CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass
Showing posts with label Authentication. Show all posts
Showing posts with label Authentication. Show all posts

Thursday, October 17, 2024

S/MIME: Encrypting and Signing Emails for Maximum Security

 S/MIME

Secure/Multipurpose Internet Mail Extensions (S/MIME) is an industry standard that encrypts and digitally signs emails to ensure their integrity and security:

  • Encryption: Protects the contents of emails
  • Digital signatures: Verifies the sender's identity
  • Message integrity: Ensures the email's contents are not altered
  • Non-repudiation: Provides a way to prove the origin of the email
  • Authentication: Verifies the identities of both the sender and recipient

S/MIME is compatible with most enterprise email clients, including Outlook for iOS and Android. To add or remove a digital signature from a message in Outlook on the web, you can:

  • Go to the top of the message
  • Select More options > Message options
  • Select or deselect Digitally sign this message (S/MIME)

Posted by at No comments:
Labels: , , , , , ,

Monday, July 29, 2024

Digital Signature: Exam notes CompTIA Security+

 Digital Signature

Listed below are the items you need to know for the exam:

Digital signatures provide:
  • Non-repudiation
  • Authentication
  • Integrity
Creating the digital signature is a 2 step process:
  • First, hash the email/message
  • Second, the private key digitally signs (encrypts) the hash
The digital signature is created with the "sender's" keys. 

The digital signature is an encrypted wrapper for the sender's public key.

The recipient's system extracts the public key and decrypts the digital signature to validate the sender.

RSA and DSA (Digital Signature Algorithm) are used to create digital signatures.
Posted by at No comments:
Labels: , , , , , ,

Monday, April 20, 2020

Identity and Authentication Factors

IDENTITY

The first part of a login process is providing some form of identification, such as a username or email address

AUTHENTICATION FACTORS

Proves that the user is who they claim to be. Authentication credentials should be kept secret. This helps prevent unauthorized users from gaining access to confidential information. There are five authentication factors.

1. Something you know: Password, PIN, passphrase, security question answer, CAPTCHA, a PIN that was mailed to you.

2.  Something you have: CAC (Common Access Card), PIV (Personal Identity Verification), Smart Card, Digital Certificate (CAC, PIV, & Smart Card are all digital certificates), PIN or code sent to your cell phone, key fob or token (pic to the right)


3. Something you are: Fingerprint, iris scan, retina scan, facial scan, voice pattern, palm geometry.

4. Somewhere you are: IP address, MAC address, GPS location computer name.

5. Something you do: Signature analysis, signature dynamics, have the user sign their name, keyboard timing, keystroke dynamics, gait (the way you walk), finger swipe pattern.
Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)