1- Masquerading Or Spoofing happens when the attacker impersonate somebody else

2- Replaying means that the attacker obtains a copy of a message by user and later
tries to replay it
3- Repudiation Means that the sender might deny that he has sent the message or the
receiver might deny that he received a message
4- Security attack Any action that compromises )‫ (يهدد‬the security information
5- Security mechanisms are designed to detect or prevent security attack
6- Security services Are intended to counter security attack and they use one or more
mechanisms to provide the service
7- Data Confidentiality, Data integrity, Authentication , Non repudiation And Access
control are from security services
8- Authentication assurance that communicating entity is the clamed one
9- Access Control prevention of unauthorized use of a resource
10- Protection against denial by one of the parties (sender and receiver) in a
communication is Non - Repudiation
11- Receiver can prove id of sender if denied (Proof of origin – proof of delivery)
12- Sender can prove data was delivered to the receiver (Proof of origin – proof of
delivery)
13- Encryption used to protect information when transmitted from system to another or
being stored on secondary storage
14- ………………….. used to prevent impersonation of legitimate users
(User Authentication – Information Authentication – Intrusion detection)
15- Process designed to detect or prevent security attack is Security Mechanisms
16- Encipherment use a mathematical transformation to make data unintelligible for
unauthorized users and is type of (security mechanisms – security service)
17- Cryptography Is hidden the data in form of unintelligible data
18- Steganography Is cover data inside another form like picture
19- Sender and receiver exchange messages to provide identity of each other is
Authentication Exchange
20- Traffic padding Used to make traffic analysis (Spoofing) harder
21- Routing control in case of a suspicion about security breach enables selecting and
continuously changing routs
22- Notarization trusted third party (TTP) to control communication between two parties
23- Encryption has two types Symmetric encryption and Asymmetric encryption
24- Formal statement of rules and practices that specify or regulate how system or
organization provides security system is called Security policy
25- Security implementation involves Prevention , Detection , Response And Recovery