Think Positive Cyber

Location: R80E63FB5-T2Phal-002-71
Date: June 28, 2025
Time: 11:09 AM

Today I completed Security+ Practice Test 4, and a few key concepts stood out that I need to reinforce before the November exam.

First, Cipher Block Chaining (CBC) is a block cipher encryption mode that links each ciphertext block to the previous one, creating a chain. This dependency improves security over ECB by ensuring even identical plaintext blocks encrypt differently. However, CBC is slower because it can’t be parallelized and is sensitive to bit errors—one flipped bit can ruin two blocks.

Second, I reviewed Galois/Counter Mode (GCM), which merges fast encryption (CTR mode) with authentication. It not only encrypts data efficiently but also ensures integrity by generating a Message Authentication Code (MAC). GCM is common in modern secure protocols like TLS, and I’ll definitely memorize that it provides both confidentiality and integrity.

Next, I revisited the Hardware Security Module (HSM). These are physical devices used in enterprise systems to handle encryption and manage keys securely. They keep sensitive keys out of the operating system and are vital for certificate authorities and financial systems. Unlike TPMs, HSMs are often removable or network-based.

Lastly, I studied Kerberos Ticket Granting Tickets (TGTs). When you log in, the Kerberos system gives you a TGT so you don’t have to re-enter your password each time. That TGT is then used to get access to services—this is how Single Sign-On (SSO) works securely in many enterprise networks.

This was a good checkpoint. Next up: Test 5.