|
To Contact Me |
|
Phone: 07768 113497 Fax: 01473 423491 |
|
CISSP Domain 5 : CRYPTOGRAPHY |
|
Home Page | Network Penetration Testing | Firewall and VPN Engineering | Network Design | Security Policy | Network Support | Employment / Contract History | CV and References | Personal |
|
.Overview The Cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality, and authenticity. The candidate will be expected to know basic concepts within cryptography; public and private key algorithms in terms of their applications and uses; algorithm construction, key distribution and management, and methods of attack; and the applications, construction and use of digital signatures to provide authenticity of electronic transactions, and nonrepudiation of the parties involved. Key Areas of Knowledge § Use of Cryptography to achieve § Confidentiality § Integrity § Authentication § Non-repudiation § Cryptographic Concepts, Methodologies, and Practices § Symmetric Algorithms § Asymmetric Algorithms § Message Authentication § Digital Signatures § Non-Repudiation § Encryption/Decryption § Basic functionality of cryptographic algorithms including DES, RSA, SHA, MD5, HMAC, and DSA § Strengths and weaknesses of cryptographic algorithms and effects of key length § Basic functions involved in key management, including creation, distribution, verification, revocation, destruction, storage, recovery and life span and how these functions effect cryptographic integrity § Key Distribution Methods and Algorithms including manual, Kerberos, and ISAKMP § Error Detecting/Correcting Features § Hash Functions § Message Digests including MD5, SHA, and HMAC § One-Time Cipher Keys (Pads) § Stream Ciphers and Block Ciphers § Key Escrow and Key Recovery § Private Key Algorithms § Applications and Uses § Algorithm Methodology § Key Distribution and Management § Key Generation/Distribution § Key Recovery § Key Storage and Destruction § Key Strength § Complexity § Secrecy § Weak Keys § Public Key Algorithms § Applications and Uses § Algorithm Methodology § Key Distribution and Management § Key Generation § Key Recovery § Key Storage and Destruction § Key Strength § Complexity § Secrecy § Weak Keys § Public Key Infrastructure (PKI) § Certificate Authorities § Components § Hierarchical Structure § Certificates § Types and Classes § How certificates are issued, verified, distributed, and revoked § Hierarchy Chain § System Architecture for Implementing Cryptographic Functions § Use of application and network-based protocols including PEM, S/MIME, SSL, HTTPS (also known as SHTTP), SET, IPSEC § Application of hardware components such as smart cards and tokens § Application of cryptographic components such as IPSEC nodes/ISAKMP |
|
§ Methods of Attack § COA § KPA § CTA including CPA, ACPA, and CCA § Brute Force § CRACK § Replay § MIM § Birthday |