Professional Documents
Culture Documents
Cybersecurity
Project Workbook
First Edition
LearnKey creates signature multimedia courseware. LearnKey provides expert instruction for popular computer software,
technical certifications, and application development with dynamic video-based courseware and effective learning
management systems. For a complete list of courses, visit https://www.learnkey.com.
© 2023 LearnKey
www.learnkey.com
Table of Contents
Introduction 1
Best Practices Using LearnKey’s Online Training 2
Using This Workbook 3
Skills Assessment 4
Cisco Certified Support Technician: Cybersecurity Video Times 6
Domain 1 Lesson 1 7
Fill-in-the-Blanks 8
Vulnerabilities, Threats, Exploits, and Risks 9
Hardening and Defense-in-Depth 10
Domain 1 Lesson 2 11
Fill-in-the-Blanks 12
Confidentiality, Integrity, and Availability 13
Attackers 14
Domain 1 Lesson 3 15
Fill-in-the-Blanks 16
Malware and Ransomware 17
Denial-of-Service Attacks 18
Social Engineering Attacks 19
Physical Attacks 20
Common Attacks and Vulnerabilities 21
Domain 1 Lesson 4 22
Fill-in-the-Blanks 23
AAA and RADIUS 24
Multifactor Authentication 25
Password Policies 26
Domain 1 Lesson 5 27
Fill-in-the-Blanks 28
Encryption 29
Hashing 30
Certificates and Public Key Infrastructure 31
Encryption Algorithms 32
States of Data 33
Protocols Using Encryption 34
Domain 2 Lesson 1 35
Fill-in-the-Blanks 36
TCP, UDP, and HTTP 37
ARP, ICMP, DHCP, and DNS 38
Domain 2 Lesson 2 39
Fill-in-the-Blanks 40
IPv4 and IPv6 Addresses 41
MAC Addresses and CIDR Notation 42
Public vs. Private Networks 43
Domain 2 Lesson 3 44
Fill-in-the-Blanks 45
Network Security Architecture 46
Virtualization and Cloud 47
Honeypots, Proxy Servers, IDS, and IPS 48
Domain 2 Lesson 4 49
Fill-in-the-Blanks 50
Setting up a Secure Wireless SOHO Network 51
Implement Secure Access Technologies 52
Domain 3 Lesson 1 53
Fill-in-the-Blanks 54
Operating Systems 55
Security Features and Command-line Tools 56
Privileges 58
Domain 3 Lesson 2 60
Fill-in-the-Blanks 61
Endpoint Tools 62
Hardware and Software Inventories 63
Policies and Standards 64
Domain 3 Lesson 3 65
Fill-in-the-Blanks 66
Software and Hardware Updates 67
Log Files 68
Malware Removal 69
Domain 4 Lesson 1 70
Fill-in-the-Blanks 71
Identification, Management, and Mitigation 72
Active and Passive Reconnaissance 73
Testing 74
Domain 4 Lesson 2 75
Fill-in-the-Blanks 76
Vulnerability Databases 77
Vulnerability Assessment Tools 78
Vulnerability News 79
Intelligence and Documentation 80
Domain 4 Lesson 3 81
Fill-in-the-Blanks 82
Risk Management Elements 83
Data Risks and Security Assessments 85
Disaster Recovery Plans 86
Disaster Recovery Controls 87
Domain 5 Lesson 1 88
Fill-in-the-Blanks 89
SIEM and SOAR 90
Identifying Incidents and Events 91
Domain 5 Lesson 2 92
Fill-in-the-Blanks 93
Attack Frameworks 94
Digital Evidence 95
Compliance Frameworks and Incident Response 96
Appendix 98
Glossary 99
Objectives 105
Cisco Certified Support Technician: Cybersecurity Lesson Plan 107
Domain 1 Lesson Plan 108
Domain 2 Lesson Plan 110
Domain 3 Lesson Plan 111
Domain 4 Lesson Plan 112
Domain 5 Lesson Plan 113
Introduction
1 | Introduction: Best Practices Using LearnKey’s Online Training Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Best Practices Using LearnKey’s Online Training
LearnKey offers video-based training solutions that are flexible enough to accommodate private students and educational
facilities and organizations.
