From the course: CompTIA Security+ (SY0-601) Cert Prep: 10 Governance, Risk, and Compliance

Unlock the full course today

Join today to access over 22,500 courses taught by industry experts or purchase this course individually.

Data obfuscation

Data obfuscation

- [Instructor] An alternative to removing data from a data set is transforming it into a format where the original information can't be retrieved. This is a process called data obfuscation. And we have several tools at our disposal to assist us. First, we can use a hash function to transform a value in our dataset to a hashed value. Now, remember from our discussion of hash functions that they're one way functions. If we apply a strong hash function to a data element we may replace the value in our file with the hashed value. While it isn't possible to retrieve the original value directly from the hashed value, there is one possible flaw to this approach. If someone has a list of all possible values for a field they can conduct something called a rainbow table attack. In this attack, the attacker computes the hashes of those candidate values and then checks to see if those hashes exist in the data file. Let's say that we had…

Contents