IT Security: Defense against the digital dark arts| Question and Answers (A+ guide solution)

How is hashing different from encryption? - Hashing operations are one-directional. Hash functions, by definition, are one-way, meaning that it's not possible to take a hash and recover the input that generated the hash. Encryption, on the other hand, is two-directional, since data can be both encrypted and decrypted. What's a hash collision? - When 2 different files generates the same hash digest. If two different files result in the same hash, this is referred to as a hash collision. Hash collisions aren't awesome, as this would allow an attacker to create a fake file that would pass hash verification. How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)? - A MIC only hashes the message, while a MAC incorporates a secret key. A MIC can be thought of as just a checksum or hash digest of a message, while a MAC uses a shared secret to generate the checksum. This also makes it authenticated, since the other party must also have the same shared secret, preventing a third party from forging the checksum data. How can you defend against brute-force password attacks? Check all that apply. - Enforce the use of strong passwords. Run passwords through the hashing function multiple times. Incorporate salts to password hashing. A brute-force password attack involves guessing the password. So, having complex and long passwords will make this task much harder and will require more time and resources for the attacker to succeed. Incorporating salts into password hashes will protect against rainbow table attacks, and running passwords through the hashing algorithm lots of times also raises the bar for an attacker, requiring more resources for each password guess.