Page 131 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 131
Unit 8: Cryptography and Encryption
3. Enlighten the procedure of asymmetric key cryptography. Notes
4. What is digital certificate? Illustrate the process of verifying the certificate.
5. Explain the concept of sending and receiving messages with digital signature.
6. Make distinction between Symmetric Key Cryptography and public Key Cryptography.
7. What is hashing? Explain the use of hash function.
8. Explain the approaches used to encryption.
9. Symmetric key cryptography schemes are generally categorized as being either stream
ciphers or block ciphers. Comment.
10. Write short notes on:
(a) PGP
(b) Hash Function
(c) Kerberos
(d) Certificate Authority
Answers: Self Assessment
1. Private key 2. Decryption
3. secrecy 4. Access control
5. Electronic signatures 6. Thresholding
7. Certification authority 8. SSL (Secure Sockets Layer)
9. Digital Signatures 10. Trusted Third Party (TTP)
11. Symmetric key 12. Asymmetric
13. Hash functions 14. Pretty Good Privacy (PGP)
15. Kerberos
8.9 Further Readings
Books An Introduction to Computer Security: The NIST Handbook
Managing Enterprise Information Integrity: Security, Control and Audit Issues, By IT
Governance Institute
Principles of Information Security by Michael E. Whitman and Herbert Mattord;
Risk Management Guide for Information Technology Systems
Risks of Customer Relationship Management: A Security, Control, and Audit Approach
by PricewaterHouseCoopers Llp
Security, Audit & Control Features PeopleSoft: A Technical and Risk Management
Reference Guide; 2nd Edition, by Deloitte Touche Tohmatsu Research Team; ISACA
Online links http://all.net/edu/curr/ip/Chap2-4.html
LOVELY PROFESSIONAL UNIVERSITY 125
