Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CompTIA Security+ Certification Guide

You're reading from   CompTIA Security+ Certification Guide Master IT security essentials and exam topics for CompTIA Security+ SY0-501 certification

Arrow left icon
Product type Paperback
Published in Sep 2018
Publisher Packt
ISBN-13 9781789348019
Length 532 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Ian Neil Ian Neil
Author Profile Icon Ian Neil
Ian Neil
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Understanding Security Fundamentals FREE CHAPTER 2. Conducting Risk Analysis 3. Implementing Security Policies and Procedures 4. Delving into Identity and Access Management 5. Understanding Network Components 6. Understanding Cloud Models and Virtualization 7. Managing Hosts and Application Deployment 8. Protecting Against Attacks and Vulnerabilities 9. Implementing the Public Key Infrastructure 10. Responding to Security Incidents 11. Managing Business Continuity 12. Mock Exam 1
13. Mock Exam 2
14. Preparing for the CompTIA Security+ 501 Exam 15. Acronyms
16. Assessment 17. Other Books You May Enjoy

Hashing and Data Integrity

  • Hashing: It is where the data inside a document is hashed using an algorithm such as Secure Hash Algorithm version 1 (SHA1) and Message Digest version 5 (MD5). This turns the data inside the file into a long text string known as a hash value; this is also known as a message digest.
  • Hashing the Same Data: If you copy a file and therefore have two files containing the same data, and if you hash them with the same hashing algorithm, it will always produce the same hash value. Even if from two different vendors.
  • Verifying Integrity: During forensic analysis, the scientist takes a copy of the data prior to investigation. To ensure that he/she has not tampered with it during investigation, he/she will hash the data before starting and then compare the hash to the data when he/she has finished. If the hash matches, then we know that the integrity of the data is intact.
  • One-way function: For the purpose of the exam, hashing is a one-way function and cannot be reversed.
  • HMAC authentication: In cryptography, an HMAC (sometimes known as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of Message Authentication Code (MAC) involving a cryptographic hash function and a secret cryptographic key. We can have HMAC-MD5 or HMAC-SHA1; the exam provides both data integrity and data authentication.
  • Digital signature: This is used to verify the integrity of an email so that you know it has not been tampered with in transit. The private certificate used to sign the email that creates a one-way hash function and when it arrives at its destination the recipient has already been given a public key to verify that it has not been tampered with in transit. This will be covered in more depth later in this book.
Can you read data that has been hashed? Hashing does not hide the data as a digitally signed email could still be read—it only verifies integrity. If you wish to stop someone reading the email in transit, you need to encrypt it.
  • RACE Integrity Primitives Evaluation Message Digest (RIPEMD): This is a 128-bit hashing function. RIPEMD (https://en.wikipedia.org/wiki/RIPEMD) has been replaced by RIPEMD-160, RIPEMD-256, and RIPEMD-320. For the purpose of the exam, you need to know that it can be used to hash data.

Hash Practical

The reason that we hash a file is to verify its integrity so that we know if someone has tampered with it.

Hash Exercise

In this exercise, we have a file called data.txt. First of all, I use a free MD5 hashing tool and browse to the data.txt file, which generates a hash value. I have also created a folder called Move data to here:

  1. Get the original hash:
  1. Copy the hash from the current hash value to the original hash value.
  1. Copy the data.txt file to the Move data to here folder, then go to the MD5 hash software and browse to the data.txt file in the new location, and press verify. The values should be the same as shown here:

The values are the same, therefore we know the integrity of the data is intact and it has not been tampered with when moving the readme.txt file.

  1. Next, we go into the data.txt file and change a single character, add an extra dot at the end of a sentence, or even enter a space that cannot be seen. We then take another hash of the data and we will then see that the hash value is different and does not match; this means that the data has been tampered with:
You have been reading a chapter from
CompTIA Security+ Certification Guide
Published in: Sep 2018
Publisher: Packt
ISBN-13: 9781789348019
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image