Chapter 15 - 02 - Discuss Various Data Security Controls PDF

Certified Cybersecurity Technician Exam 212-82 Data Security Disk Encryption Tools...

Certified Cybersecurity Technician Exam 212-82 Data Security Disk Encryption Tools =* VeraCrypt is a software for establishing and maintaining an on-the-fly- encrypted volumee (data (data storage device device) @ Lotk Dhive Encrypilion SCTIPINE " ¢ L) BitLocker Drive Encryption VeraCrypt = On-the-fly encryption means that data is automatically encrypted https://docs.microsoft.com immediately before it is saved and decrypted immediately after it is loaded, without any user intervention w VensCrge VeaCrypt o-. x FinalCrypt. Volumes Sysem System Tovortes Favortes Tockh Tooh Settings Melp Homepage Momepags https://www.finalcrypt.org https://www.finalcrypt.org e Dree Vo Vo Goe Sae Eropmon Eno pterNgr®em kg Ow Ty Ty —~ :f:f Segrite Encryption Manager Seqrite -- https://www.segrite.com https://www.seqrite.com - -2 FileVault o https://support.opple.com vdare \C Mhate T e s ety Vokme Tock. Sect Dpace. Gilisoft Full Disk Encryption E Bt Mt Do Orart A ot http://www.gilisoft.com http://www.gilisoft.com hitps//www.verocrypt https//www.verocrypt fr e¢ Disk Encryption Tools The common goal of disk encryption tools is to encrypt a disk partition to provide confidentiality to the information stored on it. Some disk encryption tools are discussed below. VeraCrypt Source: https://www.veracrypt.fr VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted just before it is saved and decrypted just after it is loaded without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. The entire file system is encrypted (e.g., file names, folder names, free space, metadata, etc.). Files can be copied to and from a mounted VeraCrypt volume just like they are copied to/from any normal disk (e.g., by simple drag-and-drop operations). Files are automatically decrypted on the fly (in memory/RAM) while they are read or copied from an encrypted VeraCrypt volume. Similarly, files that are written or copied to the VeraCrypt volume are automatically encrypted on the fly (just before they are written to the disk) in RAM. Module 15 Page 1781 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security % VeraCrypt —= X Volumes System Favorites Tools Settings Help Homepage Drive Volume Size Encryption Encryption Algorithm Type A =)A: A B2B: =) =)l =1 - J: ) =)K: K2 —)L2 ) M: Create Volume Volume Properties... Wipe Cache \Vd w l[ ~v Select File... Vet 7] Never save history (7] |. VolumeTools... | | SelectDevice... I S e R | Figure 15.18: Screenshot of VeraCrypt Some additional disk encryption tools are as follows: = BitLocker Drive Encryption (https://docs.microsoft.com) (https.//docs.microsoft.com) *= FinalCrypt (https://www.finalcrypt.org) = Seqrite Encryption Manager (https.//www.seqrite.com) »= FileVault (https://support.apple.com) (https.//support.apple.com) = Gilisoft Full Disk Encryption (http.//www.gilisoft.com) Module 15 Page 1782 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security File Level Encryption: Implementing Built-in File System-level Encryption on Windows The Encrypting File System (EFS) provides file 2. Advanced Attributes X system-level encryption in Windows Choose the settngs settings you want for this folder, " When you dick OK or Apply on the Propertes dialog, you will be H asked if you want the changes to affect al subfoiders subfoiders and and files aswel. ‘ Archive and Index attrbutes attributes [ Folder is ready for ardhving archving [ Alow fies in this folder to have contents indexed in addition to fie propertes Compress or Enaypt attrbutes [[] Compress contents to save dsk space [E&wm:cm:msmsewedau [E&wwtcm:msmsewedau ] Detads Copyright © by EC-Council. AN Rights Reserved. Reproductionksis Strictly Prohibited EC-Councll Prohibited. File Level Encryption: Implementing Built-in File System-level Encryption on Windows The Encrypting File System (EFS) provides file system-level encryption in Windows (starting from Windows 2000), except the home version. The user needs to enable this feature on a specific file, directory, or drive. EFS protects the confidential information from unauthorized users who have physical access to a computer. File Encryption with EPS Using Command Prompt = Right-click on the Start button and select Command Prompt (Admin). = Type