LPI Security Essentials Study Guide E-Book

Table of Contents

Cover

Title Page

Copyright

Acknowledgments

About the Author

Introduction

What Does This Book Cover?

About the Exam

Exam Objectives

Objective Map

Assessment Test

Answers to Assessment Test

Chapter 1: Using Digital Resources Responsibly

Protecting Personal Rights

Protecting Digital Privacy

Establishing Authenticity

Summary

Exam Essentials

Review Questions

Chapter 2: What Are Vulnerabilities and Threats?

The Basics: What Are We Trying to Accomplish Here?

Common Vulnerabilities

Digital Espionage

Stolen Credentials

Malware

Network-Based Attacks

Cloud Computing and Digital Security

Summary

Exam Essentials

Review Questions

Chapter 3: Controlling Access to Your Assets

Controlling Physical Access

Controlling Network Access

Controlling Software Sources

Summary

Exam Essentials

Review Questions

Chapter 4: Controlling Network Connections

Understanding Network Architecture

Auditing Networks

Securing Networks

Summary

Exam Essentials

Review Questions

Chapter 5: Encrypting Your Data at Rest

What Is Encryption?

Encryption Usage Patterns

Encryption Technologies

Summary

Exam Essentials

Review Questions

Chapter 6: Encrypting Your Moving Data

Website Encryption

Email Encryption

Working with VPN Connections and Software Repositories

Summary

Exam Essentials

Review Questions

Chapter 7: Risk Assessment

Conducting Open-Source Intelligence Gathering

Accessing Public Vulnerability Databases

Conducting Vulnerability Scans

Conducting Penetration Tests

Summary

Exam Essentials

Review Questions

Chapter 8: Configuring System Backups and Monitoring

Why You Need to Get Backups Right the First Time

Backup Types

Multitier Backups

Configuring Monitoring and Alerts

Summary

Exam Essentials

Review Questions

Chapter 9: Resource Isolation Design Patterns

Configuring Network Firewalling

Working with Sandbox Environments

Controlling Local System Access

Summary

Exam Essentials

Review Questions

Appendix: Answers to Review Questions

Chapter 1: Using Digital Resources Responsibly

Chapter 2: What Are Vulnerabilities and Threats?

Chapter 3: Controlling Access to Your Assets

Chapter 4: Controlling Network Connections

Chapter 5: Encrypting Your Data at Rest

Chapter 6: Encrypting Your Moving Data

Chapter 7: Risk Assessment

Chapter 8: Configuring System Backups and Monitoring

Chapter 9: Resource Isolation Design Patterns

Index

End User License Agreement

List of Illustrations

Chapter 3

FIGURE 3.1 The stages involved in booting a (Linux) computer using UEFI

FIGURE 3.2 A typical account entry within a password manager

FIGURE 3.3 The results of an email search of the HIBP database

FIGURE 3.4 The results of a search of the HIBP database for a password strin...

FIGURE 3.5 Permission levels assigned to users and a user group

FIGURE 3.6 A simplified illustration of the contents of a TCP data packet in...

FIGURE 3.7 A typical network setup where a firewall device stands between th...

FIGURE 3.8 An AWS EC2 security group permitting SSH and browser (HTTP) traff...

Chapter 4

FIGURE 4.1 A typical example of IP address allocations within a private subn...

FIGURE 4.2 A NAT server translating IP addresses and managing traffic betwee...

FIGURE 4.3 The Wireshark “home” screen showing links to all the networks ava...

FIGURE 4.4 The results of a typical network scan shown in Wireshark

Chapter 5

FIGURE 5.1 A typical symmetric encryption and decryption process

FIGURE 5.2 The

recipient's

public key is used to encrypt and later decry...

FIGURE 5.3 The

sender's

public key is used to encrypt and later decrypt ...

FIGURE 5.4 The step-by-step representation of a blockchain transaction

Chapter 6

FIGURE 6.1 The successful SSL report on the TLS configuration for the

bootstra

...

FIGURE 6.2 The conversation between a client browser and a TLS-powered web s...

