WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)
      9  2.2  Email

Previous Topic/Section
2.2.2  PGP
Previous Page
Pages in Current Topic/Section
1
Next Page
 Message Privacy
Next Topic/Section

2.2.3  Vulnerabilities

Data privacy is a major issue in email, as with many other types of network communication. It isn’t enough to ensure that your data is encrypted during transport and storage – rather, you should also ensure it is encrypted with a strong algorithm. See this footnote168 for a Windows screen saver that attempts to brute-force with S/MIME 40-bit RC2 keys, which are considered a weak encryption mechanism, if your goal is more than casual protection from prying eyes. Sometimes casual protection is enough, but often business requirements demand more security. Your organization would be advised to develop a policy for email security, specifying to users which levels of encryption, if any, are to be used for which types of communication, how long email is retained, who is permitted access to it, etc.

Email Filtering Counter Measures

Many enterprise mail servers are structured to filter out potentially harmful email attachments. And just as steganography can be used to hid information in graphics on web pages, email attachment considered off-limits can be hidden from scanning using the freeware program known as Camouflage169.


Quick navigation to subsections and regular topics in this section



 __________________

168. http://www.counterpane.com/smime.html

169. http://www.camouflage.freeserve.co.uk/

Previous Topic/Section
2.2.2  PGP
Previous Page
Pages in Current Topic/Section
1
Next Page
 Message Privacy
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.