CompTIA – Domain 1.4

Flashcards covering key concepts related to cryptographic solutions in CompTIA Security+ preparation.

Public Key Infrastructure (PKI)

A framework that manages digital keys and certificates for secure communication.

Public Key

A key shared openly to encrypt data or verify digital signatures.

Private Key

A secret key used to decrypt data or create digital signatures.

Key Escrow

A secure storage system that holds copies of private keys for recovery or compliance.

Full-Disk Encryption

Encrypts an entire storage device to protect data at rest.

Asymmetric Encryption

Uses two keys (public and private) for encryption and decryption.

Symmetric Encryption

Uses one shared key for both encryption and decryption.

Key Exchange

The process of securely sharing cryptographic keys between parties.

Trusted Platform Module (TPM)

Hardware chip that stores cryptographic keys and performs secure boot.

Steganography

Hides data within other files, such as images or audio, to conceal its existence.

Tokenization

Replaces sensitive data with unique tokens to reduce exposure risk.

Hashing

Transforms data into a fixed-length hash value, ensuring integrity and verification.

Salting

Adds random data to a password before hashing to prevent attackers from using precomputed hash tables.

Digital Signatures

Provide authenticity, integrity, and non-repudiation by verifying the sender.

Key Stretching

Increases password strength by applying multiple rounds of hashing.

Blockchain

A distributed ledger system that records transactions across multiple nodes.

Certificate Authorities (CAs)

Trusted entities that issue digital certificates to verify identities.

Certificate Revocation Lists (CRLs)

Lists of invalid or revoked certificates that should no longer be trusted.

Online Certificate Status Protocol (OCSP)

Provides real-time validation of certificate status.

Wildcard Certificate

A certificate that secures multiple subdomains under the same domain.