Cysec1 at Universität Des Saarlandes | Flashcards & Summaries

Select your language

Suggested languages for you:
Log In Start studying!

Lernmaterialien für Cysec1 an der Universität des Saarlandes

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen Cysec1 Kurs an der Universität des Saarlandes zu.

TESTE DEIN WISSEN

Is storing the password encrypted with a key secure?

Lösung anzeigen
TESTE DEIN WISSEN

yes, because the attacker can't see the passwords.

Lösung ausblenden
TESTE DEIN WISSEN

How to mitigate the attacks that rely on UDP spoofing such as reflected DoS and amplification attacks?

Lösung anzeigen
TESTE DEIN WISSEN

The first router on the way of the spoofed packet which belongs to the ISP can detect UDP spoofing or the route recording in the IP header options, which is in most cases infeasible due to the lack of size capability of the IP header options.

Lösung ausblenden
TESTE DEIN WISSEN

What does CIA stand for?

Lösung anzeigen
TESTE DEIN WISSEN

C: confidentiality 

I: integrity 

A: availability

Lösung ausblenden
TESTE DEIN WISSEN

What is accountability? 

Lösung anzeigen
TESTE DEIN WISSEN

The ability to undeniably trace back actions to a unique entity.

Lösung ausblenden
TESTE DEIN WISSEN

What is authenticity? 

Lösung anzeigen
TESTE DEIN WISSEN

It's the property of being genuine and able to be verified and trusted.

Digital signatures are a way to achieve it.

Lösung ausblenden
TESTE DEIN WISSEN

What is non-repudiation?

Lösung anzeigen
TESTE DEIN WISSEN

It's the inability to dispute that a certain action was taken by an entity.  

Lösung ausblenden
TESTE DEIN WISSEN

What is unlinkability?

Lösung anzeigen
TESTE DEIN WISSEN

The inability to link to entities who are in fact the same (E.g.: across two different platforms).

Lösung ausblenden
TESTE DEIN WISSEN

What is anonymity?

Lösung anzeigen
TESTE DEIN WISSEN

The ability to be unidentified for certain actions.

Lösung ausblenden
TESTE DEIN WISSEN

What are the security goals?

Lösung anzeigen
TESTE DEIN WISSEN

Confidentiality, integrity, availability, accountability, authenticity, non-repudiation, anonymity and unlinkability.

Some of these concepts cannot meet (E.g.: accountability and anonymity).

Lösung ausblenden
TESTE DEIN WISSEN

What are the laws against the violation of the confidentiality of the data?

Lösung anzeigen
TESTE DEIN WISSEN

* 202a data espionage: 

1) Access protected data while unauthorized.

2) Only includes data that are not transmitted physically.


202b data interception: 

eavesdropping on the data that are not protected and non-public.


* 202c acts preparatory of data espionage and interception:

publish passwords, code or software tools that are used for the purposes mentioned in 202a and 202b.


* 202d handling stolen data:

procure data for personal enrichment or disseminate data to enrich third parties.

Lösung ausblenden
TESTE DEIN WISSEN

What are the laws against the violation of the integrity of the data?


Lösung anzeigen
TESTE DEIN WISSEN

303a data tempering:

if an unauthorized user deletes, suppresses, renders unusable or alters data.

the attempt is also punishable.


303b computer sabotage:

committing an offence under 303a on important data.

transmitting a lot of data with the intention of causing damage to another.

damaging, destroying, rendering unusable, removing or altering a data processing system or a data carrier.

the attempt is punishable.

Lösung ausblenden
TESTE DEIN WISSEN

What kinds of confidentiality are there?

Lösung anzeigen
TESTE DEIN WISSEN

data confidentiality and privacy.

Lösung ausblenden
  • 150763 Karteikarten
  • 2435 Studierende
  • 33 Lernmaterialien

Beispielhafte Karteikarten für deinen Cysec1 Kurs an der Universität des Saarlandes - von Kommilitonen auf StudySmarter erstellt!

Q:

Is storing the password encrypted with a key secure?

A:

yes, because the attacker can't see the passwords.

Q:

How to mitigate the attacks that rely on UDP spoofing such as reflected DoS and amplification attacks?

A:

The first router on the way of the spoofed packet which belongs to the ISP can detect UDP spoofing or the route recording in the IP header options, which is in most cases infeasible due to the lack of size capability of the IP header options.

Q:

What does CIA stand for?

A:

C: confidentiality 

I: integrity 

A: availability

Q:

What is accountability? 

A:

The ability to undeniably trace back actions to a unique entity.

Q:

What is authenticity? 

A:

It's the property of being genuine and able to be verified and trusted.

Digital signatures are a way to achieve it.

Mehr Karteikarten anzeigen
Q:

What is non-repudiation?

A:

It's the inability to dispute that a certain action was taken by an entity.  

Q:

What is unlinkability?

A:

The inability to link to entities who are in fact the same (E.g.: across two different platforms).

Q:

What is anonymity?

A:

The ability to be unidentified for certain actions.

Q:

What are the security goals?

A:

Confidentiality, integrity, availability, accountability, authenticity, non-repudiation, anonymity and unlinkability.

Some of these concepts cannot meet (E.g.: accountability and anonymity).

Q:

What are the laws against the violation of the confidentiality of the data?

A:

* 202a data espionage: 

1) Access protected data while unauthorized.

2) Only includes data that are not transmitted physically.


202b data interception: 

eavesdropping on the data that are not protected and non-public.


* 202c acts preparatory of data espionage and interception:

publish passwords, code or software tools that are used for the purposes mentioned in 202a and 202b.


* 202d handling stolen data:

procure data for personal enrichment or disseminate data to enrich third parties.

Q:

What are the laws against the violation of the integrity of the data?


A:

303a data tempering:

if an unauthorized user deletes, suppresses, renders unusable or alters data.

the attempt is also punishable.


303b computer sabotage:

committing an offence under 303a on important data.

transmitting a lot of data with the intention of causing damage to another.

damaging, destroying, rendering unusable, removing or altering a data processing system or a data carrier.

the attempt is punishable.

Q:

What kinds of confidentiality are there?

A:

data confidentiality and privacy.

Cysec1

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten StudySmarter Kurse für deinen Studiengang Cysec1 an der Universität des Saarlandes

Für deinen Studiengang Cysec1 an der Universität des Saarlandes gibt es bereits viele Kurse, die von deinen Kommilitonen auf StudySmarter erstellt wurden. Karteikarten, Zusammenfassungen, Altklausuren, Übungsaufgaben und mehr warten auf dich!

Das sind die beliebtesten Cysec1 Kurse im gesamten StudySmarter Universum

CySec

Fachhochschule Ostschweiz

Zum Kurs
Cysec

Medizinische Universität Wien

Zum Kurs
CYD

Universidad Nacional del Littoral

Zum Kurs
C1

Arellano University

Zum Kurs
c1

National Taras Shevchenko University of Kiev

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden Cysec1
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen Cysec1