CompTIA Security+ Study Guide (SY0-401)

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
Crytography Chapter 8.
1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Web Security.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Introduction Cryptography: process of making and using codes to secure transmission of information Encryption: converting original message into a form.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
06 APPLYING CRYPTOGRAPHY
Module 9: Fundamentals of Securing Network Communication.
Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Key management issues in PGP
Chapter 5 Network Security Protocols in Practice Part I
Cryptography and Network Security
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
Chapter 5: The Art of Ensuring Integrity
Chapter 8 Network Security.
IS3230 Access Security Unit 9 PKI and Encryption
CompTIA Security+ Study Guide (SY0-501)
Cryptography and Network Security
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Security in ebXML Messaging
Security at the Application Layer: PGP and S/MIME
Chapter 8 Network Security.
Cryptography and Network Security
ELECTRONIC MAIL SECURITY
Secure Electronic Transaction (SET) University of Windsor
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
ELECTRONIC MAIL SECURITY
The Secure Sockets Layer (SSL) Protocol
Unit 8 Network Security.
Advanced Computer Networks
Instructor Materials Chapter 5: Ensuring Integrity
Cryptography and Network Security
Presentation transcript:

CompTIA Security+ Study Guide (SY0-401) Chapter 8: Cryptography

Chapter 8: Cryptography Implement the appropriate controls to ensure data security. Given a scenario, utilize general cryptography concepts. Given a scenario, use appropriate cryptographic methods. Given a scenario, use appropriate PKI, certificate management and associated components.

An Overview of Cryptography Cryptography is a field almost as old as humankind. Parts of: Understanding Non-mathematical Cryptography Substitution Ciphers is a type of coding or ciphering system that changes one character or symbol into another. Transposition Ciphers (transportation code) involves transposing or scrambling the letters in a certain manner.

Chapter 8: Cryptography Steganography is the process of hiding a message in a medium such as a digital image, audio file, or other file. Hybrid Systems By combining two or more of these methods of non-mathematical cryptography, you can make a pretty good cipher system. Mathematical cryptography deals with using mathematical processes on characters or messages. Hashing: refers to performing a calculation on a message and converting it into a numeric hash value.

Working with Symmetric Algorithms Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Some Common Standards that use Symmetric Algorithms: Data Encryption Standard (DES) Triple-DES (3DES) Advanced Encryption Standard (AES)

Working with Asymmetric Algorithms Asymmetric algorithms use two keys to encrypt and decrypt data. Public key Private key

Chapter 8: Cryptography Cryptographic algorithms are used to encode a message from its unencrypted or clear-text state into an encrypted message. Hashing the process of converting a message, or data, into a numeric value. Secure Hash Algorithm (SHA) Message Digest Algorithm (MD) Rainbow Tables and Salt Key Stretching

Code-breaking Techniques Frequency Analysis involves looking at blocks of an encrypted message to determine if any common patterns exist. Algorithm Errors is a method or set of instructions used to perform a task or instruction. Brute-Force Attacks can be accomplished by applying every possible combination of characters that could be the key. Exploiting Human Error Human error is one of the major causes of encryption vulnerabilities.

Chapter 8: Cryptography Cryptographic system A cryptographic system is a system, method, or process that is used to provide encryption and decryption. Confidentiality and Strength Integrity Digital Signatures Authentication Nonrepudiation

Origins of Encryption Standards Early cryptography standards were primarily designed to secure communications for the government and military The Role of Government Agencies National Security Agency (NSA) National Security Agency/Central Security Service National Institute of Standards and Technology National Institute of Standards and Technology (NIST)

Industry Associations and the Developmental Process The need for security in specific industries, such as the banking industry, has driven the development of standards. American Bankers Association (ABA) Internet Engineering Task Force (IETF) Internet Society (ISOC) World Wide Web Consortium (W3C) International Telecommunications Union (ITU) Institute of Electrical and Electronics Engineers (IEEE) Public domain cryptography Pretty Good Privacy

Chapter 8: Cryptography Public-Key Infrastructure X.509/Public-Key Cryptography Standards: Public-Key Infrastructure X.509 (PKIX) is the working group formed by the IETF to develop standards and models for the PKI environment. Public-Key Cryptography Standards (PKCS) is a set of voluntary standards created by RSA and security leaders.

Chapter 8: Cryptography X.509 The X.509 standard defines the certificate formats and fields for public keys. It also defines the procedures that should be used to distribute public keys. SSL and TLS Secure Sockets Layer (SSL) is used to establish a secure communication connection between two TCP-based machines. Certificate Management Protocol (CMP) is a messaging protocol used between PKI entities. Secure Multipurpose Internet Mail Extensions (S/MIME) is a standard used for encrypting email.

Chapter 8: Cryptography Pretty Good Privacy (PGP) is a freeware e‑mail encryption system. Hypertext Transport Protocol over SSL (HTTPS) Secure Hypertext Transport Protocol (S-HTTP) IP Security (IPSec)

Chapter 8: Cryptography Tunneling protocols add a capability to the network Most common protocols used for tunneling: Point-to-Point Tunneling Protocol (PPTP) Layer 2 Forwarding (L2F) Tunneling Protocol (L2TP). The Federal Information Processing Standard (FIPS) is a set of guidelines for the United States federal government information systems.

Public Key Infrastructure Public Key Infrastructure (PKI) is intended to provide a means of providing security to messages and transactions on a grand scale. PKI is a two-key—asymmetric—system with four main components: certificate authority (CA) registration authority (RA RSA (the encryption algorithm) digital certificates

Chapter 8: Cryptography certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. registration authority (RA It can distribute keys, accept registrations for the CA, and validate identities. local registration authority (LRA) It can be used to identify or establish the identity of an individual for certificate issuance.

Implementing Certificates provide the primary method of identifying that a given user is valid can be used to store authorization information can verify or certify that a system is using the correct software and processes to communicate

Chapter 8: Cryptography Certificate Policies define what certificates do Certificate Practice Statement (CPS) is a detailed statement the CA uses to issue certificates and implement its policies.

Certificate Revocation is the process of revoking a certificate before it expires Certificate Revocation List (CRL) Online Certificate Status Protocol (OCSP) Repository a database or database server where the certificates are stored

Trust Models Four main types of trust models are used with PKI: 1. Hierarchical 2. Bridge 3. Mesh 4. Hybrid

Trust Models hierarchical trust model also known as a tree—a root CA at the top provides all the information bridge trust model a peer-to-peer relationship exists between the root CAs mesh trust model expands the concepts of the bridge model by supporting multiple paths and multiple root CAs hybrid trust model can use the capabilities of any or all of the structures discussed in the previous sections

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.