Encryption Basics
This type of encryption uses the same key to encrypt and decrypt data.
What is symmetric encryption?
This cryptographic process turns data into a fixed-length value and is not meant to be reversed.
What is hashing?
Trusted entity that issues and signs digital certificates
What is a Certificate Authority?
IAM stands for this.
What is Identity and Access Management?
A company wants to protect login accounts by requiring a password plus a second verification step.
What is multi-factor authentication (MFA)?
This type of encryption uses a public key and a private key.
What is asymmetric encryption?
This security goal means data has not been changed or tampered with.
What is integrity?
Self-signed CA certificate at the top of the chain
What is the root of trust?
This IAM principle means users should get only the permissions they need.
What is least privilege?
A website wants to protect data sent between a user’s browser and the server.
What is TLS?
This is the biggest challenge of symmetric encryption: both parties must share this securely first.
What is the secret key?
SHA-256 is an example of this.
What is a hashing algorithm?
Path from a certificate through intermediates to the root CA
What is the chain of trust?
This is a collection of permissions assigned to a user, group, or system.
What is an access policy?
A company wants to make access decisions based on a person's job or function in the organization.
What is role-based access control (RBAC)?
This symmetric encryption algorithm is widely used to protect files, disks, and data streams.
What is AES?
A company wants to check whether a downloaded file was modified. They should use this.
What is a hash?
Request sent to a CA containing the public key and identity
What is a CSR?
Access model where permissions are assigned to roles
What is RBAC?
A company wants to give users only the access they need to do their jobs, and no more.
What is least privilege?
These two hashing algorithms are deprecated and should not be used for secure hashing today.
What are SHA-1 and MD5?
Unlike encryption, hashing is generally described as this.
What is one-way or irreversible?
Real-time protocol used to check certificate status
What is OCSP?
Access model that considers subject, object, and context
What is ABAC?
A company wants to prove that a message really came from the claimed sender and was not altered in transit.
What is a digital signature?