Nt2580 Class Notes

In: Computers and Technology

Submitted By bgragasin
Words 365
Pages 2
10/29/13

Data encryption is the only thing that will secure data transmission.

Powerpoint:

Confidentiality: Keeps information secret from all but authorized people
Integrity: Can enforce integrity with hashes
Authentication: Provides a way to authenticate entities
Non-repudiation: Prevents a party from denying a previous statement or action

Cryptology in Business
• Increasing concern about the security of data.
• More sophisticated attacks
• Tremendous growth of computer-related fraud and data theft
• Data protection as a business priority
Intrabusiness Security: Privacy, integrity, authorization, and access control.
Interbusienss Security: Message authentication, signature, receipt and conformation, and non-repudiation
Extrabusiness Security: Anonymity, time stamping, revocation, and ownership

Applications and Uses
• Cryptography uses can be found in categories, such as: o Anti-malware o Compliance or auditing o Forensics o Transaction security o Wireless security

Symmetric Key Crypto Standards
Triple DES (Data Encryption Standard): Consists of three passes of DES using multiple keys
IDEA (International Data Encryption Algorithm): Uses a 128-but key and runs faster than DES
Blowfish: Faster than DES or IDEA
AES (Advanced Encryption Standard): Strong and fast. Defacto standard today.
RC2: Designed by Ronald Rivest
RC4: Used in Internet browsers

Symmetric Key Principles
• The same key encrypts and decrypts
• Symmetric Algorithms can be fast and are well suited to encrypting lots of data
• They are often used once and then discarded

Asymmetric Key Principle
Any data encrypted by a Public Key can be decrypted only by the corresponding Private Key.

Asymmetric Key Crypto Standards
Standard Description
Rivest, Shamir, and Adleman
(RSA) encryption algorithm Considered by many as the standard for encryption.…...

Similar Documents

Management 330 Class Notes

...Critical Incident Method Critical incident An unusual event that denotes superior or inferior emplyee performance in some part of the job The manager keeps a log or diary for each employee throughout the appraisal period and notes speciic critical incidents related to how well they perorm. Behaviroal Checklist Method The rater checks statemnets on a list that the rater believes are characteristic of the employee’s performance or behavior. Behaviorally Anchored Rating Scale Productivity measures Appraisals based on quantitative measures that directly linnk what employees accomplish to results beneficial to the organization. -Criterion contamination -Focus on short-term results Management by Objectives(MBO) A philosopy of management that rates performance on the basis of employee achievement of goals set by mutual agreement of employee and manager. The appraisal focuses on four related categories Financial, customer, processes, and learning Ensuring the method’s success: Types of Appraisal Interviews Tell and sell – persuasion Tell and listen – nondirective Problem Solving – focusing the inteview on problem resolution and employee development. Appraisal Interview Guidelines: Invite Participation – Ask for a self-Assesment Change Behavior – Problem Solving Focus Minimize Criticism – Express Appreciation Establish Goals – Be Supportive Follow Up Day by Day Factors That Affect an Employee’s Performance Motivation Environment Ability ...

Words: 638 - Pages: 3

Nt2580

...NT2580 DEREK GRASSER LAB 7 1. Describe the differences between symmetric key cryptography and Asymmetric key cryptography. Ans: Symmetric key cryptography is older and only uses one key to encrypt and decrypt. Asymmetric key cryptography is newer than symmetric and uses two different keys to decrypt and decrypt, a public key and a private key. 2. How can public key cryptography be used for nonrepudation? Ans: The cryptography will be able to tell who it came from and what time it happened. Gives all the information needed. 3. How do digital signatures ensure the integrity of a message and verify who wrote it? Ans: Digital Signatures apply the same functionality to an e-mail message or data file that a handwritten signature does for a paper-based document. The Digital Signature vouches for the origin and integrity of a message, document or other data file. 4. What is a Certificate authority? (CA) Ans: In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. The digital... Certificate_authority. 5. What are the fields and their purpose that make up distinguished name of an X.509 certificate? Ans: is an ITU-T standard for a public key infrastructure (PKI) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation......

