WEBVTT 1 00:00:00.000 --> 00:00:01.180 foreign [Music] 2 00:00:25.200 --> 00:00:32.520 The topic coming up is Internet Encryption Part One. 3 00:00:35.640 --> 00:00:38.580 and we'll go ahead and start with the first question. 4 00:00:42.600 --> 00:00:45.900 This question involves blockchain. 5 00:00:47.520 --> 00:00:54.960 Which of the following statements are true about blockchain technology? You are asked to choose all 6 00:00:54.960 --> 00:01:01.200 that apply; please take a moment read to the choices and then let's see what you're thinking. 7 00:01:07.800 --> 00:01:15.420 We've got me responses coming into the chat and let's see what people are thinking. 8 00:01:17.100 --> 00:01:27.480 C, let's see here; there we go B, B, D and C. 9 00:01:28.680 --> 00:01:36.480 It doesn't look like anybody's saying A. Let's talk about that. Bockchain is centralized. 10 00:01:38.160 --> 00:01:46.260 If you know anything about blockchain you know it's not. We’ve got votes for B and C, D and B. 11 00:01:46.260 --> 00:01:54.960 Blockchain is recorded in a public Ledger and that is the correct answer. 12 00:01:58.680 --> 00:02:04.560 Third choice: Blockchain only deals with financial transactions like cryptocurrencies. 13 00:02:05.220 --> 00:02:09.000 Is that true? Is blockchain only used for crypto? 14 00:02:12.840 --> 00:02:23.220 No, that is not true. No. That leaves choice D, everyone has the equivalent ability 15 00:02:23.220 --> 00:02:29.580 to see every blockchain transaction, which of course is a strong site. 16 00:02:31.500 --> 00:02:43.500 That is one of the strengths of blockchain. Blockchain’s also used for non-cryptocurrency 17 00:02:43.500 --> 00:02:54.000 Applications. Can anyone name an application and something that's probably near and dear 18 00:02:54.000 --> 00:02:59.820 to all of our hearts. Non-crypto-based application of blockchain. 19 00:03:00.960 --> 00:03:03.960 Go ahead. 20 00:03:07.440 --> 00:03:10.140 Could you say that again please? 21 00:03:16.140 --> 00:03:23.940 You said one that's near and dear to our hearts? Yes, it’s been in the news a bit. 22 00:03:28.800 --> 00:03:31.260 How about voting? 23 00:03:33.480 --> 00:03:34.260 Right. 24 00:03:37.560 --> 00:03:45.240 Let's see another one could be the food sector. 25 00:03:46.620 --> 00:03:53.880 You could have blockchain acting like sort of a trusted third party between brands and consumers. 26 00:03:55.440 --> 00:04:00.480 It does provide traceability; let's see what we have in the chat. 27 00:04:02.700 --> 00:04:07.020 NFTs, non-fungible tokens. 28 00:04:09.480 --> 00:04:13.440 Traceability is an advantage. 29 00:04:16.560 --> 00:04:23.220 Does it would allow us for example to understand and and follow the origin 30 00:04:23.220 --> 00:04:29.880 of a product and follow it through its path through processing and even the distribution. 31 00:04:32.400 --> 00:04:43.800 As we've mentioned voting, corporate social responsibility. I think pretty much 32 00:04:43.800 --> 00:04:57.540 anything that is easily verified and not easily distorted. Not just for crypto. 33 00:05:09.180 --> 00:05:12.600 The next question: FTPS 34 00:05:13.980 --> 00:05:21.000 Which of the following scenarios would an FTPS solution be best suited for? 35 00:05:23.880 --> 00:05:27.600 Take a moment and look at the responses 36 00:05:35.760 --> 00:05:36.360 37 00:05:43.800 --> 00:05:54.600 We've got votes for D and B but then a retraction on the D. 38 00:05:55.380 --> 00:06:03.060 Let's say B the second one and that is the correct answer. A group wants to 39 00:06:03.060 --> 00:06:10.500 improve confidentiality by using SSL or TLS to encrypt data file transfers. 