Our course content is presented by top experts in their respective fields and provides clear and comprehensive
information. The full line of LearnKey products has been extensively reviewed to meet superior quality standards. Our
course content has also been endorsed by organizations such as Certiport, CompTIA®, Cisco, and Microsoft. However, it is
the testimonials given by countless satisfied customers that truly set us apart as leaders in the information training world.
LearnKey experts are highly qualified professionals who offer years of job and project experience in their subjects. Each
expert has been certified at the highest level available for their field of expertise. This expertise provides the student with
the knowledge necessary to obtain top-level certifications in their chosen field.
Our accomplished instructors have a rich understanding of the content they present. Effective teaching encompasses
presenting the basic principles of a subject and understanding and appreciating organization, real-world application, and
links to other related disciplines. Each instructor represents the collective wisdom of their field and within our industry.
We ensure that the subject matter is up-to-date and relevant. We examine the needs of each student and create training
that is both interesting and effective. LearnKey training provides auditory, visual, and kinesthetic learning materials to fit
diverse learning styles.
Pre-assessment: The pre-assessment is used to determine the student’s prior knowledge of the subject matter. It will also
identify a student’s strengths and weaknesses, allowing them to focus on the specific subject matter they need to improve
the most. Students should not necessarily expect a passing score on the pre-assessment as it is a test of prior knowledge.
Video training sessions: Each training course is divided into sessions or domains and lessons with topics and subtopics.
LearnKey recommends incorporating all available external resources into your training, such as student workbooks,
glossaries, course support files, and additional customized instructional material. These resources are located in the folder
icon at the top of the page.
Exercise labs: Labs are interactive activities that simulate situations presented in the training videos. Step-by-step
instructions and live demonstrations are provided.
Post-assessment: The post-assessment is used to determine the student’s knowledge gained from interacting with the
training. In taking the post-assessment, students should not consult the training or any other materials. A passing score is
80 percent or higher. If the individual does not pass the post-assessment the first time, LearnKey recommends
incorporating external resources, such as the workbook and additional customized instructional material.
Workbook: The workbook has various activities, such as fill-in-the-blank worksheets, short answer questions, practice
exam questions, and group and individual projects that allow the student to study and apply concepts presented in the
training videos.
2 | Introduction: Best Practices Using LearnKey’s Online Training Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Using This Workbook
This project workbook contains practice projects and exercises to reinforce the knowledge you have gained through the
video portion of the Cisco Certified Support Technician: Cybersecurity course. The purpose of this workbook is twofold.
First, get you further prepared to pass the Cisco Certified Support Technician: Cybersecurity exam, and second, to teach
you job-ready skills and increase your employability in the area of cybersecurity, including essential cybersecurity
principles, network security, endpoint security, vulnerability assessments, risk management, and incident handling.
The projects within this workbook follow the order of the video portion of this course. To save your answers in this
workbook, you must first download a copy to your computer. You will not be able to save your answers in the web version.
You can complete the workbook exercises as you go through each section of the course, complete several at the end of
each domain, or complete them after viewing the entire course. The key is to go through these projects to strengthen your
knowledge in this subject.
Each project is based upon a specific video (or videos) in the course and specific test objectives. The materials you will
need for this course include:
• PowerShell.
• Linux.
For Teachers
LearnKey is proud to provide extra support to instructors upon request.
Notes
• Extra teacher notes, when applicable, are in the Project Details box within each exercise.
• Exam objectives are aligned with the course objectives listed in each project, and project file names correspond
with these numbers.
• Short answers may vary but should be similar to those provided in this workbook.
We value your feedback about our courses. If you have any questions, comments, or concerns, please let us know by
visiting https://about.learnkey.com.
3 | Introduction: Using This Workbook Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Skills Assessment
Instructions: Rate your skills on the following tasks from 1-5 (1 being needs improvement, 5 being excellent).
Skills 1 2 3 4 5
Define essential security principles.
