OPS 401 Class 09 - MackD51/CyberReadingNotes GitHub Wiki
What Is Data Lose Prevention
1. Name the three main components which make up PKI.
Digital Certificate: An electronic "passport" for secure communication, Certificate Authority (CA): A trusted third-party entity that issues digital certificates. Public and Private Keys: A pair of keys used for encryption, decryption, and digital signatures.
2. How would you explain, to a non-technical friend, the role PKI plays in protecting traffic between your browser and a web server.
PKI, or Public Key Infrastructure, is like a digital handshake that helps confirm identities online. When you connect to a secure website (one starting with 'https'), PKI is what helps ensure the site is really who it says it is and not a fake. It does this by using unique digital certificates, sort of like digital ID cards. It also helps scramble your data (like passwords or credit card numbers) while it's traveling to the server, making it unreadable to anyone else who might try to intercept it.
3. What is the main weakness of the PKI architecture?
Public Key Infrastructure (PKI) has a vulnerability in that any certificate authority can validate a certificate for anyone, including those controlled by possibly hostile governments. This can lead to misuse, such as espionage or forging of messages. Therefore, public certificates should be trusted only to a certain extent. Some organizations manage this risk by creating their own internal PKI, providing them with more control. However, if they also rely on public PKIs, the potential for cost-saving is present, but without any additional security.