As a security analyst, I need to implement security controls to protect organizations against a range of threats.
That’s where hashing comes in. I’ve learned that a hash function is an algorithm that produces a code that can’t be decrypted. Hash functions let me uniquely identify the contents of a file so I can check whether it’s been modified. The output is a unique identifier known as a hash value or digest.
For example, a malicious program may mimic an original program. If even one line of code is different, it produces a different hash value. I can then identify the malicious version and work to mitigate the risk.
Although many tools automate hash comparisons, I must know how to do it manually.
In this lab activity, I will create hash values for two files and use Linux commands to examine their differences.
In this scenario, I need to investigate whether two files are identical or different.
Here’s how I’ll do it: First, I will display the contents of two files and create hashes for each. Next, I will examine those hashes and compare them.
Let’s hash some files!
Note: I start this lab as the analyst user already logged in to the Bash shell. That means I can begin the tasks as soon as I click the Start Lab button.
Great work!
By the end of this lab, I practiced how to:
sha256sum,cat, andcmp.These are valuable tools I can use to validate data integrity as I contribute to my organization’s security controls.