Words: 262 - Pages: 2

Final Review Notes Nt2580

...1. Risk- is the likelihood that something bad will happen to an asset. Threat- is any action that could damage an asst Vulnerability- is a weakness that allows a threat to be realized or to have an effort on an asset. (Know if difference) 2. Gramm-Leach-Bliley Act (GLBA) – a U.S. federal law requiring banking and financial institutions to protect customers’ private data and have proper security controls in place. 3. Data Classification Standard – that defines how to treat data throughout your IT infrastructure. This is the road map for identifying what controls are needed to keep data safe. A definition of different data types. 4. IT Security Policy Framework- a set of rules for security. The framework is hierarchical and includes policies, standards, procedures, and guidelines. 5. Whom are you trying to catch (Black-Hat, White-Hat and Gray-Hat Hacker)- Black hacker a computer attacker who tries to break IT security for the challenge and to prove technical prowess. White hacker an information security or network professional who uses various penetration test tools to uncover or fix vulnerabilities, also called ethical hacker. Gray hacker a computer attacker with average abilities who may one day become a black-hat hacker, gray-hat hackers are also called wannabes. 6. Difference between Threats and Vulnerability – threat any action that could damage an asset. Vulnerability a weakness that allows a threat to be realized or to have an effect on an asset.......

Words: 1761 - Pages: 8

Investment Class Notes

...Investment Analysis Summer 2013 – Class Notes Investments: Background and Issues Investment - the current commitment of money or other resources in the expectation of reaping future benefits. Real Assets versus Financial Assets Real Assets – Assets used to produce goods and services. Real assets are tangible assets that determine the productive capacity of an economy, that is, the goods and services its members can create. These include land, buildings, machines, and knowledge that can be used to produce goods and services. Other common examples of investments in Real Assets are paintings, antiques, precious metals and stones, classic cars etc. Higher carrying and storage costs, increased transaction fees and lower liquidity, are some common drawbacks of real assets in relation to financial assets. – i.e. - land, buildings, equipment & knowledge – Functions to contribute directly to the productive capacity of the economy – Generate net income to the economy – Individual portfolios may include real assets, real estate and commodities (precious metals or agricultural products), through direct investment. • Financial Assets – Claims on real assets or the income generated by them. Financial Assets, or more commonly known as Securities, include stocks, bonds, unit trusts etc. In essence, financial assets or securities represent legal claim on future financial benefits. These are no more than sheets of......

Words: 10329 - Pages: 42

Class Notes

...North America may not have happened without the cultivation of corn; as Warman says, “it would [all] have been impossible without corn” (151). The first colonists in America had brought European grains and cereals with them, but according to Warman, were unable to successfully cultivate them due to “many possible explanations” including differences in soil, climate, and landscape, as well as the “limited practical agricultural experience” of the colonists (152). Starvation seemed inevitable until the Native Americans began sharing their harvests and their corn-cultivating secrets. Still, the colonists did not have a successful corn harvest for two years. There is also record of 6 colonists trading for corn, or stealing it. Warman notes that they even “obtained it as regular tribute exacted by force of arms,” and sadly, “such practices continued well after settlers learned to grow corn for themselves” (152). With a reliable source of food and a crop on which to base an economy, the colonies were able to survive and expand. They were not only able to dominate the landscape, but also the Native Americans. Corn was integral to colonization and allowed the colonists to forcefully overtake the land and the indigenous people. The changes that corn prompted were far-reaching and immense, as Warman argues: Corn was everywhere and became the organizing axis of pioneer agriculture and pioneer subsistence. Corn set precedents for the sequence and style of work and served as a......

