Cyber Security (BD308) – Assignment Week 11 – Syafira Aulia

Module Questions 11

1. What is the main difference between symmetric and asymmetric encryption?

Answer :

The main difference lies in the number of keys used for the process. Symmetric Encryption uses a single, identical key for both encrypting and decrypting data. It is very fast and efficient for bulk data, but the challenge is securely sharing the key between parties. Asymmetric Encryption, on the other hand, uses a pair of related keys: a Public Key (which anyone can use to encrypt) and a Private Key (which only the owner has to decrypt). While slower, it is much more secure for communication over the internet because the private key never needs to be shared.

2. Explain what “data in transit” and “data at rest” mean, and why both need to be encrypted.

Answer :

Data in Transit refers to information currently traveling across a network, such as an email being sent or a credit card number being transmitted to a web server. Data at Rest refers to information sitting still on a storage device, such as files on a hard drive or records in a database. It is critical to encrypt both because they face different threats: data in transit can be intercepted by hackers on the network (sniffing), while data at rest can be stolen if a physical server is compromised or a database is breached.

3. Why should a business store hashed versions of user passwords instead of the passwords themselves?

Answer :

A business should store hashed versions of passwords because a “hash” is a one-way cryptographic function that turns a password into a unique string of characters that cannot be reversed. If a hacker manages to breach the company’s database, they will only see these unreadable hashes instead of actual plain-text passwords. When a user logs in, the system hashes the entered password and compares it to the stored hash; if they match, access is granted. This practice ensures that even in a data breach, the users’ original passwords remain unknown and cannot be reused by attackers on other websites.

 

Status: 100% terpenuhi

Keterangan: Sudah mengerjakan tugas dengan baik dan benar.

Previous Post Previous Post
Newer Post Newer Post

Leave a comment