2 cissp ® Official Study Guide Eighth Edition


Chapter 12  ■ Secure Communications and Network Attacks Verify Integrity



Download 19,3 Mb.
Pdf ko'rish
bet523/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   519   520   521   522   523   524   525   526   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

562
Chapter 12 

Secure Communications and Network Attacks
Verify Integrity
To verify the integrity of a transmission, you can use a checksum called a hash total. A 
hash function is performed on a message or a packet before it is sent over the communica-
tion pathway. The hash total obtained is added to the end of the message and is called the 
message digest. Once the message is received, the hash function is performed by the desti-
nation system, and the result is compared to the original hash total. If the two hash totals 
match, then there is a high level of certainty that the message has not been altered or cor-
rupted during transmission. Hash totals are similar to cyclic redundancy checks (CRCs) in 
that they both act as integrity tools. In most secure transaction systems, hash functions are 
used to guarantee communication integrity.
Checking the hash
Checking the hash value of files is always a good idea. This simple task can prevent the 
use of corrupted files and prevent the accidental acceptance of maligned data. Several 
intrusion detection systems (IDSs) and system integrity verification tools use hashing 
as a means to check that files did not change over time. This is done by creating a hash 
for every file on a drive, storing those hashes in a database, and then periodically recal-
culating hashes for files and checking the new hash against the historical one. If there is 
ever any difference in the hashes, then you should investigate the file.
Another common use of hashes is to verify downloads. Many trusted internet download 
sites provide MD5 and SHA hash totals for the files they offer. You can take advantage 
of these hashes in at least two ways. First, you can use a download manager that auto-
matically checks the hashes for you upon download completion. Second, you can obtain 
a hashing tool, such as md5sum or sha1sum, to generate your own hash values. Then 
manually compare your generated value from the downloaded file against the claimed 
hash value from the download site. This mechanism ensures that the file you ultimately 
have on your system matches, to the last bit, the file from the download site.
Record sequence checking is similar to a hash total check; however, instead of verifying 
content integrity, it verifies packet or message sequence integrity. Many communications 
services employ record sequence checking to verify that no portions of a message were lost 
and that all elements of the message are in their proper order.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   519   520   521   522   523   524   525   526   ...   881




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish