Encryption can be used to secure portable devices like laptops and cell phones. Most current operating systems use _______ to prevent unauthorized parties from viewing the data on the machine.
disk encryption
Encryption can be used to secure portable devices like laptops and cell phones. Most current operating systems use disk encryption to prevent unauthorized parties from viewing the data on the machine.
Microsoft Windows uses a symmetric disk encryption program called BitLocker.
Macs use a symmetric disk encryption program called FileVault.
True or False
Emails are natively encrypted. They are sent and received in plaintext.
False
Emails are NOT natively encrypted. They are sent and received in plaintext.
Programs like _____ and _____ can apply
public key cryptography to provide email
confidentiality and use digital signatures
to ensure authenticity and integrity.
Programs like S/MIME and PGP can apply public key cryptography to provide email confidentiality and use digital signatures
to ensure authenticity and integrity.
___________ is a protocol
designed to encrypt web traffic.
Secure Socket Layer (SSL) is a protocol
designed to encrypt web traffic.
○ HTTPS actually stands HTTP over SSL.
These certificates use public key cryptography to establish a secure connection between the browser and the server.
A _________ is a cybersecurity professional who captures and investigates digital evidence from computers, cell phones, and other devices containing digital data.
A forensic examiner is a cybersecurity professional who captures and investigates digital evidence from computers, cell phones, and other devices containing digital data.
True or False
Forensic examiners make a hash of
a device when it is initially collected
for investigation.
True
_________ is the cryptographic technique of placing hidden messages
within files, images, or videos.
Steganography is the cryptographic technique of placing hidden messages within files, images, or videos.
_________ are small data files that use public key
cryptography to secure connections between the browser and the web server.
SSL certificates are small data files that use public key cryptography to secure connections between the browser and the web server.
To get an SSL, an organization must first reach out to a ___________ , an organization responsible for issuing SSL certificates.
To get an SSL, an organization must first reach out to a certificate authority (CA), an organization responsible for issuing SSL certificates.
What information does a CA need to get a SSL certificate?
- Company documents
- A unique IP address
- A certificate signing request (CSR), a block of encrypted data that is created on the web server where the SSL certificate will eventually be installed.
When generating the CSR, a _______ and _______ pair are created.
When generating the CSR, a private and public key pair are created.
- Only the public key is sent to the CA.
- The private key remains hidden on the webserver.
SSL certificates validate authenticity using a _______.
SSL certificates validate authenticity using a chain of trust.
Browsers have a pre-established list of trusted CAs, called a _________.
Browsers have a pre-established list of trusted CAs, called a ________.
Root certificate authorities are a list of CAs trusted by your browser. They’re at the top of the trust chain and are typically not the organizations that issue SSL certificates.
Intermediate certificate authorities usually issue certificates and report up to a root certificate authority.
Explain the process of an SSL certificate
- When we access a secure website, the browser asks the web server for certificate details.
- The server responds with a copy of the SSL certificate and the public key.
- The browser validates the certificate by checking the expiration date and root CA.
- The browser uses the server’s public key to create, encrypt, and send a session key.
- The server decrypts the key, sends an acknowledgement, and starts an encrypted session.
- Secure web traffic begins. Server and browser encrypt/decrypt data with the session key.
What does SSL stand for?
Secure Socket Layer
What’s the difference between SSL and TLS?
SSL refers to Secure Sockets Layer whereas TLS refers to Transport Layer Security. Basically, they are one and the same, but, entirely different.
How similar both are? SSL and TLS are cryptographic protocols that authenticate data transfer between servers, systems, applications and users. For example, a cryptographic protocol encrypts the data that is exchanged between a web server and a user.
A _____________ exploits weakness in cryptographic algorithms by attempting to determine if the “random” values produced are actually predictable.
A statistical attack exploits weakness in cryptographic algorithms by attempting to determine if the “random” values produced are actually predictable.
Give some examples of a cryptographic attacks
- Predictable token-generation
- Brute force attacks
- Birthday attack (Also known as collision and hashing collision.)
- Frequency Analysis
- Replay attacks
What are rainbow tables?
Rainbow tables are resources that contain precomputed hashes with the associated plaintext passwords.
- Some rainbow tables are extremely large.
- They can take up a lot of storage space and CPU to use effectively.
We can defend against rainbow tables by _________, a cryptographic method of combining salt (a random value) with the plaintext into the hash function.
We can defend against rainbow tables by salting, a cryptographic method of combining salt (a random value) with the plaintext into the hash function.
_______ is a command-line tool that can automate the cracking of hashes.
Hashcat is a command-line tool that can automate the cracking of hashes.
Hashcat uses ______, ______ and ______methods to figure out plaintext passwords from hashes.
Hashcat uses dictionary wordlists, rainbow tables, and brute force methods to figure out plaintext passwords from hashes.
-
1.1_ Cybersecurity Mindset18
-
1.2_ Surveying Cyberspace20
-
1.3_ Certifications and Security+33
-
2.1_The Security Organization - GRC31
-
2.2_ Risk Management and Threat Modeling37
-
2.3 Governance, Risk, and Compliance III23
-
3.1 How Sweet is Terminal23
-
3.2 Commanding the Command Line26
-
3.3 Sticking to the Script15
-
4.1 Introduction to Linux17
-
4.2 Access Controls15
-
4.3 Special Permissions and Managing Services21
-
5.1 Backups and tar13
-
5.2 Cron and Scheduled Jobs20
-
5.3 Monitoring Log Files23
-
6.1 Combining Commands28
-
6.2 Ifs and Lists18
-
7.1 Introduction to Windows33
-
7.2 Powershell Scripting13
-
7.3 Active Directory Domain Services4
-
8.1 Introduction to Networking53
-
8.2 Ports, Protocols, and the OSI Mode43
-
8.3 Following Data Through Layers 2, 3, and 445
-
9.1 IP and Protocols33
-
9.2 Email Networks and Security28
-
Networking Review37
-
Networking Review II19
-
10.1 Intro to Cryptography33
-
10.2 Asymmetric Encryption and Hashing16
-
10.3 Applied Cryptography and Attacks22
-
11.1 Introduction to Firewalls and Network Security41
-
11.2 Intrusion Detection, Snort, and Network Security Monitoring59
-
11.3 Enterprise Security Management9
-
12.1 Intro to Cloud Computing14
-
12.2 Cloud System Management32
-
12.3 Load Balancing and Redundancy10
-
13_ Project Week ELK Stack7
-
14.1 HTTP with Session and Cookies56
-
14.2 Microservices and Container Security33
-
15.1 Introduction to Web Vulnerabilities and Hardening68
-
15.2 Exploitation and Mitigation33
-
15.3 Broken Authentication and Session Management18
-
16.1 Introduction to Pen Testing and Open Source Intelligence22
-
16.2 Student Guide: Network Discovery and Vulnerability29
-
16.3 Exploiting Vulnerabilities39
-
Nmap and Scanning Review Quiz29
-
17.1 Introduction to Metasploit18
-
17.2 Post-Exploitation with Meterpreter24
-
17.3 Custom Payloads with msfvenom10
-
18.1 Introduction to SIEM15
-
18.2 Splunk Searches5
-
18.3 Splunk Reports and Alerts7
-
19.1 Splunk Dashboards and Visualizations8
-
19.2 Splunk Enterprise Security3
-
21.1 Introduction to Digital Forensics9
