From the course: CompTIA Security+ (SY0-701) Cert Prep: 3 Security Architecture
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Data obfuscation
From the course: CompTIA Security+ (SY0-701) Cert Prep: 3 Security Architecture
Data obfuscation
An alternative to removing data from a data set is transforming it into a format where the original information can't be retrieved. This is a process called data obfuscation, and we have several tools at our disposal to assist us. First, we can use a hash function to transform a value in our data set to a hashed value. Now, remember from our discussion of hash functions that they are one-way functions. If we apply a strong hash function to a data element, we may replace the value in our file with the hashed value. While it isn't possible to retrieve the original value directly from the hashed value, there is one possible flaw to this approach. If someone has a list of all possible values for a field, they can conduct something called a rainbow table attack. In this attack, the attacker computes the hashes of those candidate values and then checks to see if those hashes exist in the data file. Let's say that we had a file listing all of the students at a college who have failed…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.