From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Cryptography: Public key infrastructure and certificates
From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Cryptography: Public key infrastructure and certificates
- [Instructor] Okay, let's talk about public key infrastructures and certificates, PKIs and certificates. So, why do we need a PKI? Well, PKI helps us with a particular problem. Look, users can generate their own public and private key pairs and exchange them. The problem is, there's nothing on a public key that says this is really Mike's public key. If you look at a raw public key, it's much like we saw earlier with our hash algorithms, like we saw the message digest, it's a string of some hexadecimal stuff or some Base64-encoded material. There's nothing that says that's really for Mike. So, if you receive a public key in an email from Bob saying, hey, encrypt anything you wanna send confidentially to me and use this key. Well, how do you know it's really Bob and not Johnny Hacker's or Dave's? You don't. What you really need is for some trusted third party to vouch for the identity of the owner of the public key, and that's what PKI and certificates are all about. A PKI binds some…
Contents
-
-
-
-
(Locked)
Data security2m 44s
-
(Locked)
Access control models15m 51s
-
(Locked)
Single sign-on9m 21s
-
(Locked)
Centralized access control9m 49s
-
(Locked)
Network security: Firewalls13m
-
(Locked)
Authentication protocols4m 12s
-
(Locked)
VPNs and tunneling10m 6s
-
(Locked)
Domain names system6m 20s
-
(Locked)
Cryptography overview: Part 113m 49s
-
(Locked)
Cryptography overview: Part 212m 28s
-
(Locked)
Cryptography: Hash algorithms and digital signatures6m 4s
-
(Locked)
Cryptography: Public key infrastructure and certificates10m 27s
-
(Locked)
PBX and VOIP security7m 33s
-
(Locked)
Secure protocols7m 11s
-
(Locked)
Wireless security10m 15s
-
(Locked)
Internet of Things and endpoint security2m 42s
-
(Locked)
Third-party vendor controls4m 37s
-
(Locked)
Physical and environmental security3m 6s
-
(Locked)
Security assessment and testing4m
-
(Locked)
Evidence collection and forensics3m 27s
-
(Locked)
-
-
-