landturn.com
  • Home
  • Blog
  • Reviews
  • NAACP
  • Contact
  • Home
  • Blog
  • Reviews
  • NAACP
  • Contact

Making sense of the encryption algorithm in cybersecurity

12/28/2021

0 Comments

 
I believe it was TLS 2.1 with [AES] GCM (Galois Counter Mode) that was the most difficult concept, because of the multilayers of encryption.

On the one hand, the block cipher (ciphertext?) is converted into a stream cipher (ciphertext?). It's beyond the scope of this course (and my math aptitude), but can the encryption algorithm convert the less-secure stream cipher into the more-secure block cipher instead?

On the other hand, Counter Mode combines block ciphertext and plaintext to best enhance encryption. Can the encryption algorithm combine the ciphertext with a stream ciphertext instead?
An excerpt from the prompt "Your Learning Journey" (coursera.org)
A key on an motherboard
Key on a motherboard (Credit: "Computer Protection" by perspec_photo88)

Jubalyn ExWilliams lives in Pennsylvania (United States). You can find her writings and commentaries, including "Making sense of the encryption algorithm in cybersecurity," at landturn.com/blog.

Related: Cybersecurity (Quiz)
​Related: Cybersecurity 3 (Notes)
Related: Cybersecurity: final project (Assignment)
Related: "Cybersecurity & Cyberwar" (2020)

Buy me a coffee
0 Comments

Cybersecurity: final project

12/27/2021

0 Comments

 
Note: This assignment wasn’t graded for accuracy, so some of the technical details might not be. Scenario prompt not included.

The company’s external website will require HTTP over TLS to create the most secure system over which paying customers can initiate transactions. If not by best practice, the company may by law need PCI DSS implementation for its payment system. Network-based firewall configurations must whitelist traffic for customer payment data and payment vendor services necessary to initiate, process, and finalize transactions.

A NIDS machine must be connected to the company switch and port mirroring must be enabled. The system can issue an alert if the network, for example, suspects a threat between:

  • The vendor payment system and the company website through which the customer initiates a payment
  • The vendor payment system and a configured network over which it may transmit consumer data for processing

If so, a corresponding NIPS system will terminate transmission of those sensitive data packets – which may contain stored customer data and more.

Aside from customers, team members may authenticate against a RADIUS server for access to the company’s intranet. For secure-yet-remote access, engineering employees can connect to the same intranet via a VPN authenticated against the same RADIUS server. If using a reverse proxy, they may authenticate, in part, with TLS client certificates. 

For purposes of network monitoring and auditing, a VLAN network can be applied to both tunneled traffic (engineering team) and non-tunneled traffic (all other team members). Whether roaming users (engineers) or mobile users (all other employees), the wireless connection should implement 802.1x with EAP-TLS for the strongest level of encryption given that the requisite RADIUS server is deployed.

For access to the intranet by devices, network-based firewall configurations can authorize whitelisting of employee laptops and other machines via MAC address. In addition to approved devices, network-based firewalls must whitelist only those services that team members use actively. 

To minimize the company network’s attack surface, it’s important that services or applications not in active use be disabled.

Employee laptops must enable an automatic screen-locking mechanism to prevent unlogged access to the hardware. Each laptop must have FDE to prevent data theft or tampering if the device is lost, stolen, or decommissioned. Further, a Key Escrow is recommended for data recovery of the hard drive if the FDE encryption key or password is forgotten.

It’s assumed that all employee laptops have host-based firewalls by way of their operating system.
Picture
Touch pad on a tablet (Credit: "Touch" by hernanpba)

Jubalyn ExWilliams lives in Pennsylvania (United States). You can find her writings and commentaries, including "Cybersecurity: final project," at landturn.com/blog.

Related: Cybersecurity (Quiz)
​Related: Cybersecurity 3 (Notes)
Related: Making sense of the encryption algorithm in cybersecurity (2021)
Related: No, your IP address isn't private info (2021)
Related: "Cybersecurity & Cyberwar" (2020)

Buy me a coffee
0 Comments

December Cheyney Challenge

12/14/2021

0 Comments

 
Please join the  #CheyneyChallenge , a monthly donation campaign for America's first HBCU. I made my most recent donation of $18.37 today.

Cheyney University of Pennsylvania
cheyney.edu
Est. 1837
​
The Cheyney Challenge is an initiative of alumnus Mr. Bright. I committed to it in 2015, and began donating the following year. ​
Three Cheyney students standing together on campus
Cheyney students | © The Philadelphia Tribune (Used by permission)

Related: November Cheyney Challenge (2021)
Related: December Cheyney Challenge (2020)
Related: December Cheyney Challenge (2022)
Related: Why Booker's sights for HBCUs has my support (2019)
Related: How Hennessy partnership can payoff for HBCU students (2019)
0 Comments

    Archives

    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    April 2019

© 2019 - 2023 | landturn.com | Jubalyn ExWilliams