40 00:06:12.840 --> 00:06:16.980 Choice two works 41 00:06:19.080 --> 00:06:28.620 in the question because FTPS uses both SSL or TLS. Choice three 42 00:06:30.780 --> 00:06:34.320 a group wants to monitor and manage firewall traffic 43 00:06:36.300 --> 00:06:51.060 Is that reasonable. No, it's not used to monitor firewall traffic. Choice four: A group wants 44 00:06:51.060 --> 00:06:57.060 there to be a secure link between the client and server using SSH to transfer data files. 45 00:06:59.160 --> 00:07:08.460 Now, at first glance it might look right but it's not. 46 00:07:11.400 --> 00:07:22.860 If I ask what is the difference between FTPS and SFTP 47 00:07:24.300 --> 00:07:29.940 What do you think? That's a good question. I was going to ask if it was a typo. No. 48 00:07:32.460 --> 00:07:45.600 SFTP builds on secure shell protocol and adds on file transfer capabilities; FTPS builds on file 49 00:07:45.600 --> 00:07:55.740 transfer protocol and that's a security and encryption layer. 50 00:07:58.980 --> 00:08:00.840 Let’s move on to the next question. 51 00:08:07.740 --> 00:08:19.380 Key entropy: For a cryptographic system to better withstand brute force attacks, 52 00:08:20.160 --> 00:08:30.060 it is important that it exhibits high entropy. One element that plays a significant role in 53 00:08:30.060 --> 00:08:37.140 strengthening an encrypted keys entropy is by adjusting which of the following? 54 00:08:39.780 --> 00:08:46.440 I think it's obvious that you need to know what entropy is. 55 00:08:51.960 --> 00:08:53.580 So what is it? 56 00:08:58.500 --> 00:09:01.080 What would you say it does? 57 00:09:03.600 --> 00:09:04.920 or is involved with? 58 00:09:10.620 --> 00:09:22.860 We have a response - disorder. Let's see we have another response - randomness 59 00:09:22.860 --> 00:09:35.400 Unpredictability, uncertainty - we could say that. Insecurity. It’s a measure of the amount of 60 00:09:35.940 --> 00:09:41.940 uncertainty and attacker faces to determine the value of a secret 61 00:09:43.260 --> 00:09:54.420 and is usually stated in bits. Key entropy involves the size of a key space. 62 00:09:55.620 --> 00:10:00.900 Given that, what do you think is the correct answer to this question? 63 00:10:02.460 --> 00:10:09.720 Key length. Yes, key length is correct. Let’s see what our choices are. Yep, everybody’s got A. 64 00:10:10.320 --> 00:10:19.440 Key entropy is improved. Remember we're talking about uncertainty 65 00:10:20.280 --> 00:10:27.900 Is improved with a larger key space. The larger the key space basically the better the encryption 66 00:10:28.620 --> 00:10:35.460 A larger key space has more possible values that would need to be calculated. 67 00:10:36.180 --> 00:10:42.300 If somebody's trying to crack the key and of course you can see where brute 68 00:10:42.300 --> 00:10:49.200 force attacks would bring into this, the larger the space the domain if you will 69 00:10:49.980 --> 00:10:57.480 the tougher it is and the more uncertainty faced by the attacker. 70 00:11:00.060 --> 00:11:01.620 All right good 71 00:11:05.460 --> 00:11:06.900 72 00:11:13.560 --> 00:11:17.160 The next question: regex 73 00:11:18.960 --> 00:11:27.600 You use the regex command on a Windows server to configure security settings to the registry. 74 00:11:28.440 --> 00:11:40.560 50/50 here. This is true or false. False. False. Anybody think it's true 75 00:11:44.220 --> 00:11:55.080 What are they doing here? The play on words with registry and regex. Absolutely, regex 76 00:11:56.400 --> 00:12:07.200 regular expression - and reg edit - very very close so kind of fooling around with 77 00:12:07.200 --> 00:12:14.100 the two words in the meaning saying yes the answer is false not to confuse 78 00:12:14.760 --> 00:12:24.540 regular expressions with registry editing. They just sound alike. I kind of think this 79 00:12:24.540 --> 00:12:34.320 is one of those really nice questions that the kind you'd like to see. False. 