CISSP Exam Cram - Cryptography Drill-Down
ฝัง
- เผยแพร่เมื่อ 29 มิ.ย. 2024
- Cryptography, called out in CISSP Domain 3, is THE most technical topic on the exam. This video is dedicated to cryptography-related topics, with some memorization tips and comparative analysis to intended to help your exam performance on questions involving cryptography.
ISC2 Official 2021 CISSP Study Guide and Practice Tests Bundle
amzn.to/3yoWXpO
CISSP 2021 Official Study Guide
amzn.to/3nQEOgt
CISSP 2021 Official Practice Tests
amzn.to/3toaGdp
FREE CISSP 50-questions practice quiz
insidethemicrosoftcloud.com/c...
PDF presentation download for this session
1drv.ms/b/s!AmhtzcmYt5AViLIIZ...
NOTICE: Some of our video description contain affiliate links, which means we may receive a small commission on a purchase without additional cost to you, if you buy something. - วิทยาศาสตร์และเทคโนโลยี
Absolutely superb. Thank you!!
Glad it was helpful!
I wrote my CISSP today and passed on the first try... Man, you are doing a great public service by providing these videos. To those who will see this later, I did an initial extensive personal study (to have the bases covered) before using these videos as a support and weekly brush up for the key points to remember. Goodluck!
Thank you for saying so! Great job clearing the exam! 💪
After 175 questions, I am pleased to announce that I provisionally passed the CISSP today. May God continue to bless you and everything you do and if I can donate, help, or support your vision and generosity in any way, please let me know. I will be more than happy to help. Take care!
Well done! CONGRATULATIONS! 🏆🎉🌟Glad the series was helpful!
Your way of breaking down the algorithms works better for me than many other online resources. I'll remember the block size of blowfish/skipjack/twofish easily now :). I appreciate the time you spent making these videos. Now I just need to stop studying and schedule the exam.
My pleasure! Glad you are finding them helpful. Good luck on the exam! 🍀👍
Perfect video series! I passed on the first try last weekend thanks to your content! Thank you!
Great to hear! Congratulations! 🎉🏆👍
brilliant collection of all the algorithms, big thanks!
Glad you liked it! 👍 Good luck on the exam! 🤞🍀
Great review and tools! Thanks!
Glad you like them. Good luck on the exam! 👍
Very good explanation and comparision tables, easy to grasp in a single slide. thank you !!
My pleasure. Glad to hear it's helping. Best of luck on your exam! 😉🤞
Wow! Great content, thank you!
Thanks very much. Best of luck on the exam! 👍
Excellent Break down of cryptology types it really helps keep the different terms compartmentalized in my head and easier to understand why picking one type would be more beneficial based off the actual scenario and usage case. Cheers!
Glad it was helpful! Good luck on the exam! 🤞🍀👍
Just Awesome! Thanks for the content
Glad you enjoy it! I also have an 8-week study group Wednesdays starting March 9th -bit.ly/cisspexamcram2022
As a PKI engineer, I want to let everyone know this video will be indispensable for people learning Cryptographic Algorithms. Memorize this foundational content
Nice! I appreciate the testimonial! 👍
Thank you, really helpful information!
Glad to hear that. Good luck on the exam! 👍🤞
Thank you. This helps waaaaay than you can imagine.
Glad to hear it! Good luck on the exam! 🍀🤞
Very well produced video explaining g cryptography!
Much appreciated! Good luck on the exam!
Awesome breakdown sir Thank you from New Jersey brother.
Happy to help. Good luck on the exam! 🍀🤞👍
Very helping tutorial. Make it easy to decipher and decode a complex topic of cissp exam.
Glad it helped! Good luck on the exam! 🍀🤞
superb. Thank you!!
Thanks! Good luck on the exam! 😉
Thank you very much. This is great.
You're very welcome!
Hi mate, loving your content. Very to the point! As a GRC guy here, my background is quite non technical. I was wondering if we could get a 'drill down' on Domain 4. I feel as though the OSI model is pretty important and it's a great way to discuss quite a few topics within domain 4 including network attacks at each layer etc. But honestly, just a few vids on Domain 4 would be much appreciated. As Crypto probably scares me the most, followed by a big chunk of Domain 4. Even the way you did '7 challenging topics' across all the content, maybe something similar just for Domain 4 would be awesome!
