StudyXY
RegisterLog in
Information Technology /Security+ (SY0-701): Cryptographic Solutions Part 1

Security+ (SY0-701): Cryptographic Solutions Part 1

Information Technology40 CardsCreated about 2 months ago

This deck covers essential concepts in cryptography, including definitions, types of encryption, hashing algorithms, and Public Key Infrastructure (PKI).

PrintEmbedImportReport

Define ‘Cryptography’

The science and practice of encoding or decoding data to make it unintelligible to unauthorized parties.
Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/40

Key Terms

Term
Definition
Define ‘Cryptography’
The science and practice of encoding or decoding data to make it unintelligible to unauthorized parties.
Define ‘security through obscurity’
Keeping something a secret by hiding it.
Define ‘Plaintext/Cleartext’
Unencrypted data.
Define ‘Ciphertext’
Encrypted data that can’t be read without the cipher key.
Define an ‘Algorithm’
Process that encrypts and decrypts data.
Define ‘Cryptanalysis’
The science/practice of breaking ciphers and cryptographic systems.
Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
Security+ (SY0-701): Cryptographic Solutions Part 1
TermDefinition
Define ‘Cryptography’
The science and practice of encoding or decoding data to make it unintelligible to unauthorized parties.
Define ‘security through obscurity’
Keeping something a secret by hiding it.
Define ‘Plaintext/Cleartext’
Unencrypted data.
Define ‘Ciphertext’
Encrypted data that can’t be read without the cipher key.
Define an ‘Algorithm’
Process that encrypts and decrypts data.
Define ‘Cryptanalysis’
The science/practice of breaking ciphers and cryptographic systems.
Define an ‘Encryption’ algorithm/cipher
Process that encodes data so that it can be stored or transmitted securely and then decrypted only by its owner or its intended recipient.
Define a ‘key’ in cryptography
Specific piece of data that is used in an algorithm to perform encryption and decryption.

What are the two types of encryption algorithms?

  1. Symmetric

  2. Asymmetric

Define a ‘substitution’ cipher/algorithm
Replacing characters or blocks in the plaintext with different text or ciphertext.
Define a ‘Transposition’ cipher/algorithm
The units of data stay the same, but their order is changed depending on the mechanism.
Define ‘Symmetric Encryption’
Shared-key encryption; Two-way encryption process in which encryption and decryption are both performed by the same key.
What is the benefit of symmetric encryption?
Used for bulk encryption of large amounts of data due to its speed; Very fast
What is the security risk in symmetric encryption?
The transmission/receipt of the shared-key; Security is broken if the key is intercepted along with the cipher text.
Define ‘key length’
Size of a cryptographic key in bits; Longer keys generally offer better security and are harder to crack with brute force.
What is the downside to using larger encryption keys?
The computer must use more resources to perform encryption and decryption.
Define ‘Asymmetric Encryption’
One-way encryption; Cipher that uses public and private keys mathematically linked by RSA or ECC algorithms;
What is the difference between asymmetric encryption and symmetric encryption?
An asymmetric key cannot reverse the operation it performs; The public key cannot decrypt what it has encrypted and vice versa.
What is the function of the public key in asymmetric encryption?
Key is freely distributed and can be used to perform reverse encryption or decryption operation of the linked private key in the pair.
What is the function of the private key in asymmetric encryption?
Uniquely associated with the owner and is not made public; Used to encrypt data that can be decrypted by the linked public key or vice versa.
What is a downfall of asymmetric encryption?
Involves substantial computing overhead compared to symmetric encryption and is inefficient for large amounts of data.
How can the overhead from asymmetric encryption be mitigated with large amounts of data?
Asymmetric encryption can be used to encrypt a symmetric key that was used to encrypt data before transmitting the data.
Define ‘cryptographic hashing’ algorithms
One-way encryption that produces a fixed-length string of bits from a plaintext input.
What does a hashing algorithm produce?
The output is a ‘hash’ or ‘message digest’
What is the typical function/purpose of hashing algorithms?
To prove integrity; Ensure that data has not been manipulated in transmission/receipt/storage and for authentication.

What are the two popular hashing algorithms?

  1. Secure Hash Algorithm (SHA)

  2. Message Digest Algorithm #5 (MD5)

Define 'Secure Hash Algorithm (SHA)'
Replacement for message digest algorithm (MDA); Considered strongest - most popular is SHA256 producing a 256-bit digest.
Define 'Message Digest Algorithm #5 (MD5)'
Considered not as safe as SHA256; Produces a 128-bit digest.
Define a 'cryptographic primitive'
A single hash function, symmetric cipher, or asymmetric cipher.
Define a 'complete cryptographic system/product'
The use of multiple cryptographic primitives within a cipher suite.
What two forms of cryptography combine to create a digital signature?
Combines Asymmetric encryption for confidentiality to authenticating the sender with hashing to provide integrity.
What is 'Public Key Infrastructure (PKI)'
Framework that establishes trust in the use of public key cryptography to sign and encrypt messages via digital certificates.
What is the purpose of Public Key Infrastructure (PKI)?
To prove the owners of public keys are who they say they are.
Define a 'Digital Certificate'
A public assertion of identity, authenticated by a certificate authority (CA) that contains a subject's public key.
Define a 'certificate authority (CA)'
A server that guarantees subject identities by issuing signed digital certificate wrappers for their public keys.
What is a 3rd party certificate authority (CA)?
A public CA that issues certificates for multiple domains; Widely trusted as a root trust by operating systems and browsers.

What purpose of a 3rd party public CA?

  1. Provide a range of cert services.

  2. Ensure the validity of certs and the identity of those applying for them.

  3. Manage the repositories that store and administer certs.

  4. Key and cert lifecycle management (revoking invalid certs).

How does a subject generate a certificate from a public 3rd party root CA?

  1. Register to the CA to prove identity

  2. Generate a cert signing request (CSR) from a webserver containing the public key and submit the CSR to CA for validation

  3. CA generates a signed cert with the public key and sends to subject.

  4. Publishing of cert in webservice manager (IIS/Apache/other)

Define a 'digitally signed certificate'
Proof that a cert was validly issued to a subject (user/host) by a public 3rd party root CA.
When going to a URL, how does the client verify identity?
Client checks web server's certificate and validates that it is signed by a trusted CA.