Deck 1: Overview

The OSI security architecture provides a systematic framework for defining security attacks,mechanisms,and services.

The data integrity service inserts bits into gaps in a data stream to frustrate traffic analysis attempts.

Symmetric encryption is used to conceal the contents of blocks or streams of data of any size,including messages,files,encryption keys,and passwords.

Authentication protocols and encryption algorithms are examples of security mechanisms.

Security attacks are classified as either passive or aggressive.

The field of network and Internet security consists of measures to deter,prevent,detect and correct security violations that involve the transmission of information.

The OSI security architecture was not developed as an international standard,therefore causing an obstacle for computer and communication vendors when developing security features.

The emphasis in dealing with active attacks is on prevention rather than detection.

The connection- oriented integrity service addresses both message stream modification and denial of service.

Data origin authentication does not provide protection against the modification of data units.

All the techniques for providing security have two components: a security- related transformation on the information to be sent and some secret information shared by the two principals.

Patient allergy information is an example of an asset with a high requirement for integrity.

Security services include access control,data confidentiality and data integrity,but do not include authentication.

Information access threats intercept or modify data on behalf of users who should not have access to that data.

The more critical a component or service,the higher the level of required availability.

The __________ service is concerned with assuring the recipient that the message is from the source that it claims to be from.This service must also assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purposes of unauthorized transmission or reception.

"The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity,availability and confidentiality of information system resources" is the definition of _________ .

A loss of _________ is the unauthorized modification or destruction of information.

A ___________ is any process,or a device incorporating such a process,that is designed to detect,prevent,or recover from a security attack.Examples are encryption algorithms,digital signatures and authentication protocols.

Irreversible __________ mechanisms include hash algorithms and message authentication codes,which are used in digital signature and message authentication applications.

A _________ attack attempts to learn or make use of information from the system but does not affect system resources.

Two specific authentication services defined in X.800 are peer entity authentication and _________ authentication.

In the United States,the release of student grade information is regulated by the __________ .

An __________ attack attempts to alter system resources or affect their operation.

A loss of __________ is the disruption of access to or use of information or an information system.

Viruses and worms are two examples of _________ attacks.Such attacks can be introduced into a system by means of a disk that contains the unwanted logic concealed in otherwise useful software.They can also be inserted into a system across a network.

__________ is the use of a trusted third party to assure certain properties of a data exchange.

An __________ is an assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system.

__________ prevents either sender or receiver from denying a transmitted message.Thus,when a message is sent,the receiver can prove that the alleged sender in fact sent the message and when a message is received,the sender can prove that the alleged receiver in fact received the message.

In the context of network security,___________ is the ability to limit and control the access to host systems and applications via communications links.