4 | Introduction: Skills Assessment Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Skills 1 2 3 4 5
Explain digital forensics and the attack attribution processes.
5 | Introduction: Skills Assessment Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Cisco Certified Support Technician:
Cybersecurity Video Times
Domain 1 Video Time
Essential Security Principles 00:26:08
Common Threats and Vulnerabilities 00:17:32
Access Management Principles 00:12:51
Encryption Methods and Applications 00:19:29
Total Time 01:16:00
6 | Introduction: Cisco Certified Support Technician: Cybersecurity Video Times Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Domain 1 Lesson 1
7 | Domain 1 Lesson 1: Cisco Certified Support Technician: Cybersecurity Video Times Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Fill-in-the-Blanks
Instructions: While watching Domain 1 Lesson 1, fill in the missing words according to the information presented by the
instructor. [References are found in the brackets.]
2. A threat is any action that could cause harm to an asset. [Vulnerabilities, Threats,
Exploits, and Risks]
5. Attack vectors are paths an attacker takes to exploit threats against specific . [Attack
Vectors]
7. Security professionals should never depend on a(n) security control to protect an asset.
[Hardening and Defense-in-Depth]
8 | Domain 1 Lesson 1: Fill-in-the-Blanks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Vulnerabilities, Threats, Project Details
Project file
Exploits, and Risks N/A
b. Threats are planned attacks used to realize exploits against discovered risks.
4. risk expression is more useful when projecting potential monetary losses if a risk
were to be realized.
9 | Domain 1 Lesson 1: Vulnerabilities, Threats, Exploits, and Risks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Hardening and Defense-in- Project Details
Project file
Depth N/A
4. Once the Run dialog box has been opened, what command will take a user to the Services window?
5. List two types of controls that security professionals use to protect systems.
a.
b.
10 | Domain 1 Lesson 1: Hardening and Defense-in-Depth Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Domain 1 Lesson 2
11 | Domain 1 Lesson 2: Hardening and Defense-in-Depth Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Fill-in-the-Blanks
Instructions: While watching Domain 1 Lesson 2, fill in the missing words according to the information presented by the
instructor. [References are found in the brackets.]
1. While discussing the confidentiality, integrity, and availability (CIA) triad, assets and resources are referred to
as . Users or consumers are referred to as . [Confidentiality,
Integrity, and Availability]
2. Building and maintaining a secure environment starts with protecting the three of security.
[Confidentiality, Integrity, and Availability]
3. Integrity ensures that all changes to any object come from subjects. [Confidentiality,
Integrity, and Availability]
4. Availability strategies include , duplication, and layers that detect and stop
attacks. [Confidentiality, Integrity, and Availability]
5. actors are attackers that nation-states use to carry out cyberwarfare activities. [Types of
Attackers and Reasons for Attack]
12 | Domain 1 Lesson 2: Fill-in-the-Blanks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Confidentiality, Integrity, and Project Details
Project file
Availability N/A
6. Many controls support availability and focus on minimizing or eliminating single points of .
13 | Domain 1 Lesson 2: Confidentiality, Integrity, and Availability Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Attackers Project Details
Project file
Although attackers are unique, they fall into several categories, including script N/A
kiddies, hacktivists, cybercriminals, state actors, insider threats, and advanced
Estimated completion time
persistent threats (APTs). Cybersecurity professionals can apply security
5 minutes
principles and configurations to like threats by categorizing these criminals.
Video reference
Cyber professionals are typically armed with knowledge about their systems and Domain 1
high-level permissions to those systems. Cyber professionals often find Topic: Essential Security Principles
themselves in a position where they could use what they know for personal Subtopic: Types of Attackers and
gain. A code of ethics is a set of principles and guidelines by which cyber Reasons for Attack; Code of Ethics
professionals must conduct themselves. Failure to adhere to an agreed-upon Objectives covered
code of ethics could result in termination and prosecution. 1 Essential Security Principles
1.1 Define essential security
Purpose principles
1.1 6 Types of attackers
Upon completing this project, you will better understand the different types of 1.1.7 Reasons for attacks
attackers, their motivations, and the code of ethics. 1.1 8 Code of ethics
c. An attacker motivated by a commitment to their ideology and uses cyberactivity to reach their goals.
d. Any attacker who carries out illegal activity that targets or uses computing equipment.
f. An attacker who possesses elevated privileges and internal knowledge of the system they attack.