80 00:12:45.360 --> 00:12:52.020 SSH- A secured link is created between the client and server 81 00:12:52.680 --> 00:12:58.920 using SSH over which standard TCP port? 82 00:13:01.260 --> 00:13:08.580 It looks like we have some well-known port numbers here. Oh, no, 22. We've got a 83 00:13:08.580 --> 00:13:15.300 response and people coming in the chat and it is in fact 22. 84 00:13:16.440 --> 00:13:27.000 All right. 443 is what? HTTPS Yes, HTTPS 85 00:13:30.060 --> 00:13:38.400 23? FTP Telnet protocol 86 00:13:40.560 --> 00:13:46.980 87 00:13:46.980 --> 00:13:54.660 88 00:13:55.440 --> 00:14:04.080 All right, lesson learned. Know your well-known port numbers. 89 00:14:07.500 --> 00:14:09.540 Question 90 00:14:14.160 --> 00:14:15.000 91 00:14:17.640 --> 00:14:24.660 Types of hardware 92 00:14:27.060 --> 00:14:35.040 Which type of hardware is needed if you decide to store digital certificates and cryptographic keys? 93 00:14:43.740 --> 00:14:51.480 We’ve got some answers coming in the chat. 94 00:14:57.480 --> 00:15:09.480 Lots of votes for TPM, trusted platform module. Key locker, not correct; Thumb drive, not a 95 00:15:09.480 --> 00:15:17.820 good choice. That leaves us with Hardware security modules and TPMs, trusted platform modules. 96 00:15:20.700 --> 00:15:25.260 How does this relate? How do the two relate to each other? 97 00:15:33.540 --> 00:15:35.400 We have a response. 98 00:15:38.280 --> 00:15:45.000 Again is for software. That's interesting - HSMS are 99 00:15:45.960 --> 00:15:54.360 hardened tamper-resistant hardware devices that strengthen encryption practices by generating keys, 100 00:15:54.360 --> 00:16:03.720 encrypting and decrypting data and creating and verifying digital signatures a TPM is a computer 101 00:16:03.720 --> 00:16:11.700 chip like a microcontroller that can securely store artifacts used to authenticate a platform. 102 00:16:13.200 --> 00:16:23.700 The correct answer here is TPM. 103 00:16:33.060 --> 00:16:33.560 104 00:16:39.000 --> 00:16:47.040 CISO: The CISO of an organization has encrypted their company's VM hard drives. 105 00:16:47.760 --> 00:16:51.780 Which of the following is the CISO protecting? 106 00:16:59.520 --> 00:17:03.360 We're using encryption; we have responses. 107 00:17:09.000 --> 00:17:13.680 Great, very good. Everybody - confidentiality 108 00:17:14.340 --> 00:17:24.720 good? It’s really important to understand the differences between confidentiality and integrity. 109 00:17:26.220 --> 00:17:35.820 There are lots of different ways the question can be asked I would 110 00:17:36.960 --> 00:17:45.660 be pretty confident in telling you that the most typical is to prevent the present 111 00:17:45.660 --> 00:17:54.180 excuse me to present a scenario like what we have here and then ask you which of the 112 00:17:54.180 --> 00:18:01.740 tenants is being described. I'd say this is a very common way to ask this question. 113 00:18:08.340 --> 00:18:08.840 114 00:18:15.840 --> 00:18:24.720 EAP-TLS: EAP-TLS protocol requires that both the server side 115 00:18:25.500 --> 00:18:29.760 and client side are configured with what? 116 00:18:39.420 --> 00:18:42.240 Looks like we have me responses coming in 117 00:18:47.580 --> 00:18:50.280 let's see what we've got so far. 118 00:18:54.960 --> 00:18:57.180 We have a vote for A 119 00:19:01.920 --> 00:19:04.920 and some more responses, C 120 00:19:09.600 --> 00:19:15.360 New factor C 121 00:19:17.520 --> 00:19:18.960 Anyone else? 122 00:19:24.420 --> 00:19:25.020 123 00:19:28.860 --> 00:19:33.660 The correct answer here is a public key certificate. 124 00:19:34.380 --> 00:19:40.440 Private keys typically belong to the owner of data. 125 00:19:45.060 --> 00:19:51.180 Choice three - two-factor authentication. What do you think about that? I think 126 00:19:53.760 --> 00:19:55.260 several people said C 127 00:20:00.600 --> 00:20:09.000 Extensible Authentication Protocol uses TLS security for 128 00:20:09.000 --> 00:20:11.760 secure authentication on wireless networks 129 00:20:13.620 --> 00:20:21.780 This solution typically involves the use of client certificates to perform Authentication 130 00:20:24.480 --> 00:20:30.900 It's not exactly having anything to do with two-factor authentication or generic token cards 131 00:20:31.560 --> 00:20:37.320 That particular method permits the transfer of unencrypted usernames 132 00:20:37.320 --> 00:20:40.860 and passwords from the client to the server. 133 00:20:41.640 --> 00:20:49.320 Public key certificate is the correct answer for this question. 134 00:20:54.660 --> 00:20:56.160 Next question 135 00:21:00.660 --> 00:21:01.860 IPSec 136 00:21:03.960 --> 00:21:10.740 How did the IPSec tunnel mode and transport mode relates to each other 137 00:21:19.500 --> 00:21:21.840 everyone proceed? 138 00:21:41.520 --> 00:21:43.800 139 00:21:46.800 --> 00:21:49.020 Let's see what else we have here. 140 00:21:51.060 --> 00:21:53.580 141 00:22:01.080 --> 00:22:02.640 Any other responses? 142 00:22:05.040 --> 00:22:09.000 143 00:22:09.900 --> 00:22:14.100 144 00:22:15.600 --> 00:22:23.880 And transport encrypts the data C is what we're looking for tunnel mode 145 00:22:23.880 --> 00:22:31.560 Encapsulates the original LP packets and transport mode encrypts payload data 146 00:22:33.780 --> 00:22:38.760 for the most part knowledge based type of questions 147 00:22:39.900 --> 00:22:42.240 excuse me 148 00:22:44.760 --> 00:22:47.940 let's go to the next one 149 00:22:55.980 --> 00:23:00.420 have a look at that we have two identically named 150 00:23:02.040 --> 00:23:12.000 IPSec. Well we'll try this one too which of the following is true regarding IPSec 151 00:23:15.180 --> 00:23:19.860 Take a moment look this over and I'm going to take me responses 152 00:23:37.200 --> 00:23:42.000 We have D, a couple of choices for D 153 00:23:44.820 --> 00:23:53.460 Is there anything that stands out it's obviously incorrect? 154 00:23:53.460 --> 00:24:01.920 More responses too - C D and C. All right, obviously incorrect. 155 00:24:05.700 --> 00:24:16.140 YE stands for internet provider security obviously wrong how about the first one 156 00:24:24.060 --> 00:24:28.680 Is this close to correct, layer five of The OSI model? 157 00:24:30.900 --> 00:24:42.060 transport there ye all right that leaves us with ifset cannot 158 00:24:42.060 --> 00:24:51.180 be implemented unless you configure specific application supports really I don't think 159 00:24:53.580 --> 00:25:00.300 I think it's designed to encrypt all IP traffic regardless of the application 160 00:25:00.300 --> 00:25:08.940 that really leaves us with Choice D is the correct answer IPSec is commonly used when running a VPN. 161 00:25:10.980 --> 00:25:14.100 All right. 162 00:25:23.460 --> 00:25:26.220 Listening port 163 00:25:29.220 --> 00:25:36.120 You are tasked with setting up a web application load balancer to handle all 164 00:25:36.120 --> 00:25:44.340 incoming client connections and serve web content to all clients via TLS certificate 165 00:25:45.720 --> 00:25:51.420 The web app sessions are all TLS terminated at the load balancer 166 00:25:51.960 --> 00:25:59.760 and farmed out to the back end web app web head servers over port 8080. 167 00:26:01.020 --> 00:26:07.440 What is the main listening port your load balancer needs to be listing on 168 00:26:12.060 --> 00:26:18.120 and we have some responses coming in. 169 00:26:32.100 --> 00:26:39.300 We have a vote for 443, one for 445 any other responses 170 00:26:47.400 --> 00:26:48.000 171 00:26:51.360 --> 00:27:02.400 443 is the correct answer. Port 443 uses SSL and TLS 172 00:27:03.420 --> 00:27:16.740 Port 80. and 81 I'd say would probably be the most likely obvious and correct answers; 445 is 173 00:27:16.740 --> 00:27:25.260 used by Microsoft directory services for active directory and for servers server message block. 