Domain 3 Overview and Cryptography Introduction

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Alright folks, here we find ourselves
00:00
>> at the Domain Three.
00:00
>> With Domain One, we talked about
00:00
information security and risk management.
00:00
We moved into domain two
00:00
and talked about assets security.
00:00
Now we're on to Domain Three,
00:00
which is security, architecture and engineering.
00:00
Now this is rather a large chapter and in my mind,
00:00
it really is best broken down
00:00
>> into two discrete sections.
00:00
>> The first part of
00:00
this domain is going to be Cryptography.
00:00
When we talk about cryptography,
00:00
that's a pretty lengthy discussion
00:00
because we're going to start
00:00
all the way at the very beginning with
00:00
some historical uses of cryptography.
00:00
All the way to the point where we
00:00
look at cryptographic attacks today.
00:00
There's a lot of information on cryptography.
00:00
Then the second part of Domain Three
00:00
is security architecture and design.
00:00
That's more looking at
00:00
the different elements that go into a computer system.
00:00
The pieces that come together
00:00
to support the security policy.
00:00
That's a separate section as well.
00:00
I always think of this as Domain Three,
00:00
having two discrete parts.
00:00
The first part we're going to look at is we are going
00:00
to look at cryptography.
00:00
Our agenda for cryptography,
00:00
we're going to start out by looking
00:00
at cryptography throughout history.
00:00
This isn't just an academic reflection on the past.
00:00
This actually is material that
00:00
could show up on the exam itself.
00:00
They have been known to ask questions
00:00
about cryptography and Caesar's time.
00:00
The reason for that is really that so much of what
00:00
we do today is based on what we did,
00:00
thousands of years ago.
00:00
We can see that correlation and the evolvement
00:00
or the evolution rather
00:00
of cryptography throughout the years.
00:00
Then we're going to start with the basics.
00:00
I always tried to teach crypto as
00:00
if you don't have experience with
00:00
cryptography because i know a lot of people
00:00
come to this class without that experience.
00:00
Even folks that have experience may only know
00:00
the aspects of what they do at work,
00:00
but may not understand the under
00:00
working pieces and how it all comes together.
00:00
We're not going to get miles and miles deep.
00:00
We don't have to go into a big discussion
00:00
on modular mathematics
00:00
or you don't need a doctorate
00:00
of cryptography to follow along.
00:00
We'll keep it at the level appropriate for the exam.
00:00
All right, now from the basics we're going to then
00:00
step out and branch out into symmetric cryptography,
00:00
asymmetric cryptography and hybrid cryptography.
00:00
How symmetric and asymmetric work together.
00:00
Because they both have benefits
00:00
and they both have drawbacks.
00:00
If we can use the two of them together,
00:00
we get the best of both worlds.
00:00
Now from there we're going to talk about
00:00
a public key infrastructure.
00:00
Which is going to be necessary in
00:00
environments where you're going to support
00:00
things like digital signatures.
00:00
We'll talk about what those are and why we need them.
00:00
We'll move on to talking about mac.
00:00
MAC is one of those fun acronyms.
00:00
That means something different
00:00
every single time we look at it.
00:00
Today's meaning, or this chapters meaning of
00:00
the acronym for Mac is message authentication code.
00:00
It's a message authentication code.
00:00
That's going to provide us a combination
00:00
of integrity and authenticity.
00:00
We'll then move on to IPSec, IP security.
00:00
We'll talk about how we can protect both IP4 and IP6.
00:00
Traffic with IPSec will
00:00
reference at a high level e-mail
00:00
>> cryptosystems primarily
00:00
>> focusing on the standards based systems that use
00:00
s mime and then the more proprietary tool of PGP.
00:00
We'll compare and contrast those options.
00:00
Then we'll wrap things up with looking at
00:00
some common attacks on cryptography.
00:00
That's the work that we have set
00:00
out for us here in Domain Three.
Up Next