Cryptography
Cryptography
Cryptography and cryptographic systems are essential tools for ensuring information security. Cryptography is used to uphold various security policies, such as authentication, confidentiality, integrity, and other policies. In the cryptography course, we covered a range of topics including stream ciphers, block ciphers, one-way hashing, message integrity, symmetric and asymmetric encryption, key exchange techniques, public key protocols, key and certificate generation and management, and evaluating the strength of cryptographic implementations. The paper below outlines the organizational needs for cryptographic controls, along with the types and recommendations. These examples can guide organizations in making their choices and implementing options.
Cryptography and cryptographic systems are essential tools for ensuring information security. Cryptography is used to uphold various security policies, such as authentication, confidentiality, integrity, and other policies. In the cryptography course, we covered a range of topics including stream ciphers, block ciphers, one-way hashing, message integrity, symmetric and asymmetric encryption, key exchange techniques, public key protocols, key and certificate generation and management, and evaluating the strength of cryptographic implementations. The paper below outlines the organizational needs for cryptographic controls, along with the types and recommendations. These examples can guide organizations in making their choices and implementing options.
| cryptographic_controls.pdf |
Reflection
Ensuring the security of a company is imperative, and cryptography plays a vital role in achieving this goal. It involves using algorithms to encode messages that can only be deciphered with a key. Cryptography has vast applications across various industries and fields where secure data transfer is crucial. Cryptography guarantees that the information remains unaltered, both during transit and storage, from the sender to the intended recipient.
As part of my job, I help network teams develop a comprehensive vulnerability management program. This includes identifying and addressing potential security risks, both known and unknown. By understanding how digital signatures can be used to detect forgery or tampering in financial transactions and software distribution, I will be able to get more involved with wider security objectives.
Embarking on a career as a Cybersecurity professional involves shouldering significant ethical and professional obligations. The Cryptography course offers valuable knowledge and skills to help ensure the confidentiality, integrity, and availability of sensitive information, in line with the core principles of the CIA triad.
References:
Microsoft Learn. (2023, February 27). Security and data protection considerations for windows to go (windows 10) - windows deployment. https://learn.microsoft.com/en-us/windows/deployment/planning/security-and-data-protection-c onsiderations-for-windows-to-go
NIST. (2008, July 07). BitLocker Drive Encryption Security Policy. For FIPS 140-2 Validation. https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/s ecurity-policies/140sp1053.pdf
Wisdom, A. (2022). A Complete NIST Compliance Checklist. https://www.datalinknetworks.net/dln_blog/a-complete-nist-compliance-checklist-1