Words: 5170 - Pages: 21

Chap 6 Accounting Class Notes

...Chapter 6 Class Notes Simple interest vs. Compound interest: o Simple interest amount = Principal * annual interest rate * period o Compound interest amount includes interest not only on the initial investment but also on the accumulated interest in previous periods. Example: Assume we will save $1,000 for three years and earn 6% interest compounded annually. Original balance First year interest Balance, end of year 1 Balance, beginning of year 2 Second year interest Balance, end of year 2 Balance, beginning of year 3 Third year interest Balance, end of year 3 $ 1,000.00 60.00 $ 1,060.00 $ 1,060.00 63.60 $ 1,123.60 $ 1,123.60 67.42 $ 1,191.02 Time value of Money: 1. A single sum: Assume we will save $1,000 for three years and earn 6% interest compounded annually. On 1/1 in Year 1: $1,000 on Dec. 31 in Year3: $ 1,191.02 (a) Future value of a single sum = Present value * (1+ r) n Future value of $1000 after 3 years: 3 $1,000 × [1.06] = $1,191.02 (b) Present value of a single sum = Future value *( 1/ (1+ r) n ) Present value of $1,192.02: 3 $1,191.02 × (1/ [1.06] )= $1,000 Where r = interest rate n= compounding periods 1 Example: Assume you plan to buy a new car in 5 years and you think it will cost $20,000 at that time. What amount must you invest today in order to accumulate $20,000 in 5 years, if you can earn 8% interest compounded annually? i = .08, n = 5 Present Value Factor = .68058 $20,000 × .68058 = $13,611.60 If you deposit $13,611.60 now, at 8%......

Words: 1082 - Pages: 5

Bmgt423 Class Notes

...Fraud Examination Notes 3.11.14 The Securities Act of 1933 came after Krueger case The primary function of the SEC is to protect investors * Requires that publicly traded companies need to publish financial documents and other information * Audited financial statements came about later * They get reported to SEC through EDGAR * 10-K – annual report on financial information * 10-Q – quarterly report on financial information * 8-K – annual report on financial information plus other important information (mergers, change of auditors, etc.) * So much regulation b/c effects can lead to loss of faith in system, finances, etc. * Prevented insider trading * Prohibited manipulating market price of securities * Cannot steal funds from brokers * Cannot steal securities without registration from SEC * Disgorgement – return of any illegal profits through civil prosecution * Rule 10(b)5 – It shall be unlawful for any person directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or any facility of national securities exchange, * To employ any device, scheme or artifice to defraud, * To make any untrue statement of a material fact or omit to state a material fact necessary in order to make the statements made, in light of the circumstances under which they were made, not misleading or * To engage in any act, practice, or course of business......

Words: 291 - Pages: 2

Nt2580

...Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to be governed by remote access. The IS Dept. is responsible for maintaining the access and access rights and prividgles and restricted as needed by user roles in the organization. All data is encrypted and transmitted via remote and encrypted and used by the vpn tunnel. VPN access will be terminated on a 3 month basis and must be renewed by revisiting based on your access role and permissions. [continues] Read full essay Cite This Essay APA (2013, 07). Nt2580 unit 3 assignment 1 remote access control policy def. StudyMode.com. Retrieved 07, 2013, from http://www.studymode.com/essays/Nt2580-Unit-3-Assignment-1-Remote-1853418.html MLA MLA 7 CHICAGO...

