Encrypting Data Flashcards
Security+
What is the purpose of encrypting stored data?
To protect data on storage devices, including SSDs, hard drives, USB drives, and cloud storage.
What types of encryption can protect data at rest?
Full-disk encryption (e.g., BitLocker, FileVault) and file encryption (e.g., EFS, third-party utilities).
What is database encryption?
It protects stored data and the transmission of that data, often using transparent encryption and record-level encryption.
How does transparent encryption work?
It encrypts all database information using a symmetric key.
What is record-level encryption?
It encrypts individual columns in a database, using separate symmetric keys for each column.
What is transport encryption?
It protects data that is transmitted over a network.
How do browsers use transport encryption?
Browsers communicate securely using HTTPS.
What is a VPN and how does it encrypt data?
A VPN encrypts all data transmitted over the network, regardless of the application, using SSL/TLS or IPsec.
What factors determine the choice of an encryption algorithm?
Security level, speed, complexity of implementation, etc.
What is the role of cryptographic keys in encryption?
The key determines the output of encrypted data, hash values, and digital signatures.
Why is it important to keep your cryptographic key private?
It is the only thing protecting your encrypted data.
How does key length affect encryption security?
Larger keys are generally more secure and help prevent brute-force attacks.
What is the common key length for symmetric encryption?
Commonly 128 bits or larger.
What characterizes asymmetric encryption?
It uses complex calculations of prime numbers and typically requires larger key lengths, often 3,072 bits or more.
What is key stretching?
A process that strengthens a weak key by performing multiple hashing operations on it.