FIGURE 6.3 Installation instructions on the Certbot website

FIGURE 6.4 A typical VPN running through a secure tunnel connection

Chapter 7

FIGURE 7.1 The NVD Dashboard

FIGURE 7.2 A layered diagram of NVD-related tools

Chapter 8

FIGURE 8.1 Some output from the

dmesg

command on a Linux Ubuntu 18.04 system...

Chapter 9

FIGURE 9.1 Public-facing web servers are allowed fairly open access from pub...

FIGURE 9.2 A common dual-firewall DMZ setup

FIGURE 9.3 A bastion host is a server placed within a DMZ through which remo...

FIGURE 9.4 The VirtualBox network adapter configuration dialog

Guide

Cover

Title Page

Copyright

Acknowledgments

About the Authors

Introduction

Table of Contents

Begin Reading

Appendix: Answers to Review Questions

Index

End User License Agreement

Pages

iii

iv

v

vi

xiii

xiv

xv

xvi

xvii

xviii

xix

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

LPISecurity Essentials Study Guide

Exam 020-100

Copyright © 2023 by John Wiley & Sons, Inc. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.Published simultaneously in Canada and the United Kingdom.

ISBN: 978-1-394-19653-1ISBN: 978-1-394-19655-5 (ebk.)ISBN: 978-1-394-19654-8 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permission.

Trademarks: WILEY, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Control Number: 2023936823

Cover image: © Jeremy Woodhouse/Getty ImagesCover design: Wiley

Acknowledgments

I would like to thank my wife for all her help and support through the long and demanding process of writing this book. And, once again, I'm indebted to all the great people at Wiley who helped me turn a plain old manuscript into a great teaching tool.

About the Author

David Clinton is a Linux server admin who has worked with IT infrastructure in both academic and enterprise environments. He has authored and co-authored technology books—including AWS Certified Solutions Architect Study Guide: Associate SAA-C03 Exam, Fourth Edition (Sybex, 2022)—and created dozens of video courses teaching Amazon Web Services and Linux administration, server virtualization, and IT security.

In a previous life, David spent 20 years as a high school teacher. He currently lives in Toronto, Canada, with his wife and family and can be reached through his website: https://bootstrap-it.com.

Introduction

I often say that you earn the real payoff from a well-designed certification exam by carefully working through its objectives. Sure, having a pretty certificate to hang on your wall is nice. But the skills and understanding you'll gain from hitting all the key points of a program like this Security Essentials cert will take you a whole lot further.

The moment we connect our phones, laptops, and servers to the Internet, we're all living in a very dangerous neighborhood. And there's no single “set-it-and-forget-it” solution that'll reliably keep all the looming threats away. The only way you can even hope to protect yourself and your digital resources is to understand the kinds of vulnerabilities that could affect your infrastructure and the ways smart administration can maximize both harm prevention and mitigation. But there's more. Since the IT threat landscape changes so often, you'll also need to learn how to continuously monitor your infrastructure and keep up with developments in the technology world.

Whether you're a team manager, an IT professional, a developer, a data engineer, or even just a regular technology consumer, you'll be both safer and more effective at everything you do if you can understand and apply security best practices. So I encourage you to plan to take and pass the Linux Professional Institute's Security Essentials exam. But whatever your certification goals, you should definitely plan to master the content represented by the objectives. And this book was written to get you there.

Like the certification itself, the content in this LPI Security Essentials Study Guide is platform neutral. That means you can ignore the Linux in the title. Sure, the institute's initial mandate was to enable the broader adoption of the Linux operating system—and they've done a great job at it. But the same smart and highly experienced people who drive the institute's Linux curriculum development are also outstanding security professionals. And their expertise extends to all operating systems and all platform categories. If your equipment speaks binary, it's covered here.

Each of the book's chapters includes review questions to thoroughly test your understanding of the services you've seen. The questions were designed to help you realistically gauge your understanding and readiness for the exam. Although the difficulty level will vary between questions, it's all on target and relevant to both the exam and the real digital world. Once you complete a chapter's assessment, refer to Appendix A for the correct answers and detailed explanations.

What Does This Book Cover?

This book covers topics you need to know to prepare for the Security Essentials certification exam:

Chapter 1

: Using Digital Resources Responsibly

 In this chapter you'll learn about protecting the digital rights and privacy of people with whom you interact,—including your own employees and the users of your services.

