Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-501)

Published byBeverley Martin Modified over 5 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-501)"— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-501)
Chapter 8: Cryptography

2 Chapter 8: Cryptography
Compare and contrast types of attacks Compare and contrast basic concepts of cryptography Explain cryptography algorithms and their basic characteristics Given a scenario, install and configure wireless security settings Given a scenario, implement public key infrastructure

3 An Overview of Cryptography
Cryptography is a field almost as old as humankind. Parts of: Understanding nonmathematical cryptography Substitution ciphers A type of coding or ciphering system that changes one character or symbol into another Transposition ciphers (transportation code) Involves transposing or scrambling the letters in a certain manner

4 Chapter 8: Cryptography
Steganography The process of hiding a message in a medium such as a digital image, audio file, or other file Hybrid systems Best when two or more of these methods of nonmathematical cryptography are combined Mathematical cryptography Deals with using mathematical processes on characters or messages Hashing Refers to performing a calculation on a message and converting it into a numeric hash value

5 Working with Symmetric Algorithms
Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Some common standards that use symmetric algorithms are the following: Data Encryption Standard (DES) Triple-DES (3DES) Advanced Encryption Standard (AES) CAST GOST

6 Working with Asymmetric Algorithms
Asymmetric algorithms use two keys to encrypt and decrypt data. Public key Private key

7 Chapter 8: Cryptography
Cryptographic algorithms Are used to encode a message from its unencrypted or clear-text state into an encrypted message Hashing The process of converting a message, or data, into a numeric value Secure Hash Algorithm (SHA) Message Digest Algorithm (MD) Rainbow tables and salt Key stretching

8 Code-Breaking Techniques
Frequency analysis Involves looking at blocks of an encrypted message to determine if any common patterns exist Algorithm errors A method or set of instructions used to perform a task or instruction Brute-force attacks Can be accomplished by applying every possible combination of characters that could be the key Exploiting human error One of the major causes of encryption vulnerabilities

9 Chapter 8: Cryptography
Cryptographic system A cryptographic system is a system, method, or process that is used to provide encryption and decryption. Confidentiality and strength Integrity Digital signatures Authentication Nonrepudiation

10 Origins of Encryption Standards
Early cryptography standards were primarily designed to secure communications for the government and military. Government agencies play a role. National Security Agency (NSA) National Security Agency/Central Security Service National Institute of Standards and Technology National Institute of Standards and Technology (NIST)

11 Public-Key Infrastructure X.509/Public-Key Cryptography Standards
Public-Key Infrastructure X.509 (PKIX) The working group formed by the IETF to develop standards and models for the PKI environment Public-Key Cryptography Standards (PKCS) A set of voluntary standards created by RSA and security leaders

12 Chapter 8: Cryptography
X.509 Defines the certificate formats and fields for public keys; also defines the procedures that should be used to distribute public keys SSL and TLS Secure Sockets Layer (SSL) Used to establish a secure communication connection between two TCP-based machines Certificate Management Protocol (CMP) A messaging protocol used between PKI entities Secure Multipurpose Internet Mail Extensions (S/MIME) A standard used for encrypting

13 Chapter 8: Cryptography
Pretty Good Privacy (PGP) A freeware e‑mail encryption system Hypertext Transport Protocol over SSL (HTTPS) Secure Hypertext Transport Protocol (S-HTTP) IP Security (IPSec)

14 Chapter 8: Cryptography
Tunneling protocols Adds a capability to the network Common protocols used for tunneling Point-to-Point Tunneling Protocol (PPTP) Layer 2 Forwarding (L2F) Tunneling Protocol (L2TP) Federal Information Processing Standard (FIPS) A set of guidelines for the United States federal government information systems

15 Public Key Infrastructure
Public Key Infrastructure (PKI) is intended to provide a means of providing security to messages and transactions on a grand scale. PKI is a two-key, asymmetric system with four main components. Certificate authority (CA) Registration authority (RA RSA (the encryption algorithm) Digital certificates

16 Chapter 8: Cryptography
Certificate authority (CA) An organization that is responsible for issuing, revoking, and distributing certificates Registration authority (RA) Can distribute keys, accept registrations for the CA, and validate identities Local registration authority (LRA) Can be used to identify or establish the identity of an individual for certificate issuance

17 Implementing Certificates
provide the primary method of identifying that a given user is valid can be used to store authorization information can verify or certify that a system is using the correct software and processes to communicate

18 Chapter 8: Cryptography
Certificate policies Define what certificates do Certificate practice statement (CPS) A detailed statement the CA uses to issue certificates and implement its policies

19 Certificate Revocation
The process of revoking a certificate before it expires Certificate revocation list (CRL) Online Certificate Status Protocol (OCSP) Repository A database or database server where the certificates are stored

20 Trust Models Four main types of trust models are used with PKI.
Hierarchical Bridge Mesh Hybrid

21 Trust Models Hierarchical trust model
Also known as a tree; a root CA at the top provides all the information Nridge trust model A peer-to-peer relationship exists between the root CAs Mesh trust model Expands the concepts of the bridge model by supporting multiple paths and multiple root CAs Hybrid trust model Can use the capabilities of any or all of the structures discussed in the previous sections

Download ppt "CompTIA Security+ Study Guide (SY0-501)"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Crytography Chapter 8.

Crytography Chapter 8.
1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.

1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Similar presentations

Ads by Google