Encryption and Hashing are two primary techniques used in cryptography and play a vital role in ensuring data security. Both mechanisms are essential in the context of implementing security, especially for exams like SC-900 Microsoft Security, Compliance, and Identity Fundamentals.

#### Understanding Encryption

Encryption is a process used to scramble readable (plaintext) data into an unreadable form (Ciphertext) to prevent unauthorized access. This process uses algorithms and encryption keys to transform the data.

There are two types of encryption:

- Symmetric encryption: In this approach, the same key is used for both encrypting and decrypting messages. It’s faster and more efficient, making it suitable for encrypting large amounts of data. AES (Advanced Encryption Standard) is a typical example of symmetric encryption.
- Asymmetric encryption: Also known as public-key cryptography, this method uses two different keys for the encryption and decryption process. One is a public key (used for encryption), and the other is a private key (used for decryption). This type of encryption is used in HTTPS and email encryption. RSA (Rivest-Shamir-Adleman) is a widely used asymmetric encryption technique.

#### Understanding Hashing

On the other hand, Hashing is a technique that converts an input of any length into a fixed-size string of text, using a mathematical algorithm. This string is always of the same length, regardless of the size of the input. Unlike encryption, hashing is a one-way function. Meaning, you can’t reverse-engineer the original input from the hash output.

Some common hashing algorithms include:

- MD5 (Message Digest Algorithm 5)
- SHA (Secure Hash Algorithms)
- HMAC (Hash-based Message Authentication Code)

Hashing is often used to store passwords securely. Instead of storing the actual password, systems store the hash version of the password. When a user logs in, the system hashes the password entered and compares it with the hashed password password in the database.

#### Key Differences Between Encryption and Hashing

To further understand the difference between encryption and hashing, let’s consider the following table.

Encryption | Hashing | |
---|---|---|

Key usage | Encryption algorithms use one or multiple keys for the process | Hashing does not require any keys |

Directionality | It’s two-way. Encrypted data can be decrypted | It’s one-way. Hashed data can’t be reverse-engineered to its original form |

Purpose | To secure data (think privacy and confidentiality) | To verify the integrity of data. It validates the data hasn’t been tampered with |

Speed | Generally slower due to complex algorithms | Faster than encryption |

Output Length | Varies depending on the algorithm and encryption key used | Fixed length regardless of the input size |

Understanding both encryption and hashing will be beneficial when tackling Microsoft’s SC-900 exam. They form the foundation of cryptography, which is key in implementing security in technology environments. The exam covers these concepts in the context of Microsoft’s security, compliance, and identity capabilities and features, providing real-world examples of their implementation.

To sum up, mastering the basics of encryption and hashing is a significant step in preparing for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals exam. Once you understand these processes, you can effectively manage and protect sensitive data in any technological environment.

## Practice Test

### True or False: Hashing is a one-way function that always outputs a unique value.

- True
- False

**Answer:** False

**Explanation:** Hashing is a one-way function, but it is not guaranteed to always output a unique value due to the possibility of collisions.

### Which of the following is NOT a characteristic of encryption?

- a) Converting data to a form that is difficult to understand without a key
- b) Converting data to a form that can be reverted to its original form without a key
- c) Using a special algorithm and a key to transform data
- d) Providing a means to secure data during transmission or while stored

**Answer:** b) Converting data to a form that can be reverted to its original form without a key

**Explanation:** Encryption is a process that transforms data into a form that is difficult to understand without a key, it can’t be reverted to its original form without the key.

### True or False: Both encryption and hashing are used to enhance the security of the data.

- True
- False

**Answer:** True

**Explanation:** Both encryption and hashing methods are used to protect data. Encryption transforms data into a form that is only readable with a key, while hashing converts it to a fixed size and unidentifiable format.

### In terms of functionality, which of these is a difference between encryption and hashing?

- a) Hashing is reversible, but encryption isn’t
- b) Encryption is reversible, but hashing isn’t
- c) Both are reversible with the right key
- d) Neither is reversible

**Answer:** b) Encryption is reversible, but hashing isn’t

**Explanation:** Encryption is designed to be reversible if you have the right decryption key. Hashing, however, is not designed to be reversed.

### Which one of the following is a popular hashing algorithm?

- a) RSA
- b) SHA-256
- c) AES
- d) DSA

**Answer:** b) SHA-256

**Explanation:** SHA-256 (Secure Hash Algorithm 256 bit) is a popular cryptographic hashing function that produces a 256-bit signature for a text.

### True or False: The main difference between encryption and hashing is that encryption is a two-way function, while hashing is a one-way function.

- True
- False

**Answer:** True

**Explanation:** Encryption is a two-way function where data can be converted back to its original form using a key, while hashing is a one-way function that permanently transforms data into a fixed length.

