice recognition, or fingerprints. Authentication is equivalent to showing your drivers license at the ticket counter at the airport.
Define Authorization
Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. Authorization is equivalent to checking the guest list at an exclusive party, or checking for your ticket when you go to the opera.
What is Access control?
Access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.
What is data integrity?
Integrity, in terms of data and network security, is the assurance that information can only be accessed or modified by those authorized to do so. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust, and electrical surges.
What is Confidentiality?
Data confidentiality refers to the property that information is not made available or disclosed to unauthorized individuals, entities, or processes. Thus, data confidentiality services provide for the protection of data from unauthorized disclosure.
Define Non repudiation
Define the terms denial of service ,Replay attack, Modification of messages.
What is traffic analysis?
2 marks
What is Active Attack?
An intrusion into a computer network which attempts to delete or modify the data stored on the computers which form part of the network. This is one of the most serious forms of attack since many companies' operations critically depend on data.
What is Passive attack?
An intrusion into a computer network which reads the data passing along some of the transmission lines without modifying it.
Differentiate active and passive attack
S.No Active Attack Passive Attack
1 An intrusion into a computer network which attempts to delete or modify the data stored on the computers which form part of the network An intrusion into a computer network which reads the data passing along some of the transmission lines without modifying it.
2 Identify the intrusion because of modification and difficult to prevent active attacks,because of wide variety of potential physical ,software and network vulnerabilites. Difficult to detect ,measures are available to prevent their success.
Define Authentication
Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity, such as a smart card, retina scan, voice recognition, or fingerprints. Authentication is equivalent to showing your drivers license at the ticket counter at the airport.
Define Authorization
Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. Authorization is equivalent to checking the guest list at an exclusive party, or checking for your ticket when you go to the opera.
What is Access control?
Access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.
What is data integrity?
Integrity, in terms of data and network security, is the assurance that information can only be accessed or modified by those authorized to do so. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust, and electrical surges.
What is Confidentiality?
Data confidentiality refers to the property that information is not made available or disclosed to unauthorized individuals, entities, or processes. Thus, data confidentiality services provide for the protection of data from unauthorized disclosure.
Define Non repudiation
Define the terms denial of service ,Replay attack, Modification of messages.
What is traffic analysis?
Comments
Post a Comment