Words: 339 - Pages: 2

Class Notes - Networking

...kernel will display a large number of messages on the screen as it initializes the various hardware items and processes like the scheduler. Once the kernel is initialized, the first user program starts. In PC based Linux systems, that first process is called init. The kernel_thread() function is called next to start init. The kernel goes into an idle loop and becomes an idle thread with process ID 0. The Essential Linux Administration: A Comprehensive Guide for Beginners Page 8 of 16 PRINTED BY: Norman Puga . Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted. process init() begins high-level system initialization. Note that unlike PC systems, embedded systems have a simpler first user process than init. The boot process then inspects the /etc/inittab file to determine the appropriate runlevel. For those readers not familiar with this term, a runlevel is literally the level at which you want Linux to run. Runlevel 0 is not running at all, or shut down. Runlevel 5 is fully running with a graphical user interface. Table 1.2 summarizes the various runlevels. The init process executes startup scripts based on selected runlevels. The scripts are located in subdirectories of the /etc/rc.d directory; those used for runlevels 0 through 6 are located in /etc/rc.d/rc0.d through /etc/rc.d/rc6.d subdirectories. It should be noted that most Linux packages place......

Words: 34239 - Pages: 137

Nt2580

...NT2580 Lab 2 ANSWERS 1. What is the application ZenMap GUI typically used for? Describe a scenario in which you would use this type of application. It’s used for port scanning. It can be used to see what hosts are on the network and to see what services they are running. 2. What is the relationship between risks, threats and vulnerabilities as it pertains to Information Systems Security throughout the seven domains of a typical IT infrastructure? Threats and vulnerabilities lead risks, if you don’t have then then you don’t have any risk of anyone getting into your network 3. Which application is used for Step #2 in the hacking process to perform a vulnerability assessment scan? That would be Nessus is the application used. 4. Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance and probing and scanning procedures? You must get written permission 5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website? A CVE (Common Vulnerabilities and Exposures) are known vulnerabilities and also show you how to patch them. They are from the Mitre Corporation but are under contract for Homeland Security and NCSD. 6. Can ZenMap GUI detect what operating systems are present on IP servers and workstations? What would that option look like in the command line if running a scan on 172.30.0.10? Yes it can detect what OS are being used. The......

Words: 350 - Pages: 2

Bit Class Notes

...for the variable at the zero point (Absolute Zero) * Qualitative and quantitative data… qualitative is often referred to as “categorical” * In general, there are more alternatives for statistical analysis when the data are quantitative. * Qualitative data is NEITHER DISCRETE OR CONTINUOUS. * Descriptive statistics are the tabular, graphical, and numeral methods used to summarize and present data. * * * * * * * * * * Relative frequency distribution * Relative to the WHOLE * Bar charts * When there are spaces between the bars automatically assume that that it is a qualitative measure * For quantitative data you must CREATE the classes * Class width= Largest data value- smallest data value/ # of classes * Histogram is the same thing as a bar chart but for quantitative data * **The bars touch** * Skewness * Understand NOT calculate * Skewness of 0 means its bell-shaped (that is it is symmetrical) * Mean = median * Best measure of location is the mean Moderately skewed on the left Mean will usually be less than the median The best measure of the location is the median Moderately skewed to the right Best measure of the location is the median Skewness is positive * * * * * * * * * * * * Central Tendency Theory: characteristics tend to hover around a certain value......

Words: 614 - Pages: 3

Sociology Essay and Class Notes Prep

...because it works, 5. Glitches happen. This throws that part of the social system in a state of imbalance. When the situation is rectified, that part of the social system goes back to a state of equilibrium. 6. if you want to understand why something exists in society look at its relationship with some other parts of the social system. It must be contributing in some way to some part of it Otherwise it would cease to exist The conflict theory: 1: Karl Marx’s ideas led to the development of this theory 2. two social classes: bourgeoisie( ruling class) proletariat( working class) 3: There has always been a history of the exploitations of the ruling class on the working class( Its all about power and money) 4: Marx argues that the powerful will also use different social structures to maintain their position example: criminal justice system, (laws) The ruling ideas of any age the ideas of its ruling class. Macrosociology vs. Microsociology Macro is concerned with large external social structures affecting people. Macro- is conflict and functionalism( because, it influences large groups of people) Micro- symbolic and exchange ( deal with trying to help and analyze small groups, to get inside their spaces, get in their heads, try to understand why they act the way they do. If a situation is studied, a researcher will look at external reasons for causes, economy, environment access to education, strength of the family unit in Canada. Augutus......

