Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our protecting data in transit module. We can protect data that is being transmitted over some medium, such as Internet, by using encryption. Here we can see an example of how this might work. We would start at the top left with our confidential information that we do not want individuals that are not privy to the communication to be able to read.
We start with the plain text message confidential memo lay offs to start. This message is not secured so we would not want to transmit this through an unsecured medium. In order to protect this data we would use an encryption algorithm which is similar to a lock, and we would have a specific key that was only known to the sender and the receiver.
This would convert the data into cypher text which would not be readable by anyone who did not have the key. Now that the data has been secured, it can be transmitted over the Internet or through our network, without any concern of individuals capturing the data because it is illegible.
Once the data gets to the recipient, the recipient will then use the same algorithm and the key that was shared with them by the sender to decrypt the data and they will then have the same plain text, confidential memo layoffs to start. So this technology helps to ensure that only the sender and the receiver were able to read that sensitive information.
We can protect data in two ways while it is being transmitted, using either link encryption or end to end encryption. Link encryption is typically performed by a service provider and not by the individual user. It encrypts the data along the entire communications path, and even encrypts routing data.
With link encryption, data needs to be decrypted and re-encrypted at each node or router, so therefore data may be exposed to unauthorized individuals. With end to end encryption, this is typically accomplished by the user and is typically between a client and a server. With this mode, data is encrypted the entire time that it is in transmit until it gets to the remote recipient.
With end to end encryption, the routing information is not encrypted. End to end encryption is used in SSL and TLS client and server communications, IPSec VPNs in tunnel mode, And is also used to secure wireless WiFi communications using WPA and WPA2. It is important to note that link encryption can be used with end to end encryption, or either type of encryption can be used independently.
We can use cryptography to maintain security and implement access controls to provide for authentication and authorization of our users. We can use IPsec, which is Internet Protocol Security, to secure our data in transit's confidentiality using ESP or Encapsulation Security Payload. And we can also use this to ensure the integrity of our data using Or Authentication Header.
We can provide secure remote access to our employees or contractors using cryptography by setting up IPsec VPNs or Virtual Private Networks, or SSL/TLS VPNs. We can also use encryptography to provide email security when we are communicating with another individual. Using either P.G.P or S/MIME, we can use encryption to protect the data while it is in motion.
We can also use encryption to protect the data at rest sitting on a mail server. We can use digital signatures, which are encrypted hashes of email messages, to provide origin authentication so we know where an email originated. We can also provide data integrity to make sure that an email has not been modified.
And provide signatory non-repudiation, so we have proof that an individual sent the message, and they cannot later say that they did not send a message. We accomplish this with DSS, or DSA, Digital Signature Standard, or Digital Signature Algorithm. When we're using email encryption to provide for security of our communications, we can use PGP which stands for Pretty Good Privacy.
This was a great free encryption program that is still available today but is no longer free. It is used frequently on Linux, and Unix machines, and it uses past phrases, and public PGP servers. It also supports self authentication where users can create, and distribute their own certificates and keys, and this is based on a web of trust.
It is important to remember with PGP that your public key must be downloaded before you can encrypt anything. Messages can be digitally signed to prove the authentication of the sender, and MailCrypt is a tool that can be used on Linux and Unix machines to use PGP. More popular is S/MIME or Secure/Multiurpose Internet Mail Extensions.
This is the standard used with Microsoft Exchange and Microsoft Outlook. This is very effective at protecting email messages, and it can help to eliminate email spoofing where a person pretends to be a different individual when they send a message. This uses digital certificates and digital signatures in a public key infrastructure, and it uses those digital signatures to prove a sender's identity.
This concludes our protecting data in transit module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!