5 Security Operations Flashcards
(33 cards)
an encryption algorithm is a
complex mathematical formula
an encryption key is the
password
The decryption algorithm and decryption key
reverse the process
Protecting data at rest (stored) - 3 main areas
1 file encryption
2 disk encryption
3 device encryption
Protecting data in transit (moving over a network) - 4 main areas
1 HTTPS
2 email
3 mobile applications
4 VPN
2 main categories of encryption algorithms
symmetric and asymmetric
Symmetric Encryption uses
- AES (Advanced Encryption Standard) algorithm
- encrypt and decrypt with the same (shared) key
Asymmetric Encryption uses
- RSA (Rivest-Shamir-Adleman) algorithm
- asymmetric algorithms use different keys for encryption and decryption (must be from the same pair)
Hash Functions (Message Digests) are
- one-way functions that transform a variable-length input into a unique, fixed-length output
Common Hash Functions (6)
1 MD5 (Message Digest 5)
2 SHA 1 (Secure Hash Algorithm)
3 SHA 2
4 SHA 3
5 RIPEMD (Race Integrity Primitives Evaluation Message Digest)
6 HMAC (Hash-based Message Authentication Code)
SHA 1
- 160-bit hash value
- no longer secure
SHA 2
- produce different lengths (including 224, 256, 384, and 512 bit)
- some vulnerabilities but still widely used
SHA 3
- uses Keccak algorithm to produce a hash of any desired length
- length is set by the person computing the hash, so is still fixed length
RIPEMD
- alternative to SHA (due to trust issues with the US gov - SHA)
- 4 variants - 128 (no longer secure), 160 (widely used - bit coin transactions), 256, and 320 bit)
HMAC
- combines symmetric cryptography with hashes to provide authentication and integrity for messages (protects against packet loss/tampering)
- sender uses a secret key (shared) a hash function (agreed upon)
Data Lifecycle (6)
1 Create
2 Store
3 Use
4 Share
5 Archive
6 Destroy
Data Sanitization Techniques (3)
1 Clearing (overwrite)
2 Purging (cryptographic functions,
degaussing)
3 Destroying
Military data classifications (4)
1 top secret
2 secret
3 confidential
4 unclassified
Business data classifications (4)
1 highly sensitive
2 sensitive
3 internal
4 public
3 different types of information classification by external groups
1 PII
- information traceable to a specific person
2 PHI (HIPAA)
- medical records
3 PCI (Payment Card Information)
- numbers
Logs (3 objectives from analyzing them)
1 Accountability (identity attribution)
- who caused the event?
- specific person, IP address, geographic area, etc
2 Traceability
- can help uncover all related events (path through distributed systems)
3 Auditability
- provide clear documentation of the event
SIEM (Security Information and Event Management) - 2 major functions
1 central, secure collection point for logs
2 apply AI to correlate all the log entries
- detect patterns of potential malicious activity
Social Engineering 6 approaches
1 Authority
2 Intimidation
3 Consensus/Social Proof
4 Scarcity
5 Urgency
6 Familiarity
