{"id":506,"date":"2019-03-12T12:00:22","date_gmt":"2019-03-12T17:00:22","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=506"},"modified":"2020-02-25T09:31:40","modified_gmt":"2020-02-25T15:31:40","slug":"ccna-cyberops-scfnd-objective-3-0","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/12\/ccna-cyberops-scfnd-objective-3-0\/","title":{"rendered":"CCNA CyberOps SECFND Objective 3.0"},"content":{"rendered":"\n

3.1 Describe the uses of a hash algorithm<\/h2>\n\n\n\n

Hash algorithms are a one way function that produces a unique mapping from a piece of a data to a string. This string can then be used to verify that the data has not been altered. Security software also uses hashes to compare a file to a list of known good or bad files.<\/p>\n\n\n\n

Hashed Message Authentication Code (HMAC) uses hashing with a secret key to allow for a message to be validated. This is then used for digital signature.<\/p>\n\n\n\n

3.2 Describe the uses of encryption algorithms<\/h2>\n\n\n\n

Encryption algorithms are used to protect the confidentiality of data. It can be used to encrypt a file like in an encrypted zip file. Alternatively encryption can be applied to a stream like in TLS(or SSL) or in an IPSec VPN. Either way the goal is the same to keep the data from being read by someone without the proper key.<\/p>\n\n\n\n

3.3 Compare and contrast symmetric and asymmetric encryption algorithms<\/h2>\n\n\n\n

Symmetric encryption algorithms include DES, 3DES, AES, IDEA and Blowfish. Most data in VPNs are protected with symmetric algorithms because they are faster and use less CPU. The longer the key used with symmetric algorithms, the higher level of encryption is achieved. <\/p>\n\n\n\n

Asymmetric encryption is generally associated with public key infrastructure. One key, the private key, is used for encryption and the other public key is used for decryption. Examples are RSA, DH, ElGamal, DSA and ECC.<\/p>\n\n\n\n

3.4 Describe the processes of digital signature creation and verification<\/h2>\n\n\n\n

A digital signature is created by using a public\/private key pair generated by a trusted CA. The public key is used to sign the message and the person on the other end uses their private key to validate the signature. Digital signatures provide non-repudiation for messages.<\/p>\n\n\n\n

3.5 Describe the operation of a Private Key Infrastructure (PKI)<\/h2>\n\n\n\n

PKI requires there be a certificate authority to sign certificates and validate them. These CAs can be public or private. They can also have a chain of CAs with a root and intermediate CAs. The public keys are presented in the form of a signed certificate that allows things like web browsers to trust and decrypt the traffic signed with the private key. <\/p>\n\n\n\n

There are several public key cryptography standards (PKCS):<\/p>\n\n\n\n