Domain 5 of 5 · Chapter 1 of 4

Data Security

Encryption vs hashing: confidentiality vs integrity

Send a contract over the internet and you need two separate guarantees: nobody reads it on the way, and nobody changes a clause without you noticing. Those are two different jobs done by two different tools, and the single most tested idea in this whole topic is that they are not the same thing.

Encryption protects confidentiality and is reversible. It runs readable data (plaintext) through an algorithm with a key to produce scrambled data (ciphertext); with the right key, the process runs backward and you get the original plaintext returned. The whole point is that the data can be recovered by an authorized holder of the key.

Hashing protects integrity and is one-way. A hash function[1] takes any input and produces a short, fixed-length fingerprint (a digest), and there is no key and no way to run it backward to recover the input. If even one character of the input changes, the digest changes completely, so comparing a stored digest to a freshly computed one reveals whether the data was altered. The standard algorithms are the SHA-2 and SHA-3 families (FIPS 180-4[2], FIPS 202[3]).

The trap is everywhere on this exam: hashing is described as if it were a kind of encryption. It is not. A hash hides nothing, because anyone can run the same public function and produce the same digest; it only tells you whether the data changed. Read the question for the goal. If the scenario is about keeping data secret, the answer involves encryption. If it is about proving data was not tampered with, the answer involves hashing.

Encryption: reversiblePlaintextCiphertextencryptdecrypt with keyHashing: one-wayAny inputDigesthashno way backEncryption hides datagoal: confidentialityHashing detects changegoal: integrity
Encryption runs both ways to recover plaintext (confidentiality); a hash runs one way to a digest that detects change (integrity).

Symmetric and asymmetric encryption

All encryption shares one model: an algorithm plus a key turns plaintext into ciphertext and back. The two families differ in exactly one thing, how many keys are involved and who holds them, and that single difference decides what each is good for.

Symmetric encryption: one shared key

Symmetric encryption uses the same secret key to encrypt and to decrypt. It is fast and efficient, which makes it the right choice for bulk data: encrypting a whole disk, a database, or a large file. The catch is key distribution. Both parties must already have the same secret key, and getting that key to the other side safely, without an eavesdropper grabbing it, is the hard part. The standard symmetric algorithm is the Advanced Encryption Standard (AES, FIPS 197[4]).

Asymmetric encryption: a public/private key pair

Asymmetric encryption (also called public-key encryption) uses a matched pair of keys instead of one shared secret. What one key in the pair locks, only the other key can unlock. One key is the public key, which can be published to anyone, and the other is the private key, which the owner keeps secret and never shares. To send someone a confidential message, you encrypt it with their public key, and only their private key can decrypt it, so it does not matter that the public key was out in the open. This is what symmetric encryption cannot do: it lets two parties who have never met communicate securely, because no secret has to be shared in advance. RSA is the classic asymmetric algorithm.

They work together

Asymmetric encryption is much slower than symmetric, so in practice the two are combined rather than chosen between. A session typically uses slow asymmetric encryption once to safely exchange a fresh symmetric key, then switches to fast symmetric encryption for the actual data. This is the pattern behind TLS, the protection used for data in transit on the web. For the CC exam, hold the core contrast: symmetric is one shared key and is fast for bulk data; asymmetric is a public/private pair and solves key exchange.

Symmetric: same key both waysPlaintextShared keyCiphertextencrypt and decrypt both use the one shared keyAsymmetric: public key locks, paired private key unlocksPlaintextRecipient public keyencryptCiphertextonly the recipient private key decrypts
Symmetric encryption shares one secret key; asymmetric encryption encrypts with a public key and decrypts only with the paired private key.

Protecting data in its three states

Data is never in just one place, and the control that protects it depends on what it is doing right now. The CC exam expects you to name the three states and pair each with its primary protection (NIST SP 800-111[5]).

