WEBVTT 00:07.190 --> 00:12.080 With so much information running across networks and the internet, how can we ensure sensitive data 00:12.080 --> 00:13.160 remains protected? 00:13.190 --> 00:17.300 How can we make sure our employee information is safe from being stolen from hackers? 00:17.330 --> 00:19.430 Well, encryption seems to be the key. 00:19.430 --> 00:25.220 With encryption, we can identify and utilize different technologies to ensure our information is actually 00:25.220 --> 00:30.980 protected, thereby facilitating that confidentiality aspect of the CIA triad. 00:31.010 --> 00:37.430 With encryption, we are literally taking information that is readable in plain text, and we're misconfiguring 00:37.430 --> 00:42.590 it or changing it in such a way that no one can actually read what we're processing. 00:42.590 --> 00:47.540 That means that we're taking something that may be human readable, like a standard sentence, such 00:47.540 --> 00:54.920 as if I was good, and changing it to something that says I h e l o the number six, you get the point. 00:54.920 --> 01:00.810 And we're really going through and making sure that that information is not only unreadable but unchallenged, 01:00.840 --> 01:07.290 meaning that the algorithm associated with it is made in such a way that the attacker can actually utilize 01:07.380 --> 01:13.230 a reverse of that algorithm to decrypt the information with a key and the key generation, we're making 01:13.230 --> 01:16.620 sure that the key is, again, something complex. 01:16.620 --> 01:21.660 Now, a lot of times people utilize something like a password and expect that to be your key. 01:21.660 --> 01:28.470 But in most cases, we're using a very long stretched out enumeration of that key, in most cases 128 01:28.500 --> 01:34.140 bits, meaning we're providing a lot of zeros and ones that an attacker would have to grab that key 01:34.140 --> 01:36.450 in order to decrypt the algorithm. 01:36.450 --> 01:39.330 Encryption is really made up of three different portions. 01:39.330 --> 01:44.970 It's made up of the algorithm itself, the key that you're utilizing to utilize within that algorithm. 01:44.970 --> 01:51.450 And then the information that we are encrypting, once we've encrypted out the information or that plaintext 01:51.450 --> 01:57.830 information, it then becomes ciphertext for the purposes of cissa, you don't need to know the basics 01:57.830 --> 02:00.410 or the foundational level of encryption. 02:00.410 --> 02:05.510 It's assumed that you already know that and you should study up on that aspect if you're not familiar 02:05.510 --> 02:05.960 with it. 02:05.990 --> 02:11.900 However, for Cisa, you really going to go into the information as part of the framework or how we're 02:11.900 --> 02:17.690 utilizing the technology as a whole and much less about the actual encryption standardization. 02:18.470 --> 02:24.650 With symmetric encryption, we're utilizing one key for both encrypting and decrypting the information. 02:24.650 --> 02:29.570 That means that we're taking plaintext information and we're transferring it into ciphertext information. 02:29.570 --> 02:34.340 And then as it's going to the other end, we're using the same key to unlock that information. 02:34.340 --> 02:40.700 So if I have plaintext information and say I'm using something like AAS as my algorithm, then the other 02:40.700 --> 02:46.190 side needs to also use AAS as that algorithm and then use the key that we've already generated to encrypt 02:46.190 --> 02:48.290 it to decrypt that information. 02:48.320 --> 02:53.760 Now that's separate from something like asymmetric encryption With asymmetric encryption, we're using 02:53.790 --> 02:54.390 two keys. 02:54.390 --> 03:00.090 We're using a public private key pair, meaning that the public key is then utilized to encrypt the 03:00.090 --> 03:00.900 information. 03:00.900 --> 03:05.250 And then a private key is used to unlock or decrypt that information. 03:05.280 --> 03:10.530 Now there's a whole mathematical process that you would normally need to understand, and I would definitely 03:10.530 --> 03:12.630 study up on that if you're not familiar with it. 03:12.630 --> 03:18.510 But for the purposes of Sisa, again, we're looking at it a more framework level of how that information 03:18.510 --> 03:23.700 is safeguarded and why we might utilize asymmetric encryption over symmetric encryption. 03:23.700 --> 03:25.980 All of that is usually covered in Security+. 03:25.980 --> 03:30.480 And I would go back and research that if you are not familiar with it, the basic principles that you 03:30.480 --> 03:35.670 need to understand for Sisa, on the other hand, are the knowledge that we're using a public private 03:35.700 --> 03:40.230 key pair, meaning that we're going to use the public key to encrypt and the private key to decrypt, 03:40.230 --> 03:45.660 and that we're utilizing that for an out-of-band transmission, meaning that in order to get symmetric 03:45.660 --> 03:48.780 encryption, we need to first use asymmetric encryption. 03:48.800 --> 03:51.170 if we're talking to somebody we haven't talked to before. 03:51.170 --> 03:51.860 So we're using. 