Tuesday, March 01, 2011

Security+ Exam objectives 5.1

5.0 Cryptography

5.1 Explain general cryptography concepts.

Section 5.1 merely involves you understanding some of the key concepts you’ll often hear when talking about cryptography, which is basically the practice of secret communications for security purposes. All of these terms are needed for you to truly comprehend how cryptography works, its methods, and why it’s an important part of security.

  • Key management – Key management involves using, distributing, storing, controlling and protecting cryptographic keys. Key management requires that a key be stored and shared securely, long enough to provide the necessary level of protection, destroyed properly when no longer needed, and so on. There are many different ways to do key management, from centralized to decentralized, and others.
  • Steganography – Steganography is simply when one type of communication is hidden within another type of community. Something embedding a text file in an audio file is steganography.  Hidden text inside of graphics is another common form of this technology.
  • Symmetric key – Also known as a private key or secret key, a symmetric key utilizes a single-shared encryption key to both encrypt and decrypt the data and is known for its speed and strength. When this type of key is uses to encrypt and decrypt a hard drive, the user is the only one with possession to the key. When it is used between two people sharing information, each user has possession of the key. Think of SSL when thinking of symmetric key. The user will send the key encrypted along with data, once the data is sent the other user is able to decrypt it.
  • Asymmetric key – Sometimes referred to as public key cryptography. It uses a public and a private key. Each key is related, but having the public key doesn’t allow for the private key to be generated, which makes it secure and protected. Each partner within the given communication has to have a pair of keys, both a public and private key. The private key must always be kept secure and the public key can be distributed openly without security concerns.
  • Confidentiality – Confidentiality is needed to protect the secrecy of data, resources, information, and so on. It is used to minimize, if not prevent any type of access to data that is no authorized. It is used to ensure that no one else but the intended reader is able to view sent information. It allows authorized used to see, read, use, etc. certain files and data and keeps unauthorized users out.
  • Integrity and availability – Integrity involves a system’s ability to not only ensure but prove 100% that information being sent is not modified. If the data is modified, it is only done so through proper approval.Availability involves the ability to offer and provide data to specific approved users. It’s known as the reverse part of confidentiality but is also an important piece to proper integrity.
  • Non-repudiation – Non-repudiation is used to prevent a sender of a message from denying that it was that specific user who sent it. It is used in both symmetric and asymmetric key.
  • Comparative strength of algorithms – When it comes to algorithms, the comparative strength is based on key length and work factor. Work factor is a measurement of the amount of effort and time needed for a successful brute force attack. Of course, larger work factor algorithms are said to be stronger and vice versa. This measurement isn’t based on numbers alone, but things such as the amount of computers needed, keyspace, the speed of the attack, and so on.
  • Digital signatures – A digital signature is used to prove that a message was sent from a specific user and that the message was not changed along the way. They are used electronically, often times in emails and documents, to provide for integrity as well as non-repudiation.

  • Whole disk encryption – Whole disk encryption is pretty self-explanatory. It is when the entire hard drive is encrypted. This is often done through encrypting specific hard drive volumes that include the operating system data.
  • Trusted Platform Module (TPM) – Trusted platform module is a specification for a cryptoprocessor and a chip used in the mainboard that supports the cryptoprocessor. The TMP chip is needed to store and process the keys for the implemented encryption system. When whole disk-TMP encryption is used, the user must have a password or USB token device to authenticate access which then allows the chip to release the keys into the computer’s memory.
  • Single vs. Dual sided certificates – Single or one-way certificate exchange occurs when only one party provides a proof of identity. Think about the internet and SSL encryption when using a website that allows a user to purchase an item online. E-commerce uses single-sided certificates.Dual sided certificates, also known as mutual and two-way exchange requires that each side provide a certificate for proof of identity. This is a much more reliable and secure method, as it is not prone to man-in-the-middle attacks.
  • Use of proven technologies – Obviously, when any company or business is looking to implement security technology, they want to use the things that are not only proven, but the most recent. It’s vital to use technologies that have proven to be successful for a long time period. Without proper security, data can be compromised and outside attacks can be successful.
 Visit GetCertify4Less or our new site GetCertified4Less to save on your Security+ certification.
 

No comments: