IT-SEC at Frankfurt University Of Applied Sciences | Flashcards & Summaries

Select your language

Suggested languages for you:
Log In Start studying!

Lernmaterialien für IT-SEC an der Frankfurt University of Applied Sciences

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen IT-SEC Kurs an der Frankfurt University of Applied Sciences zu.

TESTE DEIN WISSEN

spyware/adware

Lösung anzeigen
TESTE DEIN WISSEN

- is installed in a bundle of  programs

- analyzes behavior of user or displays ads

- loss of privacy, did user consent?

Lösung ausblenden
TESTE DEIN WISSEN

Safety vs security

Lösung anzeigen
TESTE DEIN WISSEN

safety - protection against negative consequences from legitimate action (nature)


security - protection against negative consequences from unauthorized actions

(intentional malice)


example: security door, security guard

Lösung ausblenden
TESTE DEIN WISSEN

Name all 5 security objects

Lösung anzeigen
TESTE DEIN WISSEN

Confidentiality

Integrity

Authenticity

Non Repuadation

Availability

Lösung ausblenden
TESTE DEIN WISSEN

explain three trust models

Lösung anzeigen
TESTE DEIN WISSEN

direct trust - user receives public key directly from holder (pairs)


web of trust - users mutually sign their public keys using a transitive trust model


hierarchical trust - public keys are managed by a central entitiy

Lösung ausblenden
TESTE DEIN WISSEN

kerckhoffs main principles

Lösung anzeigen
TESTE DEIN WISSEN

- the security of an encryption should not be based on the secrecy of an encryption algorithm, but instead on the secrecy of a so called key

- if algorithm falls into enemy hands, there should be no danger

- should be easy to use

- a system should not be probably secure but practically secure


Lösung ausblenden
TESTE DEIN WISSEN

What is ECB

Lösung anzeigen
TESTE DEIN WISSEN

plaintext gets broken down into blocks and will get encrypted with a key block by block


problem: same key is used, so two same blocks could be encrypted as the same -> attacker can see a pattern

Lösung ausblenden
TESTE DEIN WISSEN

Name security terms and explain them

Lösung anzeigen
TESTE DEIN WISSEN

threat, attack, vulnerability. asset, risk, sollte klar sein

security policy - z.B AGBs

Security concept - z.B how to implement 

security control - the actual implementation (security guard)

impact - positive / negative event


Lösung ausblenden
TESTE DEIN WISSEN

what are hash functions and their usage

Lösung anzeigen
TESTE DEIN WISSEN

hash functions map bit strings of any length to a bit string of a fixed length


used for:

- intregrity protections

- authentication of data and subject

- electronic signature


password are always stored as hash values


Lösung ausblenden
TESTE DEIN WISSEN

properties of hashfunctions

Lösung anzeigen
TESTE DEIN WISSEN

preimage resistance and collision resistance

Lösung ausblenden
TESTE DEIN WISSEN

anonymity vs pseudonymity

Lösung anzeigen
TESTE DEIN WISSEN

forum chatrooms with registration

matrikelnummer

Lösung ausblenden
TESTE DEIN WISSEN

pros cons symmetric and asymmetric cryptosystems

Lösung anzeigen
TESTE DEIN WISSEN

sym: 

pro - low complexity, high effienciency

con - complex key distribution


asym:

pro - simple key distribution

con - higher complexity, low effiency 

Lösung ausblenden
TESTE DEIN WISSEN

trojans

Lösung anzeigen
TESTE DEIN WISSEN

- software that looks like a regular software but has hidden functionalities that are in background

- needs cooperation from user (initial installation)

Lösung ausblenden
  • 35172 Karteikarten
  • 1383 Studierende
  • 10 Lernmaterialien

Beispielhafte Karteikarten für deinen IT-SEC Kurs an der Frankfurt University of Applied Sciences - von Kommilitonen auf StudySmarter erstellt!

Q:

spyware/adware

A:

- is installed in a bundle of  programs

- analyzes behavior of user or displays ads

- loss of privacy, did user consent?

Q:

Safety vs security

A:

safety - protection against negative consequences from legitimate action (nature)


security - protection against negative consequences from unauthorized actions

(intentional malice)


example: security door, security guard

Q:

Name all 5 security objects

A:

Confidentiality

Integrity

Authenticity

Non Repuadation

Availability

Q:

explain three trust models

A:

direct trust - user receives public key directly from holder (pairs)


web of trust - users mutually sign their public keys using a transitive trust model


hierarchical trust - public keys are managed by a central entitiy

Q:

kerckhoffs main principles

A:

- the security of an encryption should not be based on the secrecy of an encryption algorithm, but instead on the secrecy of a so called key

- if algorithm falls into enemy hands, there should be no danger

- should be easy to use

- a system should not be probably secure but practically secure


Mehr Karteikarten anzeigen
Q:

What is ECB

A:

plaintext gets broken down into blocks and will get encrypted with a key block by block


problem: same key is used, so two same blocks could be encrypted as the same -> attacker can see a pattern

Q:

Name security terms and explain them

A:

threat, attack, vulnerability. asset, risk, sollte klar sein

security policy - z.B AGBs

Security concept - z.B how to implement 

security control - the actual implementation (security guard)

impact - positive / negative event


Q:

what are hash functions and their usage

A:

hash functions map bit strings of any length to a bit string of a fixed length


used for:

- intregrity protections

- authentication of data and subject

- electronic signature


password are always stored as hash values


Q:

properties of hashfunctions

A:

preimage resistance and collision resistance

Q:

anonymity vs pseudonymity

A:

forum chatrooms with registration

matrikelnummer

Q:

pros cons symmetric and asymmetric cryptosystems

A:

sym: 

pro - low complexity, high effienciency

con - complex key distribution


asym:

pro - simple key distribution

con - higher complexity, low effiency 

Q:

trojans

A:

- software that looks like a regular software but has hidden functionalities that are in background

- needs cooperation from user (initial installation)

IT-SEC

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten StudySmarter Kurse für deinen Studiengang IT-SEC an der Frankfurt University of Applied Sciences

Für deinen Studiengang IT-SEC an der Frankfurt University of Applied Sciences gibt es bereits viele Kurse, die von deinen Kommilitonen auf StudySmarter erstellt wurden. Karteikarten, Zusammenfassungen, Altklausuren, Übungsaufgaben und mehr warten auf dich!

Das sind die beliebtesten IT-SEC Kurse im gesamten StudySmarter Universum

IT Sec

Hochschule Karlsruhe

Zum Kurs
it sec

Hochschule München

Zum Kurs
IT-Sec

Technikum Wien

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden IT-SEC
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen IT-SEC