### Which of the following is a common use of hashing?

- a) Securing credit card information
- b) Verifying file integrity
- c) Sending confidential emails
- d) Encrypting sensitive databases

**Answer:** b) Verifying file integrity

**Explanation:** Hashing is commonly used to verify file integrity by comparing the hashed values of files. Any difference in hashes indicates that the file has been altered.

### Which type of keys does symmetric encryption use?

- a) Different keys for encryption and decryption
- b) The same key for encryption and decryption
- c) Hash keys
- d) Public keys

**Answer:** b) The same key for encryption and decryption

**Explanation:** Symmetric encryption uses the same key for both the encryption and decryption processes.

### True or False: Once a message has been hashed, it is impossible to retrieve the original message.

- True
- False

**Answer:** True

**Explanation:** Hashing is a one-way function, it means the original data can’t be retrieved or decrypted.

### Which of the following is a benefit of encryption?

- a) Encryption always prevents data from being intercepted
- b) Encryption makes it easy to track data
- c) Encryption ensures data can always be recovered
- d) Encryption maintains data confidentiality

**Answer:** d) Encryption maintains data confidentiality

**Explanation:** The central purpose of encryption is to protect the confidentiality of data, both while stored and during transmission.

## Interview Questions

### What is encryption in network security?

Encryption in network security is a process that converts clear text into cipher text using encryption algorithms and keys. Its primary function is to protect the confidentiality of digital data stored on computer systems or transmitted over the internet or other networks.

### Explain the two primary types of encryption used?

The two primary types of encryption used are symmetric and asymmetric encryption. Symmetric encryption uses the same key to encrypt and decrypt data. In contrast, asymmetric encryption uses two different keys: a public key to encrypt data and a private key to decrypt it.

### What is a Hashing function in cryptography?

A hashing function in cryptography is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size. It is a one-way function where data gets encrypted but can’t be decrypted back to the original form later.

### How is encryption different from hashing?

The primary difference between encryption and hashing is reversibility. Encrypted data can be reversed back into its original form by decrypting it with the correct key. In contrast, hashing is a one-way function which transforms the data into a new, irreversible form.

### Describe the purpose of a salt in password hashing?

In password hashing, a salt is random data that gets used as an additional input to a hashing function to prevent identical passwords from being hashed to the same value, which helps prevent certain types of attacks.

### What is a key in encryption and why is it important?

A key in encryption is a piece of information used in the encryption algorithm to transform plaintext into ciphertext and vice versa in decryption. It’s crucial for maintaining the security and confidentiality of encrypted data since only those with the correct key can effectively decrypt and access the original data.

### What is meant by key management in the context of encryption?

Key management refers to the administration and control of encrypted keys that includes generating, exchanging, storing, using, and replacing keys as well as defining their lifecycles and access rights. It is crucial for maintaining effective encryption practices and data security.

### How does hashing contribute to data integrity?

By comparing the hashed values of data before and after transmission or storage, one can confirm whether or not it has been tampered with. If the hash values match, the data is intact. If they differ, it is a sign that the data has been altered and thus its integrity is compromised.

### What is a digital signature and how is it related to encryption and hashing?

A digital signature is a cryptographic tool used to verify the authenticity and integrity of a message, software or digital document. It’s created using the sender’s private key and the hashing of the message. The recipient can then verify the signature using the sender’s public key, ensuring the message was not altered during transmission and it’s truly from the claimed sender.

### What does it mean when a hash function is ‘collision-resistant’?

A hash function is said to be ‘collision-resistant’ if it’s hard to find two inputs that hash to the same output. This means that every unique input should ideally produce a unique hash, making the storage and retrieval of data more secure.

### What is a block cipher in encryption?

A block cipher is an encryption method that applies the encryption algorithm to blocks of plaintext, usually of equal size, rather than individual bits. Common block cipher modes include ECB (Electronic Codebook) and CBC (Cipher Block Chaining).

### What type of encryption does the RSA algorithm use?

The RSA algorithm uses asymmetric encryption. It uses a pair of keys for encryption: a public key to encrypt the message and a private key to decrypt it.

### Why are keys in encryption usually exchanged using asymmetric encryption, even though symmetric encryption is faster and less resource-intensive?

Keys in encryption are often exchanged via asymmetric encryption due to security reasons. Although symmetric encryption is faster, the secure exchange of the symmetric key is a challenge. Asymmetric encryption allows secure key exchange over an insecure network, as the public key used for encryption is freely accessible, while the private key for decryption remains secure.

### What is Hash-based Message Authentication Code (HMAC)?

HMAC is a specific type of message authentication code (MAC) that involves a cryptographic hash function and a secret cryptographic key. It’s used to verify both the data integrity and the authenticity of a message.

### What does the Advanced Encryption Standard (AES) specify?

The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST). AES is a symmetric block cipher that is intended to replace DES as the approved standard for a wide range of applications.