Technical Controls
This week will focus on using encryption to protect the organization's data.
- Describe the concept of encryption.
- Include a discussion about symmetric and asymmetric encryption.
- Provide a description of at least 2 different encryption algorithms.
When looking at data with respect to a database environment, it should be viewed in 2 ways: the interaction (the transfer of data) and the storage (the database files).
- Take this opportunity to describe what is meant by data at rest and data in motion.
- How can encryption techniques be applied to these 2 concepts?
When applying encryption to a system, the confidentiality and integrity of data is critical.
- Show how encryption can provide protection in these 2 areas.
Describe the mechanisms that can be applied to messages (data in motion) so that the following can be provided:
- Confidentiality
- Integrity
- Authentication
This information should be 2-3 pages of details added to your Data Security, Quality, and Integrity document.