Professional Documents
Culture Documents
PAST YEAR CS
PAST YEAR CS
individual who specializes in practice and study of techniques to secure communication and data
protection
example : design and analyze cryptographic systems, algorithms, and protocols to ensure the
confidentiality, integrity, and authenticity of information.
a professional person who is practice of analyzing and breaking cryptographic systems to understand
their vulnerabilities.
set of algorithms and protocols designed to secure communication and protect the confidentiality,
integrity, and authenticity of information.
make sure your software is updated and don't download any file from unknown page
hidden entry points that allows unauthorized user access the system
EXAMPLE : An attacker intercepts on unencrypted Wi-Fi between a user's device and a router
versatility - can be used for any type of data, symmetric key algorithm suitable for encrypting binary data
1. DIGITAL SIGNATURE
2. PASSWORD STORAGE
3. EMAIL AUTHENTICATION
stream ciphers block cipher
- more complex - simple
- uses only confusion - uses confusion and diffusion
- fast - slow
- less secure when the same key used multiple times - more secure even the same key is used multiple times
uses higher length key sizes
easy to implement
1 x 12
2x6
3x4
4x3
5x?
e=5
m^e mod n
11^5 mod 21
c=2
c^d mod n
2^5 mod 21
= 11
-Physical Layer (Layer 1):
Security Precautions:
Restricted Access: Control physical access to networking equipment, data centers, and other critical infrastructure.
Surveillance: Implement surveillance systems to monitor physical security.
Environmental Controls: Ensure environmental controls (temperature, humidity) to prevent hardware damage.
Security Precautions:
MAC Address Filtering: Restrict access based on MAC addresses to prevent unauthorized devices from connecting to
the network.
VLAN Segmentation: Use Virtual LANs to segregate network traffic and improve security.
Port Security: Limit the number of MAC addresses that can be connected to a switch port.
Security Precautions:
Firewalls: Implement firewalls to control incoming and outgoing traffic.
Intrusion Detection and Prevention Systems (IDPS): Monitor network traffic for suspicious activities and take action
accordingly.
Virtual Private Network (VPN): Use VPNs for secure remote access and encrypted communication over the internet.
Security Precautions:
Transport Layer Security (TLS): Encrypt data in transit using protocols like HTTPS for web traffic.
Secure Socket Layer (SSL): Ensure secure communication for applications that use SSL/TLS.
Access Control Lists (ACLs): Use ACLs to control access at the transport layer.\
Security Precautions:
Session Tokens: Use secure session tokens for authentication and authorization.
Session Timeout: Implement session timeouts to automatically log out inactive users.
Secure Cookies: Ensure secure handling of session cookies to prevent session hijacking.
Security Precautions:
Data Encryption: Implement encryption and encoding techniques for secure data presentation.
Secure File Formats: Use secure file formats to prevent vulnerabilities related to file parsing.
Content Security Policies: Implement security policies to control the types of content that can be displayed.
Security Precautions:
Authentication Mechanisms: Implement strong user authentication mechanisms.
Authorization Controls: Enforce proper access controls to restrict user permissions.
Regular Software Updates: Keep applications and software up-to-date to patch vulnerabilities.