1. Describe security policy
1.1. a document in an organization on how to protect from threats and how to handle them
1.2. Strong Password Criteria
1.2.1. <= 8 characters
1.2.2. Mix of UPPERCASE & lowercase
1.2.3. Numbers1234 & Letters
1.2.4. <= One special character, e.g. ! * % $
1.3. Good policy criteria
1.3.1. Endorsed - shown active commitment by organization
1.3.2. Relevant - support the principles and goals of the organization, and relevant parties must comply
1.3.3. Realistic - it has to make sense & be done
1.3.4. Attainable - it can be implemented successfully, and should not be set up for failure
1.3.5. Adaptable - changes can be done without much repercussions
1.3.6. Enforceable - rules have to be abided or there will be appropriate consequences
1.3.7. Inclusive - must include external parties relevant to the policy
2. Explain Encryption Technology
2.1. Cryptographic terminologies
2.1.1. Encryption - plaintext to ciphertext and uses a key to switch back to plaintext
2.1.2. Ciphertext - result of an encryption
2.1.3. Decryption - takes encrypted data and turns it back to its original format
2.1.4. Cryptanalysis - finds weakness in encryption algorithm an deciphers encrypted data
2.2. Commmon Comunication Encryption Types
2.2.1. Symmetric Encryption - one key is used to enrypt and decrypt
2.2.2. Asymmetric Encryption - two distinct but relate keys, Public Key and Private Key
2.2.2.1. Public key is for ENCRYPTION & Private Key is for DECRYPTION
2.2.2.2. Sender uses recipients public key to encrypt and recipient uses their own private key to decrypt
2.2.3. Hash Encoding - data is change into a fixed-length string after passing through a Hash Algorithm
2.2.3.1. Its to ensure the integrity of info being sent over a network
3. Describe security procedures
3.1. step-by-step instructions on how to implement, enable, or enforce security controls
3.2. Data protection - safeguarding important info from corruption/loss
3.2.1. Lock Apps
3.2.2. Keep Browsing Secure
3.2.3. Encrypt data
3.2.4. Back Up Data