Key topics: Symmetric encryption: AES; shared-key model; key distribution problem, Asymmetric encryption: RSA; public/private key pairs; uses for key exchange and digital signatures, Hashing for integrity: data integrity verification; file hash comparison, Digital signatures: non-repudiation; signing with private key, verifying with public key, PKI and Certificate Authorities: X.509 certificates, CA hierarchy, certificate chains, revocation (CRL/OCSP), HTTPS and TLS: TLS handshake mechanics; certificate validation; HSTS, Application vulnerabilities: SQL injection, cross-site scripting (XSS), buffer overflow, insecure direct object references, Secure coding practices: input validation, parameterized queries, error handling, Data protection: encryption at rest vs. in transit; data classification; DLP concepts.
Study guide content for this unit is being prepared. Check back soon for complete lesson notes, formula sheets, and worked examples.
