Encryption is one of the most common controls used to protect sensitive information. In this video, learn how encryption protects data at rest when used for full disk, file, and database encryption. Also learn the use of hardware encryption technology, including hardware security modules, the Trusted Platform module, and hardware devices with built-in encryption technology, including USB drives and hard drives.
- [Instructor] Encryption is one of the most common controls…used to protect sensitive information.…When you encrypt a file or other form of data,…you take its plain text form…and use a mathematical algorithm to transform it,…using an encryption key,…into a version that is unreadable to someone…who does not have the corresponding decryption key.…This makes it possible to take sensitive information,…encrypt it, and store it in insecure locations…or transmit it over insecure networks.…If the encryption is strong,…the information will remain safe.…
We normally encrypt information using some type of software.…For example, the AES Crypt software package…available for Windows, Mac, and Linux systems,…implements the US government's…advanced encryption standard to encrypt files.…Let's take a quick look and how we can encrypt a file…using AES Crypt on a Linux system.…Let's go ahead and list the file contents…of my home directory.…And as you can see here, I have a file called AES.html.…If I look at the contents of my file,…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage