12 Questions
What is the primary purpose of a Hardware Security Module (HSM) mentioned in the text?
Accelerating symmetric and asymmetric encryption
Which technology is associated with verifying a sender's identity to the receiver?
Digital Certificate
What function does Public Key Infrastructure (PKI) serve according to the text?
Managing public keys in digital certificates
Which protocol is considered somewhat obsolete and used mostly for web servers and browsers?
Secure Sockets Layer (SSL)
What is the main purpose of Secure/Multipurpose Internet Mail Extensions (S/MIME) mentioned in the text?
Encrypting email communication
What is the primary function of Bastille as mentioned in the text?
Proactively configuring an operating system for increased security
Which type of Intrusion Detection System relies more on baselines than signatures?
Anomaly-based IDS
What is the main focus of Nessus and OpenVAS as mentioned in the text?
Conducting vulnerability scanning from a remote host
Which type of IDS uses rules or patterns of known malicious traffic to detect threats?
Signature-based IDS
What is the essential role of penetration testers as mentioned in the text?
Discover security weaknesses that may lead to system compromise
Which aspect is considered crucial for good Linux security according to the text?
Detecting malicious activity
What distinguishes Anomaly-based IDS from Signature-based IDS?
'Anomaly-based IDS uses baselines, while Signature-based IDS relies on patterns of known malicious traffic.
Study Notes
Hash Algorithms
- Common hash algorithms include MD5, SHA, RIPEMD, and HMAC
Symmetric Cryptographic Algorithms
- Use the same single key to encrypt and decrypt data
- Common symmetric cryptographic algorithms include DES, 3DES, AES, RC, IDEA, Blowfish, and Twofish
Asymmetric Cryptographic Algorithms (Public Key Cryptography)
- Use two keys (key pairs): public key and private key
- Public key is known to everyone and can be freely distributed
- Private key is known only to the individual to whom it belongs
- Common asymmetric cryptographic algorithms include RSA, ECC, and DSA
Cryptography Basics
- Cryptography: scrambling information so that only authorized individuals can use it
- Encryption: process of changing original data into scrambled data
- Decryption: process of changing scrambled data back to its original state
- Plaintext: unencrypted data that is the input for encryption or the output of decryption
- Ciphertext: scrambled and unusable output of encryption
- Cleartext: usable (unencrypted) data that is transmitted or stored and is not intended to be encrypted
- Cipher (or Algorithm): procedures based on a mathematical formula to encrypt and decrypt the data
- Key: mathematical value entered into a cipher to produce the ciphertext
- Cryptoanalysis: sophisticated statistical analysis on ciphertext to try to discover the underlying key to the cryptographic algorithm
Steganography
- Hiding the existence of data
- Divides data into smaller pieces and hides them in unused portions of a file
Implementing Encryption
- Through software: Microsoft’s EFS (Encrypting File System), Apple’s FileVault, and PGP (Pretty Good Privacy)
- Through hardware: USB Device Encryption, Self-Encrypting Drives (SEDs), and Trusted Platform Module (TPM)
Network Security
- Firewalls provide an essential layer of security
- All network services require a port number to communicate
- IANA (Internet Assigned Numbers Authority) contains a list of port numbers and their uses
- System Ports (0 to 1023): well-known ports used by system processes
- User Ports (1024 to 49,151): registered ports assigned by IANA for specific service
- Dynamic and/or Private Ports (49,152 to 65,535): used for private or customized services
- Linux systems use a Packet-Filtering Firewall system
- Netfilter is integrated into all Linux kernels and offers packet filtering, network address translation, and port translation
- Front-ends for netfilter’s firewall functionality include iptables, firewalld, and UFW (Uncomplicated Firewall)
Firewall Configuration
- iptables: standard firewall included in most Linux distributions
- firewalld: updated version of iptables, used in Red Hat based distributions
- UFW (Uncomplicated Firewall): simpler to use than iptables
- Zones in firewalld: block, public, and private network zones
Encrypting Partitions and Volumes
- Usually done when Linux is installed through kernel-space tools
- dm_crypt: the most common Linux kernel module that handles encryption at the kernel level
- LUKS (Linux Unified Key Setup): command line front-end for dm_crypt
Encrypting Files and Directories
- Used after Linux is installed through user-space tools
- PGP (Pretty Good Privacy): common command line tool for encrypting files and directories
- GPG (GNU Privacy Guard or GnuPG): implementation of OpenPGP for encrypting files and folders
- GnuPG Shell and GPA (GNU Privacy Assistant): GUI front-ends for GPG
Test your knowledge on various software encryption methods such as Microsoft’s EFS, Apple’s FileVault, and Pretty Good Privacy (PGP). Learn how encryption is implemented through operating systems and third-party software for secure data storage and communication.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free