03:51.890 --> 03:54.980 Asymmetric encryption for that initial encryption algorithm. 03:54.980 --> 03:55.700 And then we're going to. 03:55.730 --> 03:59.780 Transfer that symmetric key via an asymmetric encryption algorithm. 03:59.780 --> 04:00.560 So that way you can. 04:00.590 --> 04:05.720 Then drop down to a symmetric level in order to be more efficient and faster with our encryption. 04:06.530 --> 04:11.510 With PKI or public key encryption, you need to understand how the realm of. 04:11.540 --> 04:18.260 Cryptography is utilized to communicate with servers, and how servers are then able to encrypt information 04:18.260 --> 04:22.700 back and forth between one another using our certificate authority, our registration authority, and 04:22.700 --> 04:25.340 our validation authority to go through that process. 04:25.370 --> 04:31.700 Now, we could create an entire video on PKI and go through in depth with it at an hour long length 04:31.700 --> 04:33.080 so that you really understand it. 04:33.080 --> 04:37.040 But again, this is foundational knowledge that you should already have from Security+. 04:37.040 --> 04:40.520 And if you're just familiar with that, you'll be fine for Cisa. 04:40.550 --> 04:45.740 What you really need to understand when it comes to PKI is how that information is utilized from a server 04:45.750 --> 04:53.130 capacity, meaning I'm using PKI at my server is then granted the authority to issue a certificate via 04:53.130 --> 04:58.230 the certificate authority, and then I'm validating that certificate using the measures associated with 04:58.230 --> 04:58.500 it. 04:58.500 --> 05:01.590 All of this again is covered within the Security+. 05:01.590 --> 05:04.380 So I would just get myself up to date with that if needed. 05:04.380 --> 05:05.580 For Cisa. 05:05.610 --> 05:10.050 We're really just going to understand that, hey, the certificate authority is what issues my certificate 05:10.050 --> 05:16.800 for my website, and then I need to have that registration in order to communicate effectively and securely 05:16.800 --> 05:20.340 across the internet via our server and my client. 05:20.910 --> 05:28.230 With SSL encryption or TLS, we're talking about secure socket layer security or inspection over a transport 05:28.230 --> 05:30.360 Layer security for Cisa. 05:30.390 --> 05:35.310 Again, you don't need to go that much into depth with actual specifics when it comes to this process. 05:35.310 --> 05:40.890 But what you do need to know is that we're using Transport Layer Security, usually 1.3, and that that 05:40.890 --> 05:47.500 Transport Layer Security is encrypting our information on Https, and that we're utilizing that information 05:47.500 --> 05:53.110 on websites, and how those communications from the client to the server are actually processed. 05:53.140 --> 05:58.120 Again, SSL inspection and going through the process to ensure our information is secure. 05:58.150 --> 06:00.340 Specifically on credit card websites. 06:00.340 --> 06:06.010 So what kind of questions can you expect on Cisa, since I just told you that a lot of that foundational 06:06.010 --> 06:11.920 information is expected to be known already, and how would that come into play for your CSA exam? 06:11.920 --> 06:18.100 Well, you need to know certain things like, hey, how is SSL being utilized to secure information 06:18.100 --> 06:24.100 for password generation or for how we're utilizing credit card and how we're going to secure that credit 06:24.100 --> 06:28.930 card information from my client to my server, you need to understand how the server is going back and 06:28.930 --> 06:34.600 forth with PKI, and how that information is being utilized in such a way that if I wanted to set up 06:34.600 --> 06:40.130 a secure server, how that server would then get registration and how it would be utilized, Lies and 06:40.130 --> 06:42.500 a framework model for an enterprise environment. 06:42.530 --> 06:48.230 More than that, you need to understand how an analyst would utilize or view that information from an 06:48.230 --> 06:50.750 encryption point for malware intrusion. 06:50.780 --> 06:54.500 There are basic concepts that you basically need to understand when you're going through this. 06:54.500 --> 06:59.480 But again, if you go to security+ through this, it's not a big topic within Cisa. 06:59.510 --> 07:04.010 You just need to understand the foundations and then how it would be implemented from a security analyst 07:04.040 --> 07:09.290 point of view, i.e. how would an attacker utilize or take advantage of that information and how we 07:09.290 --> 07:10.370 would protect against it? 07:10.370 --> 07:15.290 In most cases, that's going to be following the proper authorities to get that information covered 07:15.290 --> 07:18.380 into the server and how we're utilizing it. 07:19.310 --> 07:22.130 And in this episode we covered symmetric and asymmetric encryption. 07:22.130 --> 07:28.610 And we found out how encryption is used both in the PKI or the public key infrastructure, and how SSL 07:28.610 --> 07:32.990 or TLS overlays HTTP information to make it Https. 07:33.110 --> 07:37.790 This is a very short chapter and most of it is fundamental and knowledge level.