  • Data at rest is stored: on a disk, a USB drive, a phone, or in a database. Protect it with storage encryption (such as full-disk encryption) plus access control. Storage encryption mainly defends a lost or stolen, powered-off device; once an authorized user logs in and the volume is unlocked, the data is available to them, so encryption is not a substitute for access control on a running system.
  • Data in transit is moving across a network: an email, a file upload, a web request. Protect it with transport encryption, most commonly TLS for web traffic and IPsec for VPNs, so an interceptor on the wire sees only ciphertext.
  • Data in use is loaded into memory and being actively processed by an application or the CPU. This is the hardest state to protect, because the processor has traditionally needed the data in cleartext to compute on it. It is mitigated with strict runtime access control and clearing memory after use, and increasingly with confidential-computing hardware.

The exam pattern is direct: a question describes where the data is and asks for the right control, or names a control and asks which state it protects. Encrypting a hard drive is at rest; an HTTPS connection is in transit; data sitting decrypted in RAM is in use.

Data statesAt restIn transitIn usestorage encryption+ access controltransport encryptionTLS / IPsecruntime access controlmemory hygiene
Each data state has a primary control: storage encryption at rest, transport encryption in transit, runtime controls in use (per NIST SP 800-111).

Data handling: classification, labeling, retention, destruction

Data handling is the lifecycle of decisions about a piece of data, from the moment it is created to the moment it is destroyed, and it all starts with one question: how sensitive is this?

Classification

Classification assigns a sensitivity level based on the harm that disclosure or loss would cause. A typical commercial scheme runs public, internal, confidential, restricted, from least to most sensitive; governments use schemes such as unclassified, confidential, secret, top secret. The key exam fact is who decides: the data owner, a business role, sets the classification, while the custodian (usually IT) only implements the resulting controls. Classification comes first because you cannot pick the right protection for data until you know how sensitive it is.

Labeling and marking

Once classified, data is labeled so its handling rules travel with it. A marking is the human-readable form, a stamp such as "Confidential" that a person reads and acts on; a label in the strict sense is machine-readable metadata that a system parses and enforces. Both ensure that everyone, and every system, that touches the data knows how it must be handled.

Retention

Retention sets how long data is kept before it is disposed of, driven by legal, regulatory, and business requirements. Keeping data too long raises both storage cost and breach exposure; deleting it too soon can break a legal or compliance obligation. One sharp exception: a legal hold suspends the normal retention-and-destruction schedule for data involved in actual or anticipated litigation, and that data must be preserved until the hold is lifted, even if its retention period has expired.

Destruction and sanitization

At end of retention, data must be destroyed so it cannot be recovered, and this is where the most testable detail lives. Deleting a file or quick-formatting a drive does not destroy the data: it only removes the pointer, leaving the actual bits recoverable, a problem called data remanence. Proper media sanitization[6] comes in three levels of rising assurance (NIST SP 800-88):

  • Clear overwrites the data using normal read/write commands. It defeats casual recovery and the media stays reusable.
  • Purge renders recovery infeasible even with laboratory techniques. Methods include degaussing (a strong magnetic field that wipes magnetic disks and tapes, but does nothing to flash/SSD storage) and cryptographic erase (destroying the encryption key so only unrecoverable ciphertext remains). The media may still be reusable.
  • Destroy physically wrecks the media by shredding, pulverizing, or incinerating, so it can never be used for storage again.

The decision rule is based on the confidentiality of the data, not the type of media: choose the sanitization level from how sensitive the data is, and whether the media will be reused or leave your control.

rising assurance, recovery gets harderClearoverwrite, reusablePurgedegauss / crypto eraseDestroyshred, not reusablePick the level from data confidentiality, not media typeA logical delete leaves data remanence: bits remain recoverable
Sanitization rises in assurance from clear to purge to destroy; choose the level from data confidentiality, not media type (NIST SP 800-88).

Logging and monitoring security events

Security does not end when a control is in place; you also have to know what is happening, and that is the job of logging and monitoring. The two are related but distinct, and the exam tests the difference.

Logging is the recording of security-relevant events as they occur: logins and failed logins, file and resource access, account and permission changes, configuration changes, and system errors. A log is a timestamped history, and it is the raw material of accountability, the ability to trace an action back to the individual who performed it. This is why unique user accounts matter: if everyone logs in as a shared "admin" account, the logs can prove an action happened but not who did it.

