Cryptography is an essential toolkit for today's CISSP. It applies across all three components of the CIA model:

• Confidentiality - Cryptology protects the confidentiality of data via encryption (both in transit and at rest)
• Integrity - Cryptology supports the integrity of data via hashes and message digests (MDs) that insure the accuracy of the data
• Availability- Cryptology is used heavily in the authentication arena via digital signatures, certificates and PKI used to verify the authenticity of the players.

Key concepts in Cryptology:

• Non-repudiation: Undeniably asserting who did something (sent an email, was logged in, accessed a dataset, etc.)
• Hashes are used for integrity checking not confidentiality protection
• Digital Signatures are not scanned images of real signatures (thank you playing, Fox News)