Words: 2927 - Pages: 12

Quiz 2 Class Notes

...such schemes have become an integral part of recruiting new graduates. (High Fliers, 2014, p. 35) Two-thirds of employers surveyed by High Fliers provided paid vacation internships for penultimate-year students, whilst three-fifths offered undergraduate industrial placements, which typically last 6–12 months as part of a university degree course. University intern programmes can be instrumental in preparing students for company schemes. Furthermore, 37 per cent of 2014’s entry-level positions at the top 100 graduate employers are expected to be filled by graduates who have already worked for the organisations through paid internships, industrial placements or holiday work and therefore will not be open to other students from the ‘Class of 2014’ (High Fliers, 2014). For example, Centrica’s internship programme has grown from 11 places in 2006, to 75 in 2010 (a recruiting level that has been maintained to 2014); in 2011 38 per cent of their graduate intake was from this programme. Furthermore, in other sectors such as investment banking, up to 80 per cent of positions are filled by graduates who had previously undertaken an internship with the company (Briggs and Daly, 2012). Examining the webpages of UK higher education institutions clearly shows the large © 2014 John Wiley & Sons Ltd. 355 Higher Education Quarterly number that are now offering their students and graduates workplace internship schemes. What follows is an analysis of one of......

Words: 9691 - Pages: 39

Class Notes

...CONFLICT MANAGEMENT READING NOTE Conflict is a clash of interests, values, actions, views or directions (De Bono, 1985). Conflict refers to the existence of that clash. Conflict is initiated the instant clash occurs. Generally, there are diverse interests and contrary views behind a conflict, which are revealed when people look at a problem from their viewpoint alone. Conflict is an outcome of organizational intricacies, interactions and disagreements. It can be settled by identifying and neutralizing the etiological factors. Once conflict is concluded it can provoke a positive change in the organization. When we recognize the potential for conflict, we implicitly indicate that there is already a conflict of direction, even though it may not have yet manifested itself as a clash. Confliction is the process of setting up, promoting, encouraging or designing conflict. It is a wilful process and refers to the real effort put into generating and instituting conflict. Deconfliction is the annihilation of conflict. It does not refer to negotiation or bargaining, or even to resolution of conflict: it is the effort required to eliminate the conflict. Why conflicts arise In most organizations, conflicts increase as employees assert their demands for an increased share in organizational rewards, such as position, acknowledgment, appreciation, monetary benefits and independence. Even management faces conflicts with many forces from outside the organization, such as government,......

Words: 4001 - Pages: 17

Ac553 Class Notes Week 3

...1. Three Types of Income (on Final) a. Active (earned) income b. Passive income - income derived from a passive activity such as working interest in oil and gas, often associated with limited partnerships i. Can only deduct passive losses to the extent you have passive income c. Portfolio income (interest, dividend, annuities, sales of stocks and bonds, royalties not derived from an ordinary course of a trader business) 2. In –class quiz d. Owned a apartment complex ii. What is gross rental income 1. Tenant improvements in lieu of rent 2. Tenant improvement are not in lieu of rent iii. Two troublesome tenants, one comes and tell the landlord that they can’t pay the rent. Gives an interest bearing 90 day note in lieu of the rent. This note is treated as property and should be valued at FMV (fair market value) iv. Tenant hasn’t been in the apartment the entire month of December and has not paid rent. Paid late, landlord received in January 3. Include the rent in previous year’s taxable income v. Own a ten-flat in the city. Landlord lives in one of the ten, rent the other nine out. What is the net rental income? What about the deductions 4. What fractions of the building can you depreciate? 90% vi. Had inside information down in Springfield that a third airport was going to be built in the Chicagoland area. With this inside......

Words: 1742 - Pages: 7

Terius Behind Me ซับไทย Ep.11+12 | Lost Password? | Fuyu Hanabi