From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Data obfuscation
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment
Data obfuscation
- [Instructor] An alternative to removing data from a dataset is transforming it into a format where the original information can't be retrieved. This is a process called data obfuscation, and we have several tools at our disposal to assist with this process. First, we can use a hash function to transform a value in our dataset to a hash value. Remember from our discussion of hash functions that they are one-way functions. If we apply a strong hash function to a data element, we may replace the value in our file with the hashed value. While it isn't possible to retrieve the original value directly from the hashed value, there is one major flaw to this approach. If someone has a list of possible values for a field, they can conduct something called a rainbow table attack. In this attack, the attacker precomputes the hashes of those candidate values and then checks to see if those hashes exist in the data file. Let's say that…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.