174 00:27:27.420 --> 00:27:27.920 175 00:27:30.120 --> 00:27:40.500 Port 81 used by specialized web servers that are avoiding Port 80 for reasons like testing websites 176 00:27:42.240 --> 00:27:45.120 443 is the correct answer here. 177 00:27:51.000 --> 00:27:51.660 178 00:27:58.260 --> 00:28:09.360 This question involves salting. How would adding assault to a stored password 179 00:28:09.360 --> 00:28:14.400 frustrate an attacker who's trying to crack your password? 180 00:28:15.420 --> 00:28:20.160 Let's take a moment and look over the responses and see what you're thinking. 181 00:28:27.360 --> 00:28:29.760 We have some responses. 182 00:28:32.040 --> 00:28:38.280 and the response is … the second one B the second one and that's that's pretty 183 00:28:38.280 --> 00:28:45.000 much everybody's consensus and that is correct by adding a random value to the plain text 184 00:28:45.000 --> 00:28:52.260 input of a hashing algorithm the attacker cannot use pre-computed tables of hashes 185 00:28:52.980 --> 00:29:00.600 The first answer, by slowing them down when you when you put an initial key that's generated 186 00:29:00.600 --> 00:29:07.500 from the user password to thousands of rounds of hasing. Yeah? No. 187 00:29:08.400 --> 00:29:15.540 Three - The third choice by combining the password hash with a shared secret to strengthen 188 00:29:15.540 --> 00:29:28.320 the password Integrity making it impossible to Decrypt… Hmmmm, no, and by including signs and warnings 189 00:29:28.320 --> 00:29:35.520 of legal penalties against password cracking and I don't think that's going to be a really big 190 00:29:35.520 --> 00:29:43.800 deterrent that one's obviously wrong as well. All right very good everybody in this 191 00:29:43.800 --> 00:29:49.440 case it's just it's one of the ones like the other ones where it just it's a knowledge-based question. 192 00:29:50.820 --> 00:29:58.500 So pretty much you have to understand what salting is and how hashing works and then 193 00:29:59.040 --> 00:30:04.920 adding the salt value definitely takes it to a new level of difficulty. 194 00:30:06.240 --> 00:30:15.600 I also would note that I tend to shy away from things or saying things like impossible to decrypt 195 00:30:16.860 --> 00:30:26.040 mostly it's a game of resources, computing power, and time. 196 00:30:28.020 --> 00:30:33.600 The one that stuck out and this one for me was none of the other ones used the word value and 197 00:30:33.600 --> 00:30:41.460 I know that it had something to do with adding values and random values 198 00:30:42.300 --> 00:30:50.220 you really do have to look at the language in the both the question but also in the responses. 199 00:30:50.880 --> 00:30:58.500 To see if you can see something that doesn't belong or which of these things is 200 00:30:58.500 --> 00:31:04.260 not like the others, all of these little tests that you can use to help you. 201 00:31:05.280 --> 00:31:10.680 I think it's equally important to be able to do that because 202 00:31:12.240 --> 00:31:21.060 I think anybody can get rattled in an exam. I think back to 203 00:31:22.200 --> 00:31:32.520 some personal experiences I've had, I remember when this was years ago but it was probably 204 00:31:34.320 --> 00:31:45.720 I guess the third time that I had to test to re-up my CCNA and at this particular incident 205 00:31:46.980 --> 00:31:55.620 I had gone to a Pearn VUE testing center and it's funny and and I don’t really have a good 206 00:31:55.620 --> 00:32:04.620 reason for it but I just never expected that someone would be in there and perhaps not testing 207 00:32:04.620 --> 00:32:11.760 uh for an IT certification and I don't know maybe I was just focused on recertifying my 208 00:32:11.760 --> 00:32:23.520 CCNA and I was probably halfway through the certification exam and another person 209 00:32:23.520 --> 00:32:33.540 had come into the room and they were sitting not close to me but within a very short amount of time. 210 00:32:34.740 --> 00:32:44.400 I couldn't help but hear them typing madly I would describe it on the keyboard I'm also quite loudly 211 00:32:44.400 --> 00:32:52.620 like I guess they were striking the keys on the keyboard pretty aggressively. 