CISSP Mini MasterClass Workbook

Contents
Domain 3.......................................................................................................................................................................................................... 4
Class 1 .......................................................................................................................................................................................................... 5
5 Services of Cryptography ..................................................................................................................................................................... 5
Cryptographic Definitions ....................................................................................................................................................................... 5
Encryption / Decryption .......................................................................................................................................................................... 6
Confusion | Diffusion | Avalanche .......................................................................................................................................................... 7
Methods of Encryption ........................................................................................................................................................................... 8
Substitution ............................................................................................................................................................................................. 8
Transposition .......................................................................................................................................................................................... 8
Transposition: Rail Fence (zigzag) Cipher ................................................................................................................................................ 8
Symmetric vs. Asymmetric Cryptography Overview ............................................................................................................................... 9
Symmetric Cryptography ........................................................................................................................................................................ 9
Out-of-band Key Distribution .................................................................................................................................................................. 9
Class 2 ........................................................................................................................................................................................................ 10
Symmetric Cryptography Recap ............................................................................................................................................................ 10
Mathematical MAGIC Key Pair .............................................................................................................................................................. 10
Asymmetric Cryptography .................................................................................................................................................................... 11
Hybrid Cryptography ............................................................................................................................................................................. 11
Hard Math Problems ............................................................................................................................................................................. 12
Hashing Functions ................................................................................................................................................................................. 12
Using Hashing to Verify Integrity .......................................................................................................................................................... 13
Digital Signatures .................................................................................................................................................................................. 13
Class 3 ........................................................................................................................................................................................................ 14
Services Provided by Digital Signatures ................................................................................................................................................ 14
Creating Digital Signatures .................................................................................................................................................................... 14
Using Digital Signatures to Verify Integrity & Authenticity ................................................................................................................... 15
Non-repudiation.................................................................................................................................................................................... 15
Digital Signatures & Man-in-the-middle Attacks................................................................................................................................... 16
Digital Certificates ................................................................................................................................................................................. 16
Complete CISSP MasterClass................................................................................................................................................................. 16
 Domain 3
Security Architecture and Engineering
Class 1

5 Services of Cryptography

Cryptographic Definitions
• Art and science of writing secrets
• Accomplished by a cryptosystem

© Destination Certification Inc. 5

Encryption / Decryption

Encryption

Decryption

Crypto variable

Key clustering

Work factor

Nonce
(Initialization
Vector)

6 © Destination Certification Inc.

Confusion | Diffusion | Avalanche

Small
Change
BIG
Change

Confusion

Diffusion

Avalanche

© Destination Certification Inc. 7

Methods of Encryption
Substitution Transposition

Substitution

Transposition

Transposition: Rail Fence (zigzag) Cipher

8 © Destination Certification Inc.

Symmetric vs. Asymmetric Cryptography Overview
Symmetric Asymmetric

Symmetric Cryptography
Advantages Disadvantages

Out-of-band Key Distribution

Next up: Knowledge Assessment!

Make sure to carefully review your Knowledge Assessment Results. In particular,
look at each question you got Wrong or marked as “Don’t know” and use the in-
depth study materials (simply click on a question to expand it and reveal the related
study materials) to learn more about the topic underlying the question.

© Destination Certification Inc. 9

Class 2

Symmetric Cryptography Recap

Plaintext Ciphertext Plaintext

Encrypt Decrypt

Key Key

Mathematical MAGIC Key Pair

Mathematical

MAGIC
Private Key Public Key

10 © Destination Certification Inc.

Asymmetric Cryptography

Advantages Disadvantages

Hybrid Cryptography
Asymmetric

Alice Bob
Bob’s Public Key Bob’s Private Key
Symmetric

© Destination Certification Inc. 11

Hard Math Problems

Factoring & Discrete Logs asymmetric algorithms depend on using very large prime
numbers

When using such large numbers, it is very difficult to work backwards to determine
the original integers

Hashing Functions

Lorem Ipsum

Hashing Function

01101010

12 © Destination Certification Inc.

Using Hashing to Verify Integrity

Alice Bob

42 in the 42 in the
tridecimal tridecimal
H H
numeral numeral
system system
Verify

Alice Baddie Bob

4_ in the 4_ in the 4_ in the

tridecimal tridecimal tridecimal
H H H
numeral numeral numeral
system system system
Verify

Digital Signatures

Next up: Practice Test!

Make sure to carefully review your Practice Test Results. In particular, look at each
question you got Wrong or marked as “Don’t know” and use the in-depth study
materials (simply click on a question to expand it and reveal the related study
materials) to learn more about the topic underlying the question.

© Destination Certification Inc. 13

Class 3

Services Provided by Digital Signatures

Creating Digital Signatures

14 © Destination Certification Inc.

Using Digital Signatures to Verify Integrity & Authenticity

Alice Bob

42 in the H 42 in the H
tridecimal tridecimal
numeral numeral
system system

Verify

Non-repudiation

Non-repudiation
+

© Destination Certification Inc. 15

 Digital Signatures & Man-in-the-middle Attacks

Alice Baddie Bob

42 in the 43 in the H 43 in the

42 H
tridecimal tridecimal tridecimal
numeral numeral numeral
system system
# system

Baddies’s Alice’s
Private Key Public Key

Verify
# #

Digital Certificates

Digital Certificate

Name: Alice
Organization: NASA
Country: Canada

Alice’s
Public Key

Complete CISSP MasterClass

Hey, I hope you found this Mini MasterClass on Cryptography helpful in your
studies!

It is incredibly rewarding to help folks like yourself learn, become better security
professionals, and achieve your CISSP certification!

You’ve gotten a glimpse of our complete CISSP MasterClass that is the easiest way
for you to achieve your CISSP certification.

If you’d like to have a clear study path laid in front of you, check-out all the details,
and enrol in on our CISSP MasterClass here: destcert.com/CISSP

All the best in your studies!

Rob

16 © Destination Certification Inc.