Hashing Concepts

Posted by in Security+ | 0 comments

Hashing is an important concept that you should understand if you plan on taking any type of security exam, including the CompTIA Security+ and CASP exams, and (ISC)2’s SSCP and CISSP exams.


Hashing Security+ Questions

Here are a couple of hashing questions to check your comprehension. As with any practice test questions, not only should you know why the correct answers are correct, but also why the incorrect answers are incorrect. This way, no matter how CompTIA words the questions, you’ll be able to answer them correctly.

Hashing Question 1

Q1. Of the following choices, what can you use to verify data integrity?

A. AES

B. DES

C. RC

D. SHA

Hashing Question 2

Q2. Lisa manages network devices in your organization and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, she creates hashes for these files and compares them with hashes she created on the same files the previous week. Which security goal is she pursuing?

A. Confidentiality

B. Integrity

C. Availability

D. Safety

 Answers (with explanations) are at the end of this post.

Get over 400 Security+ (SY0-401 questions here).SY0-401 Get Certified Get Ahead

Hashing Files for Integrity

You can verify integrity with hashing. Hashing is an algorithm performed on data such as a file or message to produce a number called a hash (sometimes called a checksum). The hash is used to verify that data is not modified, tampered with, or corrupted. In other words, you can verify the data has maintained integrity.

For example, imagine a software company is releasing a patch for an application that customers can download. An administrator calculates the hash of the patch file and then posts both a link to the patch file and the hash on the company site. The website might list it as:

  • Patch file. applicationPatch.exe
  • MD5 checksum. 367f0ed4ecd70aefc290d1f7dcb578ab

The Message Digest 5 (MD5) checksum is the calculated hash displayed in hexadecimal.

Why Bother with Hashing Files?

The administrator that posted the patch file knows the file is clean and does not include any malware. It only includes patches.

However, is it possible for this patch file to become infected with malware? Absolutely.

Would you want to know if the file you downloaded was different than the file that the administrator posted to the website? Most people say yes.

After downloading the file, you can calculate the hash and compare it to the posted hash.

  • If the hashes are the same, you know the file hasn’t lost integrity.
  • If the hashes are different, you know the file has lost integrity. Indeed, it might be infected with malware.

Get Certified Get Ahead

Comparing Hashes

There are several applications you can use to manually calculate hashes. As an example, md5sum.exe is a free program anyone can use to create hashes of files. A Google search on “md5sum download” will show several locations. The md5sum application runs the MD5 hashing algorithm against a file to create a hash.

Imagine that you downloaded the patch file from the company’s site. After downloading it, you can use md5sum to calculate the hash on the downloaded file as shown in the following figure.

Hashing to check integrity

The first command in the figure is dir (to show the contents of the directory).

Step 1 runs md5sum against the file with this command: md5sum applicationPatch.exe

  • The result is a hash of 367f0ed4ecd70aefc290d1f7dcb578ab
  • Compare this to the posted md5 checksum of 367f0ed4ecd70aefc290d1f7dcb578ab
  • These are the same so you know the file has not lost integrity (or said another way, it hasn’t changed)

A key point about a hash is that no matter how many times you execute the hashing algorithm against the data, the hash will always be the same as long as the data is the same.

  • Step 2 repeats the command and the hash is the same.
  • Step 3 repeats the command and the hash is the same.

Remember this

Hashing verifies integrity for data such as email, downloaded files, and files stored on a disk. A hash is a number created with a hashing algorithm, and is sometimes listed as a checksum. Hashing algorithms, such as MD5, HMAC, or SHA-1, calculate hashes to verify integrity. By comparing hashes created at different times, you can verify integrity has been maintained.

Hashing Key Points

  • Hashes are created at least twice so that they can be compared.
  • Hashes will always be the same when executed against the same data.
  • If the hashes are different, it indicates the data has changed (or lost integrity).

 Now available

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Get Certified Get Ahead Security+ SY0-401


Hashing Security+ Questions with Answers

Here are the answers to the two Security+ hashing questions listed at the beginning of this post.

Q1. Of the following choices, what can you use to verify data integrity?

A. AES

B. DES

C. RC4

D. SHA

A1. D is correct. Secure Hash Algorithm (SHA) is one of many available hashing algorithms used to verify data integrity.

None of the other options are hashing algorithms. Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Rivest Cipher 4 (RC4) are symmetric encryption algorithms.

This question is a good example of how you can answer questions correctly just by knowing the relevant hashing algorithms (such as MD5, SHA, and HMAC) and the relevant encryption algorithms.

 

Q2. Lisa manages network devices in your organization and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, she creates hashes for these files and compares them with hashes she created on the same files the previous week. Which security goal is she pursuing?

A. Confidentiality

B. Integrity

C. Availability

D. Safety

A2. B is correct. She is pursing integrity by verifying the configuration files have not changed. By verifying that the hashes are the same, she also verifies that the configuration files are the same.

Confidentiality is enforced with encryption, access controls, and steganography. Availability ensures systems are up and operational when needed. Safety goals help ensure the safety of personnel and/or other assets.

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.