212 00:32:53.580 --> 00:33:04.140 and it was nearly non-stop and I I would catch myself listening to 213 00:33:04.140 --> 00:33:09.420 it or maybe even getting a little annoyed by it and I think once I even looked over 214 00:33:10.200 --> 00:33:20.400 and from what I could tell just by a quick glance this person was typing an essay and 215 00:33:21.000 --> 00:33:26.460 I like I said it just didn't dawn on me that you might have somebody coming in there to 216 00:33:27.240 --> 00:33:36.600 test out and maybe their test was to type up several pages of narrative and I really 217 00:33:36.600 --> 00:33:45.000 had to fight to get my focus back for for a couple of minutes and I guess I was a little 218 00:33:45.000 --> 00:33:51.600 surprised at how much it kind of set me off of my game and that it actually took me two 219 00:33:51.600 --> 00:33:57.600 to three minutes maybe two minutes probably no more than that but that's still two minutes to 220 00:33:57.600 --> 00:34:04.980 refocus on on what I was looking at and it was more of a performance type of question 221 00:34:06.300 --> 00:34:16.200 and the lesson there obviously is to try not to be distracted and 222 00:34:16.200 --> 00:34:23.100 to try to to stay focused when you are negotiating questions that 223 00:34:24.420 --> 00:34:30.420 perhaps don't require a lot of time to answer maybe it's something like the true false question 224 00:34:30.420 --> 00:34:40.320 we saw I think in the last session or maybe a straight-up knowledge-based question if you 225 00:34:40.320 --> 00:34:46.920 can answer it and say 20 seconds maybe even less if it's just like like I said like a true false 226 00:34:48.120 --> 00:34:57.000 that gives you perhaps another 45 seconds to put back in the time bank that when you do approach 227 00:34:57.000 --> 00:35:05.040 a question that maybe is performance related and could take you a minute or maybe a little more 228 00:35:05.040 --> 00:35:13.560 you have that extra time and I've learned and trained myself to think about it in these terms. 229 00:35:15.000 --> 00:35:20.340 Just because for me no matter how much money I have into it it's still running out of my 230 00:35:20.340 --> 00:35:27.180 pocket and I have a little bit of a sense of pride I've never failed a certification exam. I've always 231 00:35:27.180 --> 00:35:34.500 passed on the first attempt but I generally tend to over prepare for them if there is such a thing 232 00:35:35.880 --> 00:35:43.440 but that that particular experience really kind of threw me for a minute and 233 00:35:43.440 --> 00:35:49.200 really made me come to the understanding that people are there for lots of different reasons 234 00:35:49.200 --> 00:35:56.400 and not just reading questions like we're doing and then choosing correct one 235 00:35:56.400 --> 00:36:03.960 or more correct answers from the list. Now let's go to the next one. 236 00:36:07.800 --> 00:36:10.500 Types of Hardware II 237 00:36:14.880 --> 00:36:18.420 Which type of hardware is needed if you must perform 238 00:36:18.420 --> 00:36:26.220 centralized public key infrastructure management for a network of devices? 239 00:36:31.980 --> 00:36:32.480 240 00:36:34.560 --> 00:36:35.280 What do you think? 241 00:36:48.780 --> 00:36:52.140 We've got responses coming in. 242 00:36:55.380 --> 00:37:04.380 It looks like everybody’s selecting A and that is the correct answer. 243 00:37:04.380 --> 00:37:12.840 Hardware security modules - something obviously incorrect when the answer choice is shown. 