Cybersecurity note

Hashing

A cryptographic algorithm that produces a fixed-length string from an input that can be of any length.

Hash Value

A value created by running the data through a hashing algorithm.

Fingerprint for Data

A hash value serves as a unique identifier for the data, similar to a fingerprint.

MD5 Length

32

SHA-1 Length

40

Effect of Minor Change on Hash Value

Even a minor change to the input data results in a completely different hash value.

Types of Data that can be Hashed

Simple text, any file, an entire hard drive, etc.

Is Hash Reversible?

No, hashing is not reversible.

Verify Integrity of Data

Hashes match indicate that data has not been altered or corrupted.

Symmetric Cryptography

A method that uses a single key to encrypt and decrypt data.

Block Cipher vs Stream Cipher

Block cipher encrypts data in fixed-size blocks, while stream cipher encrypts one bit at a time.

Current Standard for Symmetric Encryption

Advanced Encryption Standard (AES) is the current standard.

AES - Block or Stream Cipher?

Block cipher.

Electronic Code Book (ECB)

The simplest mode of operation for block cipher encryption.

Cipher Block Chaining (CBC)

An advanced form of block cipher encryption.

Advantages of Symmetric Encryption

Strong for shorter key lengths; fast for real-time and bulk encryption.

Disadvantages of Symmetric Encryption

Key distribution and key management challenges.

Confidentiality

Ensures information is accessible only to authorized users.

Integrity

Accuracy and completeness of information and processing methods.

Availability

Ensures authorized users have timely access to information and assets.

Social Engineering

A broad range of malicious activities accomplished through human interactions.

Dumpster Diving

Searching for sensitive information by looking through trash.

Shoulder Surfing

Observing someone as they enter a password.

Snooping

Unauthorized access to information not properly safeguarded.

Familiarity in Social Engineering

Using the premise of a supposed friendship to gain sensitive information.

Impersonation

Attacker pretends to be someone else.

Phishing

Tricks victims into providing confidential info through fake emails or websites.

Best Social Engineering Prevention

Training users to recognize and respond to social engineering attacks.

Trojan Horse

Malware disguised as legitimate software.

How Ransomware Works

Encrypts all user files and/or entire hard drive.

Botnet in DDoS Attack

A network of hacked computers that floods websites with excessive traffic.

Eavesdropping

Intercepting unencrypted wifi traffic is a confidentiality concern.

Wiring Tapping vs Eavesdropping

Wiretapping sniffs traffic from physical networking cables versus capturing wifi signals.

Adversary-in-the-Middle Attack

Attacker sets up a spoof wifi access point to intercept data.

TCP Session Hijacking

An attacker takes over a valid session between two computers.

Replay Attack

Capturing and reusing session credentials to establish a session.

Leave Computer Unattended

Users should configure the screen lock for security.

Ensure Updates on Devices

Install OS and software updates immediately.

Microsoft Windows Update

Ensures a computer has the most recent version of system software.

Precautions When Downloading Files

Set browser to notify before downloads; avoid suspicious attachments.

Security Configurations on Devices

Use screen locks, locator apps, and remote wipe applications.

How Social Media Companies Make Money

Selling user data and targeted advertising.

Importance of Metadata

Used for targeted advertising based on user interest.

Best Practices for Social Media Posts

Users should set strict privacy settings to limit profile access.

Expectation of Privacy for Employees

No expectation of privacy when using organizational assets.

Company Confidential Information (CCI)

Information required to be protected from unauthorized disclosure.

Companies Processing Confidential Info

Should obtain customer permission for data processing.

Examples of Confidential Employee Information

Personally identifiable information (PII) such as addresses and banking details.

Secure Storage of CCI

Use encrypted data on network hard drives to protect against theft.

Use of Data Wiping Software

Ensures deleted files on old devices cannot be recovered.

Symmetric vs Asymmetric Cryptography

Symmetric uses one key, while asymmetric uses two keys.

Advantages of Asymmetric Encryption

Public key can be shared freely; supports authentication.

Key Pair in Asymmetric Encryption

Data encrypted with a public key can only be decrypted with the private key.

Confidentiality with Asymmetric Encryption

Intercepted messages cannot be decrypted without the private key.

Disadvantages of Asymmetric Encryption

Slower than symmetric; strength relies on complex mathematical problems.

Encoding vs Cryptography

Encoding transforms data for interoperability; cryptography makes data unreadable.

Characteristics of Encoding

Ensures interoperability, has no security purpose, and is reversible.

ASCII

A coding system to convert text and commands for computers.

ASCII Usage

Represents 128 characters, including letters and non-alphanumeric characters.

Storage for ASCII Characters

One ASCII character is encoded as one byte of data.

Extended ASCII

Defines 128 additional characters from other languages.

Unicode

More extensive character encoding system than ASCII, includes all human languages.

Chart of UTF-8, UTF-16, UTF-32

Different basic code units and data storage sizes for each.

Base64 Encoding

Transforms digital data into an ASCII string; used for compatibility.

Base64 Character Options

Includes upper/lower case letters, digits, and (+) and (/) signs.

Bits Representing Base64 Character

Each character is represented by a 6-bit binary number.

Base64 Encoding Process Steps

Divide into 6-bit blocks, determine Base64 character, convert to ASCII.

Padding in Base64

Extra bits needed for the last block, indicated by an equal sign.

Public Key Infrastructure (PKI)?

The process by which an entity’s identity and public key can be authenticated and trusted.

certificate authority (CA)

Authenticate an entity’s identity, and provide the entity’s public key.

digital certificate

A digital certificate is a small data file that digitally binds an organization’s cryptographic key to its details

What key is used to encrypt an entity’s digital certificate?

The digital certificate will be encrypted by the Certificate Authority (CA) using the CA’s own private key.

What key is used to decrypt an entity’s digital certificate?

Certificate Authority’s public key

From where does a software application (like a browser) get a CA’s public key?

This root certificate provides them with the CA’s trusted public key.

3 common uses for digital certificates

Digital Signature, Web Server Identity, Code Signing

Digital Signature

Authenticate the integrity of digital data and the identity of the signer of the digital data

Web server identity

Authenticate the integrity of the public key and the identity of the web server that owns the public key

code signing

Authenticate the integrity of software and the identity of the software developer

What is a digital signature ?

type of electronic signature used to validate the authenticity and integrity of a message.

Steps in Authenticating a Digital Signature

1. Recipient retrieves sender's public key using the digital certificate. 2. Recipient hashes received data. 3. Recipient decrypts digital signature using the sender's authenticated public key.

Steps in Creating a Digital Signature

1. Hash the data to be signed. 2. Encrypt the hash with the sender's private key. 3. Attach the digital signature to the original data.

What is hybrid cryptography?.

Most cryptosystems combine the flexibility of asymmetric with the efficiency of symmetric.

What is a digital envelope?

Packaging of the symmetric session key into a message encrypted with a server's asymmetric public key.

What is Transport Layer Security (TLS)?

the protocol for establishing a secure session between a client browser and a web server.

What are the contents of a TLS Certificate?.

The organizational information for the web server.

The fully qualified domain name (FQDN) for the web server.

The server’s public key

What is a Certificate Revocation List (CRL)?

Certificates can be revoked or suspended by the owner or the CA.

What is an Online Certificate Status Protocol (OCSP) responder?

check a certificate’s status

What is OCSP Stapling?

time-stamped OCSP response