the following command: cipher /e “" = Enter the file path with extension and hit Enter. C:\Windows\system32\cmd.exe -. (m] X c:\Windows\System32>cipher /e "d:\Demo\Sample.txt" Encrypting files in d:\Demo\ Sample.txt [0K] 1 file(s) [or directorie(s)] within 1 directorie(s) were encrypted. Converting files from plaintext to ciphertext may leave sections of old plaintext on the disk volume(s). It is recommended to use command CIPHER /W:directory to clean up the disk after all converting is done. c:\Windows\System32> Figure 15.19: File encryption with EPS Module 15 Page 1783 Certified Cybersecurity Technician Copyright © by EC-Gouncil EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security To enable EPS Using Advanced Attributes in a Selected File/Folder = Select the file for encryption using EFS. =» Right-click on the file and select Properties. + Local Disk (0:) (D) » Demo Name Date modified modiied Ty " Samy* &ml. P -mmmn o Te TE Print Edit A AxCrypt > {3 Scan with Windows Defender... a &2 Share Open with > 3B3 Addto Add to archive... n Add to "Sample.rar” £33 B3 Compress and email... B3 Compress to “Samplerar” "Samplerar” and email Restore previous versions Send to > Cut Copy 4 Creste shortcut Delete Rename File ownership > @ ’Q Mark asa3 trusted Properties Figure 15.20: Screenshot of Selecting Properties = (Click Advanced ~ Sample Properties X General Securty Detads Previous Versions Versions 5 [ o | Typeof fle: Typeoffle: Text Document (bat) Openswth: ]| Notepad Change... Location Location: D:\Demo Size Sbytes (3 bytes) Szeondsk: 4.00 KB (4,056 bytes) Created 07 February 2020, 17:23:59 17:23.59 Modfied 07 February 2020, 17:28:26 Accessed: 07 February 2020, 2020, 17.28:26 Atrbues: Atrbtes: [(JReadonly [JReadonly [[]Hidden Advanced... Concel | | sl Figure 15.21: Choosing Advanced Option Module 15 Page 1784 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security = Check the box Encrypt content to secure data and click OK Advanced Attributes X E IZ] Choose the settings you want for this folder. When you dick OK or Apply on the Properties dialog, you will be asked if you want the changes to affect all subfolders and files as well, Archive and Index attributes Folder is ready for archiving Allow files in this folder to have contents indexed in addition to file properties Compress or Encrypt attributes [C] compress contents to save disk space [ [ Encrypt contents to secure data ] | Details. e Figure 15.22: Selecting Encrypt Content to Secure Data = Click Apply. A box will appear with the option to encrypt the file only or encrypt the file and its parent folder. Select as per requirements, and click OK Encryption Warning X. You are encrypting a file that is in an unencrypted folder, If this file is modified, the editing software might store a temporary, unencrypted, copy of the file. To ensure that files created in the parent folder are encrypted, encrypt the parent folder. What do you want to do? (®) Encrypt the file and its parent folder (recommended) (O Encrypt the file only [CJ Always [C] always encrypt only the file E Cancel ’‘ Figure 15.23: Encryption Warning Module 15 Page 1785 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security File Encryption Tools Advanced Encryption Package is a file encryption software for Windows 10, 8, and 7. It uses strong and proven algorithms to protect sensitive documents 9 x AxCrypt nter Possmens Tnter Passmens https://www.oxcrypt.net B. o oe aglriginal Rie s os | &2 Self-Decrypaing S8F-Decrypting Documene Document = — B M..v...“ :.:.,.‘.. M.. :.:...(. E idoo File Encryption N Repest = — Enter Password : hﬂps://www.ldooenaypﬂon,com https://www.idooencryption.com Ageathen Algenthm ,"‘”"—"l m Spaaly ooty 11 the GCurk pascmcnd andd Gocmert pastsced the denaton and the SeEnaron fokd Fokder TR o st TROE you Mt 1010 decr e yitgl 1ot E Patdie ol ot Sl Rhl il E: BONRH-s Fassard :‘:":: o ::"" ™ (u\parglectrel :'; v e e — — ‘' Cryptomator Cryptomator I iy https://cryptomator.org — {ohonce - qr Cilpovgianmsdee Exangie: Cilpovgiamme Exanple: 2;‘(;-:_’ ml :":1 Cobotn 5858 eunctatio Cobotn after ooty enctabin aftes oot XN é{;\;:'.v " éo's?vu Open derypted Open derypted Bt dter ety doomert dtar sctar ity sctun z';:'fw ?,:::Ey( Thes wallwet

Chapter 15 - 02 - Discuss Various Data Security Controls PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue