Chapter 6

               Cryptography and Symmetric Key Algorithms


               THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER

               INCLUDE:

                      Domain 2: Asset Security

                        2.5 Determine data security controls

                             2.5.1 Understand data states

                      Domain 3: Security Architecture and Engineering

                        3.5 Assess and mitigate the vulnerabilities of security
                        architectures, designs, and solution elements

                             3.5.4 Cryptographic systems

                        3.9 Apply cryptography


                             3.9.1 Cryptographic lifecycle (e.g., key management,
                             algorithm selection)

                             3.9.2 Cryptographic methods (e.g., symmetric, asymmetric,
                             elliptic curves)

                             3.9.6 Nonrepudiation

                             3.9.7 Integrity (e.g. hashing)













                                       Cryptography provides confidentiality, integrity,

               authentication, and nonrepudiation for sensitive information while it
               is stored (at rest), traveling across a network (in transit), and existing
               in memory (in use). Cryptography is an extremely important security
               technology that is embedded in many of the controls used to protect