Monitoring is the active review of those logs to detect problems. Logs that pile up unread give you evidence to reconstruct an incident afterward, but no early warning while it is unfolding. In practice, logs from many systems are collected into a central place so they can be correlated and watched together; alerts then flag suspicious patterns, such as repeated failed logins or access at an unusual hour, while there is still time to respond.

Two points the exam likes to test. First, logs are themselves sensitive and a target: an attacker who can edit or delete logs can erase evidence, so logs must be protected and ideally stored where they cannot be tampered with. Second, logging supports detective controls (it tells you something happened), not preventive ones (it does not stop the event), so a question asking how to detect misuse points to logging and monitoring, while one asking how to prevent it points elsewhere.

Exam pattern: read for the goal, then pick the tool

Most Data Security questions hand you a scenario and ask for the right protection, or name a tool and ask what it provides. The reliable method is to read for the goal, confidentiality, integrity, accountability, or safe disposal, and let the goal pick the answer.

How to read the stem

  • Keep data secret from anyone who intercepts or steals it: encryption. Bulk data with a shared key is symmetric; exchanging data with no pre-shared key is asymmetric.
  • Detect tampering or verify a file is unchanged: hashing. The answer is integrity, and a hash is not encryption.
  • Decide how to handle a data set: classify it first (the data owner decides), then let the classification drive storage, access, retention, and destruction.
  • Dispose of media that held sensitive data: sanitize, do not delete. Clear, purge, or destroy by sensitivity; degaussing wipes magnetic media but not flash/SSD.
  • Trace who did something or catch suspicious activity: logging and monitoring.

Common traps

The headline trap is treating hashing as encryption, or picking a hash when the scenario needs confidentiality; a hash proves integrity and hides nothing. A second trap is choosing asymmetric encryption for bulk data when a shared key already exists; symmetric is the fast, correct choice there. A third is assuming a deleted file or quick-formatted drive is gone; data remanence means the bits remain recoverable until the media is actually sanitized. A fourth is reaching for degaussing on a solid-state drive; degaussing only works on magnetic media, so flash/SSD needs cryptographic erase or physical destruction. When several controls are offered, decide what the question is really protecting, then match the tool to that one goal.

Symmetric encryption vs asymmetric encryption vs hashing

PropertySymmetric encryptionAsymmetric encryptionHashing
Security goalConfidentialityConfidentiality (plus key exchange)Integrity, not confidentiality
Reversible?Yes, decrypt with the keyYes, decrypt with the paired keyNo, one-way fingerprint
Keys usedOne shared secret keyA public/private key pairNo key (keyed variants exist for MACs)
Relative speedFast, suits bulk dataSlow, suits small data and key exchangeVery fast
Example algorithmAESRSASHA-2, SHA-3

Decision tree

What is the goal?keep secretdetect changedispose of mediaEncryptionHashingintegrity, one-way digestSanitize by sensitivityshared keyno shared keySymmetric (AES)fast, bulk dataAsymmetric (RSA)key exchange, public/privatelowhigh, reusehighestClearPurgeDestroyA logical delete leaves data remanence; degaussing wipes magnetic media but not flash/SSD.Always: the data owner classifies first, and log and monitor the events that touch the data.

Sharp facts the exam loves — give these one last read before exam day.

Cheat sheet

Sharp facts the exam loves — scan these before test day.

Hashing proves integrity; encryption protects confidentiality

Encryption and hashing solve opposite problems, and confusing them is the single most tested mistake in this topic. Encryption scrambles data so only a key holder can read it, serving confidentiality, and it is reversible. Hashing produces a one-way fingerprint that reveals whether data changed, serving integrity, and it is not reversible. A hash hides nothing because anyone can compute it, so it can never be the answer to a question about keeping data secret.

Trap Treating hashing as a form of encryption; a hash detects change but cannot conceal data, so it provides no confidentiality.

8 questions test this
A hash is one-way and fixed-length, with no key

A hash function turns any input into a short fixed-length digest and cannot be run backward to recover the input, so it uses no key and reveals nothing about the content. Comparing a stored digest with a freshly computed one detects tampering, because changing even one character changes the whole digest. The standard families are SHA-2 and SHA-3 (NIST FIPS 180-4 and FIPS 202).

