Tutorial / Cram Notes

Encryption is the process of converting plain text into a coded message, known as ciphertext, using an algorithm and an encryption key. This ensures that only authorized parties can access the original information. Encryption is used to protect data at rest, data in transit, and even data in use.

There are two primary types of encryption:

Symmetric Encryption

Symmetric encryption, also known as private-key or secret-key encryption, uses the same key for encryption and decryption. It is fast and efficient, making it ideal for encrypting large amounts of data. However, the key distribution process can be a security risk, as the same key must be shared with anyone who needs to decrypt the data.

Example: AES (Advanced Encryption Standard)

Asymmetric Encryption

Asymmetric encryption, or public-key encryption, employs a pair of keys: a public key, which can be shared with everyone, and a private key, which is kept secret. The public key encrypts the data, while the private key is used for decryption. Asymmetric encryption is slower than symmetric encryption and is commonly used for secure key exchange and digital signatures.

Example: RSA (Rivest–Shamir–Adleman)

Symmetric Encryption Asymmetric Encryption
Key Usage Single key (private) Two keys (public/private)
Speed Faster Slower
Use Cases Bulk data encryption Key exchange, digital signatures
Security Dependent on key secrecy Dependent on keeping the private key secret

Hashing

Unlike encryption, which is reversible, hashing is a one-way process that converts data of any size into a fixed-size string of characters, which represents the data’s fingerprint or digest. Hash functions are designed to be collision-resistant, meaning that it should be practically impossible for two different inputs to produce the same hash output.

Hashing is commonly used for verifying data integrity and for securely storing passwords. When a user creates a password, the system stores the hash of the password rather than the password itself. Upon login, the system hashes the entered password and compares it to the stored hash.

Example: SHA-256 (Secure Hash Algorithm 256-bit)

Encryption Hashing
Purpose Conceal data content Verify data integrity
Process Reversible (two-way) Irreversible (one-way)
Key Required (except in password-base encryption) No key involved
Output Size Variable, can be the same or larger than input Fixed size
Use Cases Protecting data confidentiality Data integrity checks, password storage

Understanding encryption and hashing is vital for any professional in the field of security. These cryptographic methods serve as the backbone for secure communication and the preservation of data integrity across a myriad of digital platforms and services. In the context of Microsoft security solutions, encryption and hashing play a pivotal role in securing data within Azure services, Office 365, and other Microsoft technologies, closely aligning with objectives covered in the SC-900 exam.

Practice Test with Explanation

True or False: Encryption is the process of converting plaintext into an unreadable format using a cipher.

  • Answer: True

Encryption is indeed the process that transforms readable data (plaintext) into an unreadable format (ciphertext) using a cipher algorithm and a key.

True or False: Hashing requires a key to convert the input data into a fixed-size string of characters.

  • Answer: False

Hashing does not use a key and converts input data into a fixed-size string of characters, which is typically a hash value that cannot be reversed to its original form.

Multiple Choice: Which of the following are properties of a secure hash function? (Select all that apply)

  • A) Irreversible
  • B) Fixed output length
  • C) Key-dependent
  • D) Collision-resistant

Answer: A, B, D

A secure hash function is irreversible (A), produces a hash value with a fixed output length (B), and is designed to be collision-resistant (D), meaning it’s computationally infeasible to find two different inputs that produce the same output. Hash functions are not key-dependent (C); that’s a property of keyed-hash functions like HMAC.

True or False: Symmetric encryption uses the same key for encryption and decryption.

  • Answer: True

Symmetric encryption indeed uses the same secret key for both encrypting and decrypting the information.

Single Choice: What is the main difference between symmetric and asymmetric encryption?

  • A) Symmetric encryption is slower than asymmetric encryption.
  • B) Asymmetric encryption uses two keys instead of one.
  • C) Hashing is involved in symmetric encryption but not in asymmetric encryption.
  • D) Symmetric encryption does not provide confidentiality.

Answer: B

Asymmetric encryption uses two distinct keys – a public key and a private key. This is the main difference from symmetric encryption which uses a single shared secret key.

True or False: A hash function can be used to ensure the integrity of data.

  • Answer: True

Hash functions are used to verify the integrity of data by producing a unique hash value from the data; any alteration to the data would result in a different hash value.

