Datasheet
Book IX
Chapter 1
Fundamentals
of Security
1055
Methods of Securing Transmissions
Most Internet protocols, such as HTTP, send information in cleartext, and it
is up to the people who set up the servers that use these Internet protocols
to encrypt the information before it is released to the Internet. Encrypting
the information means that the information is run through a mathematical
calculation that generates an altered version of the information: a result. For
example, the words Glen Clarke could be encrypted to look like 7y3i
s3fk4r. If anyone intercepts such encrypted information and views it while
it is traveling across the wire, the information would mean nothing.
Here is a real-world example. You type your credit card number on a Web
site, but you certainly do not want that credit card number to be viewed
while you send it from your client computer to the server. You want to be
sure that the Web site where you enter the credit card number encrypts the
traffic. You can tell by the lock icon that appears in the Web browser, as
shown in Figure 1-9.
Figure 1-9:
Identifying a
secure site
by locating
the lock in
Internet
Explorer.
It is important for the A+ exam that you understand popular methods of
encrypting traffic. You can use a number of technologies, such as
✦ Secure Sockets Layer (SSL): This protocol is used to encrypt different
types of Internet traffic. For example, you could use SSL to encrypt HTTP
traffic by applying a digital certificate to the Web site. The digital certifi-
cate contains the key that is used to encrypt and decrypt the traffic.
✦ Internet Protocol Security (IPSec): This protocol can encrypt all TCP/
IP traffic between systems. As a network administrator, you configure
IPSec on the server and the clients with the same key, which is used to
49_487389-bk09ch01.indd 105549_487389-bk09ch01.indd 1055 9/10/09 11:03 PM9/10/09 11:03 PM