10 questions test this
Symmetric encryption uses one shared key and is fast for bulk data

Symmetric encryption uses the same secret key to encrypt and decrypt, which makes it fast and the right choice for bulk data like full disks, databases, and large files. Its weakness is key distribution: both parties must already share the secret key, and getting that key to the other side safely is the hard part. The standard symmetric algorithm is AES (NIST FIPS 197).

8 questions test this
Asymmetric encryption uses a public/private key pair to solve key exchange

Asymmetric (public-key) encryption uses a matched pair where what one key locks only the other can unlock. The public key can be shared with anyone; the private key stays secret. To send a confidential message you encrypt with the recipient's public key, and only their private key decrypts it, so two parties who never met can communicate without sharing a secret first. RSA is the classic asymmetric algorithm.

Trap Choosing asymmetric encryption to bulk-encrypt large data; it is much slower than symmetric and is meant for small data and key exchange, not the payload.

Real systems combine asymmetric and symmetric encryption

Because asymmetric encryption is slow, practical systems do not choose one family over the other; they use slow asymmetric encryption once to safely exchange a fresh symmetric key, then switch to fast symmetric encryption for the actual data. This is the pattern behind TLS, which protects web data in transit. The takeaway is that asymmetric handles the key exchange and symmetric handles the bulk payload.

Match each data state to its primary protection

Data exists in three states, and the exam expects you to pair each with its main control. Data at rest is stored and is protected by storage encryption plus access control. Data in transit is moving across a network and is protected by transport encryption such as TLS or IPsec. Data in use is loaded in memory being processed and is the hardest to protect because the processor traditionally needs cleartext, mitigated by runtime access control and memory hygiene.

3 questions test this
Storage encryption mainly protects a lost or powered-off device

Full-disk and storage encryption defend data at rest against theft of a powered-off or lost device, but they are not a substitute for access control on a running system. Once an authorized user logs in and the volume is unlocked, the data is available to them in the clear, so an attacker who gets in as that logged-in user is not stopped by the encryption.

Trap Assuming disk encryption protects data on a running, logged-in machine; after the volume is unlocked the data is available, so access control still does the work.

2 questions test this
The data owner sets classification, and classification comes first

Classification assigns a sensitivity level (such as public, internal, confidential, restricted) based on the harm that disclosure or loss would cause. The data owner, a business role, decides the level, while the custodian (usually IT) only implements the resulting controls. Classify before anything else, because you cannot pick the right storage, access, retention, and destruction rules until you know how sensitive the data is.

Trap Assuming IT or the custodian decides the classification; the data owner sets it, and the custodian only implements the controls it requires.

6 questions test this
Labeling carries the handling rules with the data

Once data is classified, it is labeled so its handling rules travel with it. A marking is the human-readable form, a stamp like 'Confidential' that a person reads and acts on; a label in the strict sense is machine-readable metadata that a system parses and enforces. Both ensure that everyone and every system touching the data knows how it must be handled.

8 questions test this

Retention sets how long data is kept, driven by legal, regulatory, and business needs. Keeping data too long raises storage cost and breach exposure; deleting it too soon can break a compliance obligation. A legal hold is the sharp exception: it suspends the normal retention-and-destruction schedule for data tied to actual or anticipated litigation, and that data must be preserved until the hold is lifted even if its retention period has expired.

Trap Destroying data on its scheduled date while a legal hold is in force; the hold overrides the schedule and the data must be preserved until released.

8 questions test this
Deleting a file does not destroy the data

Pressing delete or quick-formatting a drive only removes the pointer to the data, leaving the underlying bits intact and recoverable, a problem called data remanence. Proper disposal requires sanitization that renders the data unrecoverable, not a logical delete. This is why media that held sensitive data must be sanitized before reuse or disposal.

Trap Treating a deleted file or quick-formatted drive as gone; data remanence leaves the bits recoverable until the media is actually sanitized.