Thanks Kristian. This is an interesting request. I've put this on my list of items to review in my next planning session to see what might make sense. 👍
Thanks for sharing your knowledge with the world❤
Happy to help! Good luck on the exam! 🍀🤞
Great video. I love it
Glad to hear it! Good luck on the exam! 👍
Thank you very much Sir.You are going to be big name soon for CISSP aspirants.Only thing I don't like about exam cram ...these model pictures. Please put your DP instead of these unknown models.You are very famous in our discord channel ... certification station.
Thank you, Naveen! You know, I use those stock models because I wanted to share my belief that people of all ages and backgrounds can build a successful career in cloud and security. My work is not about me...it is about us. 😉 But, I will keep your suggestion in mind, and I will be sure to come join your discord community and say hello. 😊
Super helpful. Thanks!
You’re very welcome! Glad you like! 👍
Good job! Thanks.
Glad you like! Good luck on the exam! 🤞🍀
Loving these videos about to take my test today, wish me luck
Good luck! 🍀👍
@@InsideCloudAndSecurity thank you, i was able to pass on my second try!!!
I provisionally passed today! Thank you so much for the succinct info filled video. I used this video as last minute prep a week before taking the test!
Thanks Jennifer! Congratulations! 🏆🎉
great stuff!
Thanks! Glad it was helpful!
Amazing explanations
Glad you think so! Good luck on the exam! 🤞🍀
Thanks!
Glad it was helpful! 👍 And thank you!
Nice, thanks
👍
Great thanks
👍
❤Thank you.
You’re very welcome. Good luck on the exam! 🍀👍
Thanks you so much for this series. Do you have any plans to touch on the domain tweaks we’ll see in May of 2021?
Thanks. Yes, already in the development process. Reports say 2018 content is still good, with some additional content across domains 2,4,5,7,8.
@@InsideCloudAndSecurity Agreed, it doesn't look game changing but a small video on it would probably be helpful.
@@Bigtone821 Agreed. I think I'll get the strategy sorted and an updated CISSP 2021 course posted in the next few weeks.
Thank you so much 👍
You are welcome! Good luck on the exam!
I think the description of the Substitution cipher shown is actually is meant for the IV cipher - they have an identical description.
Yes, indeed. This was an early video in the series. That errata was addressed in the full course video. 👍
Thank You
You're welcome! Best of luck on exam day! 🍀🤞
I thought that symmetric is stronger bit per bit than asymmetric. You said the other way. You meant in regard of the key management?
It's a matter of context really. Asymmetric encryption is generally considered to be more secure than symmetric encryption as it uses two keys for the process, while symmetric encryption is faster, but they serve different use cases. Here's a link to a specific spot in my cryptography drill-down that talks about how they are used in a complementary manner. I think it may help. Watch the last 4 minutes using this link, and let me know what lingering questions you have and we'll talk them through. th-cam.com/video/8_NLPDRLfg4/w-d-xo.html
Per RFC 3647 the official term for CA is CertificaTION Authority. But, we all just say certificate authority in practice.
Indeed. That’s why at 20:55 I called that out just so folks knew that if I used either term they were equivalent. 👍 I prefer certification authority, but recognize my preferences is in the minority.
Where is a copy of the slides to download. Love your videos 😊
Thanks! It's the last link in the video description!
Hello, thanks for sharing this video, I appreciated the quality of the content. I have a question about the last chart. In it you show that the number of keys for Hashing is 0, but then on the next row you note that the recommended key size for hashing is 256-bit. Can you help us understand that?
For lack of space to write more in the label column. That 256 refers to preferred hash bit length for security. Longer hash lengths are important because they make it computationally more difficult to find collisions.
Taking test next week. Great videos. One doubt here you say in PKI slide all certificates have a public key and private key. But private key remains only on host and never leaves, right. My understanding is certificate only has public keys that are shared.