Multiple Choice: Which of these is a use case for encryption? (Select all that apply)

  • A) Verifying data integrity
  • B) Protecting data confidentiality
  • C) Authenticating user identities
  • D) Compressing data to save space

Answer: B, C

Encryption is used for protecting data confidentiality (B) by making it unreadable to unauthorized users and can be used for authenticating user identities (C) through the use of digital signatures and cryptographic protocols. It is not used for verifying data integrity (A) – that’s a use case for hashing, nor for compressing data (D).

True or False: Salting is a technique used in encryption to enhance security.

  • Answer: False

Salting is actually a technique used in hashing, where a random value (salt) is added to the input before hashing to ensure unique hash values and defend against dictionary attacks and rainbow tables.

Single Choice: Which encryption method is typically used to secure data at rest?

  • A) Hash functions
  • B) Symmetric encryption
  • C) Asymmetric encryption
  • D) TLS

Answer: B

Symmetric encryption, due to its speed and efficiency, is commonly used for securing data at rest. Asymmetric encryption is often used for data transmission, hash functions for integrity, and TLS for securing communications over a network.

True or False: Once data is encrypted, it is completely safe and cannot be compromised.

  • Answer: False

Encrypted data can still be vulnerable to attacks such as poor key management, security flaws in implementation, and sophisticated cryptographic attacks, so it’s not completely safe.

Single Choice: What does a hashing algorithm NOT provide?

  • A) Data integrity
  • B) Authentication
  • C) Confidentiality
  • D) Non-repudiation

Answer: C

A hashing algorithm does not provide confidentiality, as it is not designed to hide information but rather to uniquely represent the data for integrity checks.

True or False: Asymmetric encryption is generally faster than symmetric encryption and preferred for real-time communication.

  • Answer: False

Asymmetric encryption is considerably slower than symmetric encryption due to the complexity of the calculations involved. Symmetric encryption is preferred for real-time communication due to its speed and efficiency.

Interview Questions

What is encryption?

Encryption is a method of converting data into a secret code to protect its confidentiality.

What is hashing?

Hashing is a method of converting data into a fixed-size string of characters that represents the original data.

How does encryption help with data protection?

Encryption helps protect data by making it unreadable to anyone who doesn’t have the encryption key, even if the data is intercepted or stolen.

What is end-to-end encryption?

End-to-end encryption is a form of encryption that ensures that only the sender and intended recipient can read a message, and not anyone in between.

What are the benefits of using encryption in Microsoft 365?

Using encryption in Microsoft 365 helps protect your data at rest and in transit, including email, files, and other types of data.

How does Microsoft 365 implement encryption?

Microsoft 365 uses various encryption technologies, including BitLocker, SSL/TLS, and S/MIME, to help protect data at rest and in transit.

What is BitLocker encryption?

BitLocker is a full-disk encryption feature included in some editions of Windows that helps protect data on a computer or mobile device.

What is SSL/TLS encryption?

SSL/TLS encryption is a protocol used to encrypt data in transit over the internet, such as when accessing a website.

What is S/MIME encryption?

S/MIME encryption is a protocol used to encrypt email messages, including attachments, to help protect them from interception or tampering.

How can you enable encryption for data in Microsoft 365?

To enable encryption for data in Microsoft 365, you can use features such as Azure Information Protection, S/MIME, and Office 365 Message Encryption.

0 0 votes
Article Rating
Subscribe
Notify of
guest
24 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Amelia Pierce
5 months ago

Can someone explain the primary difference between encryption and hashing?

Gloria Holguín
2 years ago

Great post! This helped clarify a lot of my doubts about SC-900.

Barb Morris
1 year ago

Could someone highlight real-world use cases for hashing?

Simon Caron
2 years ago

I’m still confused about symmetric and asymmetric encryption. Can anyone provide a simple example of each?

Priya Vernekar
1 year ago

This blog post barely scratches the surface of encryption. More depth would have been appreciated.

Chloé Dumont
1 year ago

How does one ensure the hash function used is strong enough for security purposes?

علی علیزاده

Can hashing be used for encryption? Is there any scenario where it makes sense?

Linda Warren
1 year ago

Thanks! This cleared up a lot of questions for my SC-900 exam prep.

24
0
Would love your thoughts, please comment.x
()
x