Exam Essentials

Be able to identify the common technologies and methods used in encryption. Although this chapter introduced many different protocols and standards, you need to be familiar with PKIX/PKCS, X.509, SSL/TLS, S/MIME, SSH, PGP, HTTPS, IPS, WTLS, WEP, and IPSEC. Each of these standards provides specific capabilities.

Be able to identify the stages in a key/certificate life cycle. A life cycle involves the generation, distribution, protection, archiving, recovery, and revocation of a key or certificate. Each of these aspects of key management must be considered in order to provide an effective and maintainable security process.

Be able to identify the relative advantages and disadvantages of centralized versus decentralized key management. Centralized key management uses centralized computers to generate keys. Key generation is a very computer-intensive process. Centralized processes leave the process open to single point failure and key transmission problems. Decentralized key generation allows work to be spread over an entire organization. The disadvantage is that spreading the process out makes securing the keys more difficult. Most systems use a split method. Private keys should be transmitted using an out-of-band method.

Be able to describe the storage methods used for keys. Physical protection methods include physical storage devices that place a key under lock and key. Storage devices include, but are not limited to, filing cabinets and safes. Software storage refers to hardened servers or other computer systems that are used to store keys. Most keys are compromised as a result of human error.

Be able to describe the purpose of key escrow. Key escrow allows law enforcement or other authorized governmental officials to access keys to conduct investigations. A key escrow agency or agent is a third party that is trusted to provide this service. A key archival system would normally be able to accomplish this task.

Be able to describe the purpose of key expiration. Keys are usually stamped with an expiration date. The longer a key stays in use, the more likely it is to be compromised. The more a key is used, the more often it will need to be changed.

Be able to describe the difference between a key revocation and a suspension. A key revocation is performed when a key has potentially become compromised or lost. Key revocation is usually accomplished using some form of key revocation list. A certificate is revoked using a CRL process. A key is suspended when it needs to be made temporarily inactive. A suspension can be undone, a revocation cannot.

Be able to describe a key recovery process. The key recovery process is necessary if a key becomes lost. If access is needed to information that uses an older key, the key may also need to be recovered. To get an older key, you may need to access a key archival system. The key archival system will generally work in conjunction with the key-generating system or CA.

Be able to describe the M of N Control method. The M of N Control method basically states that of n number of people, m number must be present to perform the process. For example, if six people are authorized to use a system, three of the six must be present to recover a key. In this example, m = 3 and n = 6. This control method prevents any one person from compromising the key archival system.

Be able to explain the purpose of key renewal. Key renewal is not a recommended practice. However, sometimes it may be necessary to renew a key in order to continue to use a system for a short time. The longer keys or certificates are used, the more vulnerable they are to decryption. There may be times when something is more important than a key rollover. The renewal process allows existing keys to stay in use for a specified period of time.

Be able to describe the purpose of key destruction. Key destruction is an important part of physical control. When a physical key is retired, it should be physically destroyed. When a software key is retired, it should be erased and zeroed out. This will prevent the inadvertent disclosure of a key.

Be able to describe key usage. Key usage refers to the process of using a key to accomplish work. A certificate contains one or more public keys. Symmetrical keys are, by definition, private. These keys must be protected at all costs. The disclosure of a private key can compromise an entire security system. Asymmetrical keys are two keys that are used in the encryption/decryption process. In a public/private key system, the public key can be distributed; however, the private key must not be. The acquisition of a private key by unauthorized individuals compromises the public key and renders the encryption process useless.



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net