244 00:37:14.280 --> 00:37:25.440 Blockchain? Blockchain. Yeah. Sniper is an automated scanner that can be 245 00:37:25.440 --> 00:37:29.760 used during the penetration test to generate and scan for vulnerabilities. 246 00:37:31.740 --> 00:37:39.360 the password vaults or password manager or password locker is a program that stores 247 00:37:39.360 --> 00:37:46.920 usernames and passwords for multiple applications securely and in an encrypted format. Yes, HSM. 248 00:37:53.280 --> 00:37:54.960 Next question 249 00:37:59.340 --> 00:38:09.060 Digital signature and decryption: Creating a digital signature and decrypting a message 250 00:38:09.060 --> 00:38:18.180 both utilize which of the following (and you're instructed to choose the best single answer). 251 00:38:31.320 --> 00:38:34.020 We have some responses coming in 252 00:38:45.180 --> 00:38:48.120 We have votes for C 253 00:38:52.620 --> 00:38:53.940 Anything else? 254 00:39:05.340 --> 00:39:13.740 What would you say is obviously or the most obvious incorrect answers here? 255 00:39:14.820 --> 00:39:25.680 Private keys. Which? symmetric? 256 00:39:27.240 --> 00:39:37.020 Go ahead I was thinking both So, with symmetric keys you have two disadvantages 257 00:39:38.340 --> 00:39:45.660 In using symmetric encryption and that is how do you communicate the key to the party who 258 00:39:45.660 --> 00:39:52.080 needs it to decrypt the message. You must ensure that whatever you whatever way you communicate 259 00:39:52.080 --> 00:40:01.740 it the key is sent in a secure manner and that makes it tough. Both for C 260 00:40:03.720 --> 00:40:13.860 Asymmetric encryption is used in key exchange email security web security and other encryption 261 00:40:13.860 --> 00:40:24.000 systems that require key exchange over the public Network. Two keys - public and private 262 00:40:24.000 --> 00:40:31.440 cannot be derived to the public; the public key can be freely distributed without confidentially 263 00:40:31.440 --> 00:40:43.980 being compromised. Anybody changing their answer ? How about asymmetric private keys? 264 00:40:53.640 --> 00:40:56.820 All right, let’s see what we have here. 265 00:40:58.980 --> 00:40:59.640 C 266 00:41:03.360 --> 00:41:07.080 Why do you think C? 267 00:41:09.360 --> 00:41:14.400 Uh I I didn't quite get the public and private part 268 00:41:16.020 --> 00:41:24.840 The public and private part, yeah, a asymmetric private key not a public key because 269 00:41:26.040 --> 00:41:35.880 right the private keys held by the owner of the data messages are encrypted 270 00:41:35.880 --> 00:41:44.280 with the recipient's public key the messages encrypted by the recipient with their private key 271 00:41:46.440 --> 00:41:46.940 272 00:41:51.180 --> 00:42:01.560 The correct answer is asymmetric private keys. 273 00:42:04.320 --> 00:42:04.860 274 00:42:08.340 --> 00:42:10.560 Next question 275 00:42:17.160 --> 00:42:25.860 Digital signature - What is a digital signature? 276 00:42:45.240 --> 00:42:47.160 What are you thinking? 277 00:42:55.140 --> 00:42:57.420 Responses coming in. 278 00:43:01.200 --> 00:43:01.860 279 00:43:04.620 --> 00:43:13.500 We have lots of people saying A, a plain text string that is hashed 280 00:43:13.500 --> 00:43:15.540 using a private key 281 00:43:18.600 --> 00:43:23.340 Anything obviously 282 00:43:24.540 --> 00:43:25.680 incorrect? 283 00:43:31.560 --> 00:43:44.640 Anything stating public key All right. 284 00:43:45.900 --> 00:43:53.340 That leaves us then with a plain text string that is hashed using a private key 285 00:43:54.900 --> 00:44:02.340 or a hash that is in that is then encrypted using a private key 286 00:44:04.140 --> 00:44:16.080 Yeah it's B. It is the correct answer: B. A hash that is then encrypted using a private key. 287 00:44:17.700 --> 00:44:28.620 okay okay oh we have some more Deans okay not a few responses for B right B is the correct answer 288 00:44:30.960 --> 00:44:31.560 okay