A certificate is a public/private key pair, in which the public key is shared with other parties so they may encrypt messages that the recipient then decrypts with their private key, as illustrated here - th-cam.com/video/8_NLPDRLfg4/w-d-xo.htmlsi=Q-DRSjD_J9gAqGKo&t=1089
Superb content, as usual.
The link to the pdf presentation of this session seems to be broken.
Can it be updated please?
Thanks much
Not sure what happened. Thanks for the heads up. here's a new link - 1drv.ms/b/s!AmhtzcmYt5AViLIIZGZTSnmMF70K9A?e=DGYQxm
Hello thank you for video, it’s very clear. However, I am confused with nonrepudiation and ASE…in the book it says that ASE provides confidentiality, integrity and authentication but not nonrepudiation. Nonrepudiation requires the use of a public key cryptosystem (page 1056 #6). AES is a symmetric block cipher, in your presentation at page 11 it says that symmetric provides nonrepudiation, could you clarify? Thank you
Video is correct as it says symmetric "lacks support" for several items, including non-repudiation (lacks support = does not support). Digital signatures employ asymmetric cryptography and provide non-repudiation. Search within this page and you will quickly confirm. en.wikipedia.org/wiki/Digital_signature. And to further support this "public key cryptosystem" means public key cryptography, aka asymmetric encryption. The official study guide also states "Symmetric key cryptography does not implement nonrepudiation". The description of asymmetric is correct In the video, however symmetric should not mention non-repudiation.
I love the videos. There is 1 missing slide from the material. Anyone has the updated PDF presentation deck? thanks
Thanks Cynthia. Not sure what is missing. Can you send a pic of the missing slide to me on LinkedIn or at pete.zerger [AT] gmail.com?
Public Key Cryptography section is missing at 28:45 in the pdf.
@26:20
I see RC5 is Symmetric but uses RSA (Asymmetric) Block Mode Cipher as its algorithm type. What does that mean? and Would RC5 be better to use than AES just from looking at this table?
'block mode cipher' means it encrypts the data in multi-byte chunks, as opposed to a stream cipher, which encrypts byte-at-a-time (and thus has no block size). The RSA in front of block is due to the fact that RC5 was created by Rivest of Rivest, Shamir, and Adleman (RSA). Let me know anytime if anything is unclear. Good luck!
@@InsideCloudAndSecurity
Oh okay. So RC5 is still an symmetric encryption?
Yes. The presence of RSA in the name of the cipher type has everything to do with who created it. AES is a symmetric algorithm very commonly used in the Microsoft world. Here's a good quick read on RC5 that will answer your question about AES - en.m.wikipedia.org/wiki/RC5
Hi! In the book(OSG) it says that the DSS algorithms must use the SHA-3 hashing functions, u say sha 1 and sha 2 as well. which one is correct?
page 277
👍
Thanks! Good luck on the exam. Ping me if questions along the way!
Hey! At 34:03, how come a hash doesn't have a key but it does have a recommended key length?
Because I talk about hash and encryption algorithms in the same table, I am using the key column loosely. In the case of the hash, I'm referring to recommended hash length as mentioned in NIST in their recommendations document regarding hash length for applications using hash algorithms.
I think your definition of substitution at 3:51 was mixed up with the IV definition.
If it's on the errata list (and I believe it was), it was corrected in the full course that I published sometime later, where you'll find cryptography covered similarly th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
I feel like I need to watch this about another 100 times to actually absorb it. How can we lab this?
Difficult to lab the concepts on the CISSP. Perhaps some targeted reading of cryptography content in the OSG for more detail and background?
@@InsideCloudAndSecurity I was wondering if there was a way to apply certs or keys in various scenarios in a lab then get feedback.
The CISSP might believe that a good hash algo is collision free, but no hash algorithm is ever truly collusion free. They’re collision resistant. There exists a real number of odds that you will still get a collision with any hash algorithm where you still have two different plaintext’s resolving to the same hash.
While it’s statistically possible for collisions with almost any algorithm, the exam differentiates between those that are still widely used and considered safe today (such as MD6), versus those where collisions have been demonstrated in the real world (such as MD5).
@@InsideCloudAndSecurity understood. I figured it was strictly in context of the exam. Great material. Thank you.