Auditing, Cryptography Flashcards
Fundamentals of auditing and cryptography
Windows Encrypted File System
Allows encryption of files and folders. It uses a combination of symmetric and asymmetric encryption. There is a separate symmetric secret key and a digital certificate which holds the user’s private and public key.
Virtual Private Network (VPN)
It creates a private network over a public network in a secure way. It uses a tunneling protocol to create a tunnel through the internet to the VPN server.
Internet Protocol Security (IPSec)
It’s a protocol that encrypts and authenticates packets that are sent over an IP network. There are two modes of tunnel mode and transport mode.
Software-Based Encryption
Uses software to encrypt data and a vulnerability in the operating system can compromise it.
Hardware-Based Encryption
Uses hardware to perform encryption like TPMs or processors with x86 instruction set.
Examples of Symmetric Algorithms
Data Encryption Standard, Triple Data Encryption Standard, Advanced Encryption Standard.
Explain Symmetric cryptography!
Explain Asymmetric Cryptography!
Asymmetric key cryptography AKA uses two keys: a public key and a private key. You use public key to access data and anyone can access that. Private keys are used to decrypt messages and they are carefully guarded by the receiver.
How public key encryption works: Anything encrypted with private key can be decrypted with the matched public key and anything encrypted with the public key can be decrypted with the matched private key.
Explain Hash Functions and salting!
Hash functions are a third type of modern cryptography which we call keyless cryptography. Instead of using a key, hash functions convert the plaintext into a large unique and fix-length value which is called hash. Adding random strings to a password is password salting.
What is digital signature?
A digital signature allows you to sign a message so the others can detect any changes to the message after you’ve sent it, ensure that the message was sent by the expected party and prevent the sender from denying that they sent the message.
To digitally sign a message, the sender generates a hash of the message and then uses their private key to encrypt the hash. The sender then sends this digital signature along with the message, usually by appending it to the message itself.
When the message arrives at the receiving end, the receiver uses the public key corresponding to the sender’s public key to decrypt the digital signature and restores the original hash of the message. The receiver can check the integrity of the message by hashing the message again and comparing the two hashes. Some softwareas take care of verifying the integrity of the message quickly.
What is a certificate and who is a certificate authority?
A digital certificate is an electronic document that identifies a server, a person, or an organization or other entity and associate that entity with a public key. The person who issues the certificate is called certificate authority.
Non-Repudiated
Refers to a situation that a person is unable to successfully deny that they have made a statement or taken an action because we have sufficient evidence that they did it.
what is Vulnerability assessment? name one tool and explain what it does.
Vulnerability assessment generally involves using vulnerability scanning tools such as Qualys, to locate weaknesses in an environment. Such tools usually scan the target systems to discover open ports and then interrogating each port to find out which service is listening on it.
Penetration testing
Penetration testing mimics the techniques that an actual attacker would use to breach a system.
How to protect data in motion?
You will often use SSL(Secure Socket Layer) and TLS(Transport Layer Security) to encrypt a connection between two systems communicating over the network. SSL and TLS(both create a secure connection between client and server. TLS( is more secure) operate in conjunction with other protocols such as Internet Message Access Protocol(IMAP) and Post Office Protocol(POP) for email, Hypertext Transfer Protocol(HTTP) for web traffic and VoIP for voice conversation and messaging.