14 | Domain 1 Lesson 2: Attackers Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Domain 1 Lesson 3
15 | Domain 1 Lesson 3: Attackers Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Fill-in-the-Blanks
Instructions: While watching Domain 1 Lesson 3, fill in the missing words according to the information presented by the
instructor. [References are found in the brackets.]
1. is often used by malware designers to collect victim information before an attack, but the software
itself is not directly malicious. [Malware and Ransomware]
3. are most often the weakest link against malware and ransomware. [Malware and Ransomware]
4. Any attack that interrupts the ability of authorized subjects to access permitted objects is an attack on
the principle of security. [Denial of Service and Botnets]
6. The term phishing is derived from an early cyberattack called . [Social Engineering
Attacks]
8. A physical attack that results in the removal, alteration, or of physical media violates each
of the pillars of the CIA triad. [Physical Attacks]
10. Internet of Things (IoT) devices are , easy-to-use devices that provide services across
various applications. [Person-Based Threats and IoT]
11. APTs are often associated with state . [Person-Based Threats and IoT]
16 | Domain 1 Lesson 3: Fill-in-the-Blanks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Malware and Ransomware Project Details
Project file
In the past, software existed to allow users to interact with their computers in N/A
productive ways. As time progressed, programmers discovered ways to use
Estimated completion time
software to exploit unknowing users. Software used to carry out these undesired
5 minutes
and destructive actions is known as malicious software or malware. Ransomware
is a popular type of malware in today’s personal and corporate environments. Video reference
An attacker demands a ransom be paid before access to compromised data and Domain 3
Topic: Common Threats and
systems is restored. A multilayered approach to security is generally the best
Vulnerabilities
protection against a ransomware attack. Subtopic: Malware and
Ransomware
Purpose
Objectives covered
Upon completing this project, you will better understand several common types 1 Essential Security Principles
of malware. 1.2 Explain common threats and
vulnerabilities
Steps for Completion 1.2 1 Malware
1.2 2 Ransomware
1. Match the type of malware with its description.
Notes for the teacher
A. Virus D. Trojan horse If time permits, students should study
B. Worm E. Spyware details of the popular WannaCry
ransomware attack that occurred in
C. Ransomware
May of 2017.
https://www.malwarebytes.com/wannac
a. Malware that infects other files in a system. ry
c. Malware that collects behavior and demographic information before sending it to a data collector.
2. Which control layer helps an organization restore affected files and return to operational status?
17 | Domain 1 Lesson 3: Malware and Ransomware Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Denial-of-Service Attacks Project Details
Project file
A common attack on availability is a denial-of-service (DoS) attack. Ransomware N/A
is one type of DoS attack that makes critical files unavailable to everyone,
Estimated completion time
including unauthorized subjects. A distributed denial-of-service (DDoS) attack
5 minutes
places malware on a compromised computer, turning that victim into a remote
attacker. Cybersecurity professionals must understand DoS and DDoS attacks to Video reference
build an effective defense to protect availability. Domain 3
Topic: Common Threats and
Purpose Vulnerabilities
Subtopic: Denial of Service and
Upon completing this project, you will better understand DoS attacks, DDoS Botnets
attacks, and botnets. Objectives covered
1 Essential Security Principles
Steps for Completion 1.2 Explain common threats and
vulnerabilities
1. What is the general goal of a traditional DoS attack? 1.2 3 Denial of service
1.2.4 Botnets
4. During a DDoS attack, an attacker takes what step once a victim’s computer has been compromised?
5. Why is it more difficult to defend against DDoS attacks than DoS attacks?
18 | Domain 1 Lesson 3: Denial-of-Service Attacks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Social Engineering Attacks Project Details
Project file
Social engineering attacks are effective because they focus on the human N/A
element of computer usage. The purpose of social engineering attacks is to
Estimated completion time
mislead users into carrying out actions on behalf of their attackers. Attackers
5 minutes
using social engineering commonly prey on victims by pretending to be
vulnerable and asking for assistance. Cybersecurity personnel should ensure that Video reference
all users are educated on social engineering techniques. Domain 3
Topic: Common Threats and
Purpose Vulnerabilities
Subtopic: Social Engineering
Upon completing this project, you will better understand basic social Attacks
engineering attacks. Objectives covered
1 Essential Security Principles
Steps for Completion 1.2 Explain common threats and
vulnerabilities
1. What is the primary reason for the effectiveness of social engineering 1.2 5 Social engineering attacks
attacks? (tailgating, spear phishing,
phishing, vishing, and smishing)
19 | Domain 1 Lesson 3: Social Engineering Attacks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Physical Attacks Project Details
Project file
The public generally associates the term cyberattack with an attack on password N/A
storage, system functionality, or data. A physical cyberattack is an attack on an
Estimated completion time
IT environment where the target is tangible and visible. In other words, physical
5 minutes
cyberattacks target aspects of a system that a person can touch. The goal of a
physical attack is to either steal or destroy those physical elements which Video reference
support an IT infrastructure. While technical security is critical, it is widely Domain 3
Topic: Common Threats and
accepted that other security efforts are meaningless without physical security.
Vulnerabilities
Subtopic: Physical Attacks
Purpose
Objectives covered
Upon completing this project, you will better understand the potential for a 1 Essential Security Principles
physical attack to disrupt business operations. 1.2 Explain common threats and
vulnerabilities
Steps for Completion 1.2.6 Physical attacks
3. A secure environment must include controls against physical attacks. List five examples of physical controls.
locked doors fences fire extingushers fire supressesent systems redudnent media storage.
20 | Domain 1 Lesson 3: Physical Attacks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Common Attacks and Project Details
Project file
Vulnerabilities N/A
4. IoT devices typically are hardened at a much lower rate than other devices.
21 | Domain 1 Lesson 3: Common Attacks and Vulnerabilities Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Domain 1 Lesson 4
22 | Domain 1 Lesson 4: Common Attacks and Vulnerabilities Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Fill-in-the-Blanks
Instructions: While watching Domain 1 Lesson 4, fill in the missing words according to the information presented by the
instructor. [References are found in the brackets.]
4. Type authentication involves possessing a token or similar device that generates a number or character
string that a server will recognize. [Multifactor Authentication]
6. The Group Policy Editor can be accessed by entering the command into a Windows run dialog
box. [Password Policies]
23 | Domain 1 Lesson 4: Fill-in-the-Blanks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
AAA and RADIUS Project Details
Project file
Authentication, authorization, and accounting (AAA) relate to building trust, and N/A
AAA provides a framework for differentiating between authorized and
Estimated completion time
unauthorized subjects. Layering each element of AAA is the best process for
10 minutes
correctly processing identity claims and monitoring permissions and access. The
main goal of AAA is to ensure that resources are accessed and modified only by Video reference
authorized subjects. Domain 1
Topic: Access Management Principles
Purpose Subtopic: AAA and RADIUS
Objectives covered
Upon completing this project, you will better understand the roles of AAA in a
1 Essential Security Principles
security posture. 1.1 Explain access management
principles
Steps for Completion 1.3.1 Authentication, authorization,
and accounting (AAA)
1. Describe the difference between authentication and authorization. 1.3 2 RADIUS
Athentication is whether a person is who they say they are and
Notes for the teacher
authorization is whether that person has permision to do somthing.
If time permits, students should
research an additional AAA protocol.
This protocol was developed by Cisco
and runs on port 49. (Answer:
TACACS+)
2. What is the purpose of accounting as it relates to AAA?
Ensures that identities operate withen their authorized privleges
3. Remote Authentication Dial-In User Service (RADIUS) provides a centralized standard for establishing trust
for remote users.
4. Despite current systems moving away from dial-in services, RADIUS is still used as a(n) centralized
service to authenticate and authorize remote users.
24 | Domain 1 Lesson 4: AAA and RADIUS Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Multifactor Authentication Project Details
Project file
Authentication is the process of verifying that a subject is the identity they claim N/A
to be. During the authentication process, subjects can be asked to provide
Estimated completion time
evidence supporting their identity claim; that evidence is referred to as
5 minutes
authentication credentials. Authentication credentials are separated into three
categories to support multifactor authentication (MFA). It is far more difficult for Video reference
hackers to compromise an account when two different authentication types Domain 1
Topic: Access Management Principles
protect that account. Therefore, MFA is a best practice for securing systems and
Subtopic: Multifactor
accounts. Authentication
1. Complete each of the following descriptions for the three Notes for the teacher
If time permits, students should enable
authentication categories.
multifactor authentication on at least
a. Type 1: what you know one of their personal accounts. After
doing so, students should detail which
b. Type 2: what you have authentication credential types were
used.
c. Type 3: what you are and what you do
3. In the past, type 2 authentication tokens were often hardware devices. However, today, digital
tokens are far more common.
5. List three examples of evidence that can be used to support type 3 authentication.
fingerprints retinal scans handwriting
25 | Domain 1 Lesson 4: Multifactor Authentication Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Password Policies Project Details
Project file
While MFA remains the best balance between security and utility for secure N/A
authentication, MFA is not universal across all login schemes. Many systems still
Estimated completion time
only require a user to provide a password. Password policies include
5 minutes
requirements on password complexity, password lifespan, reuse restrictions, and
recovery procedures. These policies aim to enhance the effectiveness of Video reference
passwords used in an organization, which is especially important in situations Domain 1
Topic: Access Management Principles
where MFA is not utilized or required. Security professionals can customize each
Subtopic: Password Policies
of these policies to suit the needs of their organization properly.
Objectives covered
Purpose 1 Essential Security Principles
1.3 Explain access management
Upon completing this project, you will better understand password policies and principles
how an organization uses those policies to protect employee passwords and 1.3.4 Password policies
business assets.
Notes for the teacher
If time permits, students should review
Steps for Completion the following post by Microsoft, which
further details password policies in a
1. List four general requirements that are often outlined in a password
Windows environment.
policy. https://docs.microsoft.com/en-
us/windows/security/threat-
a. complexity
protection/security-policy-
b. lifespan settings/password-policy
c. reuse restrictions
d. recovery procedures
2. Password complexity restrictions typically place restrictions on which three characteristics of a password?
a. length
b. allowed chracters
3. Many information systems today include the option for a(n) self password reset. This type of
password reset requires some other form of authentication and ultimately results in a user resetting a password
without the assistance of help desk personnel.
4. An organization has put a policy in place that does not allow users to choose a password they have used in the
last six months. This example demonstrates a password reuse restriction.
26 | Domain 1 Lesson 4: Password Policies Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Domain 1 Lesson 5
27 | Domain 1 Lesson 5: Password Policies Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Fill-in-the-Blanks
Instructions: While watching Domain 1 Lesson 5, fill in the missing words according to the information presented by the
instructor. [References are found in the brackets.]
1. An encryption algorithm, or series of steps to encrypt data, uses a special value called an encryption key to
scramble the data, resulting in . [Types of Encryption]
2. Symmetric encryption, also known as key encryption, uses the same key to encrypt and
decrypt data. [Types of Encryption]
4. A hashing function is called a(n) function because it is very easy to calculate in one direction
but extremely difficult to reverse. [Hashing]
5. A certificate is a(n) that includes a trusted identity and that identity's public key,
which a trusted entity has validated. [Certificates and Public Key Infrastructure]
6. A public key infrastructure (PKI) enables numerous senders and recipients to exchange public keys
and certificates. [Certificates and Public Key Infrastructure]
7. After significant technological advances, it was discovered that the data encryption standard (DES) could be
cracked in about minutes. [Strong vs. Weak Encryption Algorithms]
8. Advanced Encryption Standard (AES) is based on the Rijndael block cipher, which uses keys as large as
bits. [Strong vs. Weak Encryption Algorithms]
9. The three most common data states are data at rest, data in transit, and data in . [States of Data and
Appropriate Encryption]
10. Data at refers to data stored on storage media. [States of Data and Appropriate
Encryption]
11. Windows is an effective tool for inspecting data at rest. [States of Data and
Appropriate Encryption]
12. Data in generally refers to data being transmitted over a network. [States of Data and
Appropriate Encryption]
13. Data in use describes data that resides in the of a device or computer. [States of Data and
Appropriate Encryption]
14. The only way different computers or devices can talk to one another over connections is to agree
on the communication rules, also called protocols. [Protocols Using Encryption]
15. is a popular program that transfers files over File Transfer Protocol (FTP). [Protocols
Using Encryption]
28 | Domain 1 Lesson 5: Fill-in-the-Blanks Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Encryption Project Details
Project file
Encryption is a cryptographic technique that converts data from plaintext to N/A
ciphertext and ciphertext to plaintext. Plaintext is human-readable data that is
Estimated completion time
unencrypted, and ciphertext, the product of an encryption algorithm, is
5 minutes
unreadable by humans. The two main categories of encryption are symmetric
and asymmetric. Symmetric encryption differs from asymmetric encryption Video reference
because it uses the same key to encrypt and decrypt data, whereas asymmetric Domain 1
Topic: Encryption Methods and
encryption uses public and private keys.
Applications
Subtopic: Types of Encryption
Purpose
Objectives covered
Upon completing this project, you will better understand encryption and how 1 Essential Security Principles
encryption is used to protect data and authenticate senders. 1.4 Explain encryption methods and
applications
Steps for Completion 1.4.1 Types of encryption
1. Which type of encryption is commonly used to encrypt disk Notes for the teacher
drives? c If time permits, students should
experiment with different encryption
a. Ciphertext encryption algorithms using the encryption tool
found at
b. Plaintext encryption https://codebeautify.org/encrypt-
decrypt
c. Symmetric encryption An additional exercise could consist of
students passing short phrases to each
d. Asymmetric encryption other by providing only an algorithm
type, public key, and the encrypted data
2. Explain why symmetric encryption is better suited for storing data than (symmetric encryption).
transmitting data.
Transm
3. Bob and Alice have each created a key pair consisting of a public and private key. Which key should Bob use to
encrypt data before transmitting the data to Alice, ensuring that the data is protected and that only Alice can
decrypt the data?
4. How could encryption key pairs be used to guarantee the authenticity of a sender?
29 | Domain 1 Lesson 5: Encryption Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Hashing Project Details
Project file
Cryptography is the study of encrypting and decrypting data. The previous N/A
project covered encryption, one example of a cryptographic function. Hashing is
Estimated completion time
another example of a cryptographic function. The product of a hashing function
5 minutes
is known as a hash, and a hash is virtually irreversible. For that reason, it is
standard practice to store passwords as hashes. Video reference
Domain 1
When a user attempts to authenticate to a system, the password they provide is Topic: Encryption Methods and
entered into a hashing function, and the resulting hash is compared to a Applications
password hash in a database. If the two hashes match, it can be assumed that Subtopic: Hashing
the user has supplied the correct password. Objectives covered
1 Essential Security Principles
Purpose 1.4 Explain encryption methods and
applications
Upon completing this project, you will better understand hashing and how it 1.4.2 Hashing
differs from encryption.
Notes for the teacher
Steps for Completion If time permits, students should create a
list of five to ten similar phrases and
1. A standard hashing algorithm takes an arbitrary-sized input and returns select one as the target phrase.
a(n) fixed length string. Students should share those phrases
and a hash with a partner. The partner
2. Label the following statements as true or false. should use the hash to discover which is
the target phrase. The hash calculator
a. true Hashing algorithms are well-suited for found at
protecting data integrity. https://andersbrownworth.com/blockch
ain/hash is an easy-to-use hashing tool.
b. false Constructing two different inputs that produce
that same output is exceedingly common.
3. The properties of hashing algorithms make them well-suited for protecting data integrety .
4. Alice calculates a message's hash value before sending it to Bob, and Bob receives the message and calculates a
hash value using the same hash function. What assumptions can be made if the two hashes do not match?
the message was modified
30 | Domain 1 Lesson 5: Hashing Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Certificates and Public Key Project Details
Project file
Infrastructure N/A
4. A digital signature is very similar to encrypting and decrypting data using cryptography.
31 | Domain 1 Lesson 5: Certificates and Public Key Infrastructure Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Encryption Algorithms Project Details
Project file
Encryption algorithms vary in strength and complexity. As hardware becomes N/A
faster, encryption algorithms must evolve using longer keys and more complex
Estimated completion time
techniques. Selecting the correct algorithm for a specific application is not as
5 minutes
simple as selecting the most complex algorithm. The necessary strength of an
algorithm should be dictated by the period that the data needs to be secure. For Video reference
example, data that only needs to be protected for 24 hours does not need to be Domain 1
Topic: Encryption Methods and
encrypted using an algorithm that takes an estimated 72 hours to crack.
Applications
Subtopic: Strong vs. Weak
Purpose Encryption Algorithms
Upon completing this project, you will better understand the characteristics of Objectives covered
encryption algorithms that determine the strength of that algorithm. 1 Essential Security Principles
1.4 Explain encryption methods and
Steps for Completion applications
1.4.5 Strong vs. weak encryption
1. How is the strength of an algorithm measured? algorithms
3. What is the name of the state-of-the-art symmetric encryption algorithm based on the Rijndael block cipher?
a. Data that only needs to be protected for short periods does not need the strongest
encryption algorithms.
b. Advanced Encryption Standard (AES) is expected to keep data secure for the foreseeable
future.
c. The relative time it takes to crack an encryption algorithm is based on the attacker’s IP
address and the state of technology at the time of the attack.
32 | Domain 1 Lesson 5: Encryption Algorithms Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
States of Data Project Details
Project file
Data should be treated differently at each stage of its lifecycle. This lifecycle N/A
consists of three states: data in transit, data at rest, and data in use. Data in
Estimated completion time
transit refers to data moving from one storage location to another, typically
5 minutes
across a network. Data at rest refers to data that resides on physical storage
media, and data in use refers to data that resides in computer memory. Security Video reference
professionals are responsible for utilizing the proper protocols and procedures Domain 1
Topic: Encryption Methods and
for securing data at each stage of the data lifecycle.
Applications
Subtopic: States of Data and
Purpose Appropriate Encryption
Upon completing this project, you will better understand the three most Objectives covered
common data states used to determine the best possible encryption algorithm. 1 Essential Security Principles
1.4 Explain encryption methods and
Steps for Completion applications
1.4.6 States of data and
1. List four examples of storage media that are commonly used for data appropriate
that is at rest. encryption (data in transit, data at
rest, data in use)
a.
Notes for the teacher
b. If time permits, students should list
three examples of each data state (data
c. in transit, data at rest, and data in use).
d.
2. What are the two types of encryption typically best suited for data at rest?
6. Why is symmetric encryption the most common encryption type when working with data in use?
33 | Domain 1 Lesson 5: States of Data Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition
Protocols Using Encryption Project Details
Project file
Computers and devices rely on communication protocols to communicate with N/A
one another over a network. A protocol is a set of rules that dictates how data is
Estimated completion time
formatted and processed between nodes. The most common example of a
5 minutes
communication protocol is the Hypertext Transfer Protocol (HTTP). HTTP is an
insecure protocol because the data travels in plaintext. Hypertext Transfer Video reference
Protocol Secure (HTTPS) is the secure version of HTTP by which traffic is Domain 1
Topic: Encryption Methods and
encrypted while in transit. It is not uncommon for a protocol to have a secure
Applications
and insecure version. Security professionals should restrict the use of insecure Subtopic: Protocols Using
protocols whenever possible. Encryption
a.
b.
c.
3. HTTPS is transmitted over one of two protocols. List those two protocols.
a.
b.
34 | Domain 1 Lesson 5: Protocols Using Encryption Cisco Certified Support Technician: Cybersecurity Project Workbook, First Edition