3 questions test this
Sanitization has three levels: clear, purge, destroy

NIST SP 800-88 defines three sanitization levels of rising assurance. Clear overwrites the data with normal commands and the media stays reusable. Purge renders recovery infeasible even with laboratory techniques, using methods like degaussing or cryptographic erase, and the media may still be reusable. Destroy physically wrecks the media by shredding, pulverizing, or incinerating so it can never store data again.

3 questions test this
Choose the sanitization level from data sensitivity, not media type

The decision rule for sanitization is based on the confidentiality of the data, not the kind of media. Pick the level from how sensitive the data is and whether the media will be reused or leave your control: higher sensitivity and loss of control push toward purge or destroy. The media type only influences which technique implements the chosen level.

Trap Picking the sanitization method from the media type first; NIST keys the decision on data confidentiality, then the media type selects the technique.

2 questions test this
Degaussing only works on magnetic media

Degaussing uses a strong magnetic field to wipe magnetic media such as hard disks and tapes, and it usually leaves the drive inoperable. It does nothing to flash and solid-state drives because they are not magnetic, so an SSD that needs purging requires cryptographic erase or the device's built-in sanitize command, not a degausser. Cryptographic erase destroys the encryption key so only unrecoverable ciphertext remains.

Trap Reaching for degaussing to sanitize a solid-state drive; SSD and flash are not magnetic, so degaussing leaves the data intact.

5 questions test this
Logging is the foundation of accountability

A log records security-relevant events as they happen: logins and failed logins, file and resource access, account and permission changes, and configuration changes. Logs are the raw material of accountability, the ability to trace an action back to the individual who performed it. This is why unique user accounts matter: with a shared account the logs prove an action happened but not who did it.

Trap Using shared accounts and relying on logs for accountability; the logs cannot attribute the action to a person, so accountability is lost.

Monitoring is the active review of logs

Logging records events; monitoring is actively reviewing those records to catch problems while there is time to respond. Logs that pile up unread give you evidence to reconstruct an incident afterward but no early warning during it. In practice logs from many systems are centralized so they can be correlated and watched together, with alerts on suspicious patterns like repeated failed logins.

Logging is a detective control, not a preventive one

Logging and monitoring tell you that something happened; they do not stop the event itself, so they are detective controls rather than preventive ones. A question asking how to detect misuse or suspicious activity points to logging and monitoring, while one asking how to prevent the event points to a different control. Logs are also a target: an attacker who can edit or delete them erases evidence, so logs should be protected and stored where they cannot be tampered with.

Trap Choosing logging to prevent an attack; logging detects and records but does not block the event, which needs a preventive control.

A mixed document takes the classification of its most sensitive part

When one document, dataset, or report combines data of several classification levels, the whole asset is classified and handled at the highest (most sensitive) level present. This high-water-mark rule guarantees the most sensitive element still gets adequate protection rather than leaking under a lower label.

Trap Averaging the levels or labeling the document by the bulk of its (lower) content.

8 questions test this
Match control strength to data sensitivity, neither under- nor over-classifying

The point of classification is to apply controls proportional to a data item's sensitivity: public data needs little, highly confidential data needs strong controls. Over-classifying data is a real cost, not a safe default, because it forces expensive controls and restrictive handling onto low-risk information and ties up resources.

Trap Classifying everything at the highest level to be safe, ignoring the cost and lost business use it creates.

9 questions test this
Encryption is only as strong as the management of its keys

Cryptographic strength depends on key protection: compromise or loss of a key exposes or destroys all data it protected. Manage keys across their lifecycle by storing them separately from the data, using each key for a single purpose, rotating them, and securely destroying them at end of life; destroying the key (cryptographic erasure) also renders encrypted media unrecoverable.

Trap Reusing one key for multiple purposes or keeping it alongside the data it protects.

12 questions test this

Also tested in

References

  1. https://csrc.nist.gov/glossary/term/hash_function
  2. https://csrc.nist.gov/pubs/fips/180-4/upd1/final
  3. https://csrc.nist.gov/pubs/fips/202/final
  4. https://csrc.nist.gov/pubs/fips/197/final
  5. https://csrc.nist.gov/pubs/sp/800/111/final
  6. https://csrc.nist.gov/pubs/sp/800/88/r1/final