Encryption Concepts Study Notes

Posted on Leave a comment
AWS Cover
Reading Time: 2 minutes

In this post, I make available my notes about Encryption Concepts Study Notes made from Adrian Cantrill’s course AWS Certified Solutions Architect – Associate (SAA-C02). The Q&A session below can be used to validate your knowledge or create Flashcards for study. Since this is a piece of knowledge in construction there may be mistakes, drop a comment for any suggestions.


There are two approaches for encryption known are “At Rest” and “In Transit”. The “At Rest” encryption ensures the data is encrypted when written on disk and can only be decrypted for reading using a secret key. It is generally used when only one individual is involved and protects against the physical thief. The “In Transit” encryption encrypts data before sending and sends the encrypted data to be decrypted at the destination. It is generally used when multiple individuals are involved and protects data while transfer.

To encrypt data known as Plaintext, an Algorithm is used together with a Key that acts like a password for encryption and so generated the encrypted data known as Ciphertext.

The symmetric key is when is used the same key to encrypt and decrypt data, it is good for local encryption and not recommended for data transfer because there is no safe way to transfer the key to the other side.

and transfer the key to

The Asymmetric key is when different keys are used to encrypt and decrypt data, a public key is used for encryption and a private key is used for decryption. It is generally used for data transmission because it is not necessary to exchange private keys.

Signing is the process where the sender signs the data with the private key and the receiver can validate the signature using the private key. It is usually used for id verification and logon of some systems.

Steganography is a method to hide data inside other data, like for example send encrypted data inside an image. When using an image, for example, some pixel information can be changed to hide data, and is difficult to find the data if you do not know the pattern generated by the algorithm or the keys used.

What are the two common approaches for encryption?

"At Rest" and "In Transit" encryption.

What is the "At Rest" encryption approach?

Encryption approach that ensures the data is encrypted when written on disk and can only be decrypted for reading using a secret key.

On What situation "At Rest" encryption usually is used?

It is generally used when only one individual is involved.

What "At Rest" encryption protects?

Protects against the physical thief.

What is "In Transit" encryption?

Encryption approach that encrypts data before sending and sends the encrypted data to be decrypted at the destination.

On What situation "In Transit" encryption usually is used?

Generally used when multiple individuals are involved.

What "In Transit" encryption protects?

Protects data while transfer.

What mean "Plaintext" in the encryption concept?

Any data without encryption.

What mean "Algorithm" in the encryption concept?

The algorithm that is used to encrypt data.

What mean "Key" in the encryption concept?

It is like a password for encryption.

What mean "Ciphertext" in the encryption concept?

Encrypted data.

What is "Symmetric key"?

Is when is used the same key to encrypt and decrypt data.

Why is not recommended to use "Symmetric key" for data transfer?

Because there is no safe way to transfer the key to the other side.

What is "Asymmetric key"?

Is when different keys are used to encrypt and decrypt data, a public key is used to encryption and a private key is used for decryption.

Why the "Asymmetric key" is recommended for data transferring?

Because it is not necessary to exchange private keys.

What is "Sign" in the encryption concept?

A process where the sender signs the data with the private key and the receiver can validate the signature using the public key.

Where "Sign" from the encryption concept is usually used?

It is usually used for id verification and logon of some systems.

What is "Steganography"?

It is a method to hide data inside other data, like for example send encrypted data inside an image.

See more content like this by accessing the Study Note Tag or AWS Category inside this blog or know my methodology of studying for AWS certification.

Leave a Reply

Your email address will not be published. Required fields are marked *