Question

1. In terms of security, why would you not use rm command to delete files?

2. Shred and dd are tools used to securely delete files. Which is the best tool for securely deleting a file from a system and why? Consider the limitations of each tool when choosing your answer.

3. What encryption is used to encrypt HTTP traffic (HTTPS)?

4. The CIA triad , confidentiality, integrity, and availability represent the three goals for cybersecurity. Which goal(s) does/do encryption fall under and why?

Answer 1

Question 1)
Answer:
In terms of security, the "rm" (remove) command permanently deletes files without giving any chance to undo the action or restore the lost, removed, or deleted files. Or at least it may make the file restoration process way too difficult. This is because the command does not send the deleted file to the "Trash" folder on how Windows OS does. This is a drawback from the users' perspective. The command does not destroy file data, but only unlinks references to objects from the filesystem. This frees the filesystem space, however, it may still contain any leftover data that was once present in the removed or deleted file. This can be a security concern in some situations.

Question 2)
Answer:
dd tool is the best to securely delete a file from a system. Even shred does the same task, however, shred has limitations such as:
* It only overwrites the data of the file in place. It does not overwrite the other copies of the same file present in manual and automatic backups, file system snapshots, copy-on-write filesystems, NFS caching, journaling, and wear leveling on flash drives. It requires to run the "shred" command on these devices to get rid of the file. SATA secure erase for magnetic devices are faster and more reliable when compared to shredding. Also, one may have to physically destroy for securely erasing devices such as memory cards, external hard disks, etc.

"shred" command securely deletes files and devices. However, with extreme processes and difficulty using specialized hardware and technology, sone can recover the deleted files.

dd is the acronym for data destroyer. When the tool or the command is run, securely wipes a file writing over random characters, making it much harder for someone to retrieve the file and restore the data from it. It is pretty much impossible for recovering the deleted file using the dd software. It requires an expensive machine and manually looks through the hard drive searching for the data. Still one may not be able to find or recover the data.

Question 3)
Answer:
Transport Layer Security (TLS), formerly called Secure Sockets Layer (SSL) encryption is used to encrypt HTTP traffic (HTTPS) or communications protocol. Hence, it also called HTTP over TLS, earlier called HTTP over SSL. This protocol an asymmetric public key infrastructure to secure communications.

Question 4)
Answer:
Encryption falls under Confidentiality (C) and Integrity (I) goals. The encryption makes sure the sensitive data is confidential, it is secret, and cannot be viewed by any intruder who is trying to access the message or data without authorization and without a decryption mechanism or key. Encryption makes sure only the right and authorized users or people with the decryption key are able to read the information.

Integrity is implemented making use of security mechanisms like data encryption and hashing. Thus, encryption scrambles data such that it is not or cannot be unscrambled without access to the decryption key and knowledge of the algorithm. The ones with the right decryption key can unscramble the message or data.