Chapter 2

: What Are Vulnerabilities and Threats?

 Here you'll discover the scope of the many classes of threats against your infrastructure, including digital espionage, stolen credentials, and malware.

Chapter 3

: Controlling Access to Your Assets

 Your first line of defense against the bad guys is the outer edge of your property. So learning to manage physical and network access to your resources is a big deal.

Chapter 4

: Controlling Network Connections

 Before you can effectively audit and secure your networks, you'll need to understand how IP/TCP networking actually works. This chapter will introduce you to both general networking administration and the basics of network security.

Chapter 5

: Encrypting Your Data at Rest

 What can I say? Obscuring your important data stores from prying eyes is a critical component of security. Learn why, how, and where it should be done.

Chapter 6

: Encrypting Your Moving Data

 In this chapter you'll learn about website and email encryption, along with the care and feeding of virtual private networks (VPNs).

Chapter 7

: Risk Assessment

 You'll never know how secure your infrastructure is until it comes under attack. Now who would you prefer launches this first attack? This is something you'd rather want to do yourself through the services of vulnerability scanners and penetration testers.

Chapter 8

: Configuring System Backups and Monitoring

 Despite all your best efforts, you’re going to lose important data at some point. If you're properly backed up, then you're singing. And the sooner you find out there's bad stuff happening, the happier your song will be.

Chapter 9

: Resource Isolation Design Patterns

 The final chapter will discuss some important security design tools, like firewalls, sandboxes, and OS access control software.

About the Exam

Here's the Linux Professional Institute's description of the certification's “minimally qualified candidate”:

“The candidate has a basic understanding of common security threats of using computers, networks, connected devices, and IT services on premises and in the cloud. The candidate understands common ways to prevent and mitigate attacks against their personal devices and data. Furthermore, the candidate is able to use encryption to secure data transferred through a network and stored on storage devices and in the cloud. The candidate is able to apply common security best practices, protect private information, and secure their identity. The candidate is able to securely use IT services and to take responsibility for securing their personal computing devices, applications, accounts, and online profiles.”

Exam Objectives

1 021 Security Concepts

1.1 021.1 Goals, Roles and Actors (weight: 1)

1.2 021.2 Risk Assessment and Management (weight: 2)

1.3 021.3 Ethical Behavior (weight: 2)

2 022 Encryption

2.1 022.1 Cryptography and Public Key Infrastructure (weight: 3)

2.2 022.2 Web Encryption (weight: 2)

2.3 022.3 Email Encryption (weight: 2)

2.4 022.4 Data Storage Encryption (weight: 2)

3 023 Node, Device and Storage Security

3.1 023.1 Hardware Security (weight: 2)

3.2 023.2 Application Security (weight: 2)

3.3 023.3 Malware (weight: 3)

3.4 023.4 Data Availability (weight: 2)

4 024 Network and Service Security

4.1 024.1 Networks, Network Services and the Internet (weight: 4)

4.2 024.2 Network and Internet Security (weight: 3)

4.3 024.3 Network Encryption and Anonymity (weight: 3)

5 025 Identity and Privacy

5.1 025.1 Identity and Authentication (weight: 3)

5.2 025.2 Information Confidentiality and Secure Communication (weight: 2)

5.3 025.3 Privacy Protection (weight: 2)

Objective Map

The exam covers five larger domains, with each domain broken down into objectives. The following table lists each domain and its weighting in the exam, along with the chapters in the book where that domain's objectives are primarily covered.

Objective

Weight

Chapter(s)

1. Security Concepts

1.1 Goals, Roles and Actors

1

1

,

2

1.2 Risk Assessment and Management

2

4

,

7

,

9

1.3 Ethical Behavior

2

1

,

7

2. Encryption

2.1 Cryptography and Public Key Infrastructure

3

5

,

6

2.2 Web Encryption

2

6

2.3 Email Encryption

2

6

2.4 Data Storage Encryption

2

5

3. Node, Device and Storage Security

3.1 Hardware Security

2

2

,

3

3.2 Application Security

2

3

,

6

3.3 Malware

3

2

,

3

3.4 Data Availability

2

8

4. Network and Service Security

4.1 Networks, Network Services and the Internet

4

2

,

4

,

9

4.2 Network and Internet Security

3

2

,

4

4.3 Network Encryption and Anonymity

3

1

,

2

,

6

5. Identity and Privacy

5.1 Identity and Authentication

3

3

,

6

5.2 Information Confidentiality and Secure Communication

2

1

,

2

5.3 Privacy Protection

2

1

How to Contact the Publisher

If you believe you have found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.

To submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line “Possible Book Errata Submission.”

Assessment Test

Which of the following digital tools is the most likely to collect—and possibly share—your private information without your knowledge?

A programming integrated development environment (IDE)

A USB device

A web browser

A command-line interface (CLI) environment

What is a backdoor?

A network port opened to permit remote SSH access

An undocumented access route to a computer system

A software package management system that runs in the background

The rear plate on a rack-mounted server

Which of these device types share information wirelessly without the need for authentication?

RFID

Wi-Fi

Cellular networks

Ethernet

Which of the following are components that are often protected by passwords? (Choose three.)

Connecting to the Internet

UEFI firmware

Screen saver

OS logon

Which of the following software tools can analyze network packets?

Nmap

SSH

Wireshark

TCP/IP

Which of the following is a common drawback associated with the use of asymmetric encryption?

It's a new and relatively untested technology.

It takes a relatively long time to process transactions.

It requires the potentially risky transfer of a decryption key.

It requires significant compute resources to manage.

What makes strong website encryption so important?

It's the best way to protect the data on your storage drives.

It's a critical tool for reducing system memory usage.

It's the best way to ensure that your website data reaches your clients intact and without being intercepted.

It's the primary defense against DNS poisoning.

What best describes the purpose of vulnerability scanning?

To test your infrastructure's defenses

To search for system or network misconfigurations

To discover and implement mitigation operations

To simulate an actual attack against your infrastructure

What process provides ongoing monitoring of your system that can alert admins when dangerous events occur?

Intrusion detection

Penetration testing

Efficiency audits

Unit testing

What type of service can most effectively filter packets coming into and out of a network?

Block device managers

Network firewalls

Application load balancers

Auto scalers

Answers to Assessment Test

C. IDEs and CLIs are not, by default, configured to connect to remote services—much less share data with them. The vast majority of USB devices don't contain self-launching scripts that are capable of manipulating data.

B. A backdoor is an unauthorized and undocumented way to access a computer operating system—usually left open with the goal of illegally gaining control of local data and system activities.

A. Wi-Fi has built-in authentication methods, and cell networks require validation (through a SIM card, for instance). Ethernet connections are not wireless.

B, C, D. It's not common—or even necessarily easy—to prevent passwordless access to application software (like a web browser). Screen savers, BIOS and UEFI interfaces, and OS logins all have built-in password protection (if enabled).

C. Nmap can identify vulnerable or hostile network devices, but it doesn't analyze packets. SSH is a tool for launching a secure remote session. TCP/IP is a set of network communication protocols.

D. Asymmetric encryption is not a new technology. It's unlikely that you would notice any delays in processing. There's no need to transfer private keys for asymmetric encryption.

C. Website encryption won't protect your local data and won't reduce memory usage. While it can help prevent DNS poisoning, it's not the primary defense.

B. Testing defenses or simulating attacks is closer to “penetration testing.” I have no idea what “discovering and implementing mitigation operations” might mean.

A. Penetration testing and efficiency audits don't provide ongoing monitoring, and unit tests are for DevOps teams, not sysadmins.

B. Load balancers are primarily concerned with directing traffic rather than filtering it. Auto scalers are built to adjust resource availability. Block device managers deal with storage volumes, not network traffic.

Chapter 1Using Digital Resources Responsibly

THE LPI SECURITY ESSENTIALS EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:

021.1 Goals, roles and actors

Understanding of the importance of IT security

021.3 Ethical behavior

Understanding the implications for others of actions taken related to security

Handling information about security vulnerabilities responsibly

Handling confidential information responsibly

Awareness of personal, financial, ecological, and social implication of errors and outages in information technology services

024.3 Network encryption and anonymity

Understanding of the concepts of TOR

Awareness of the Darknet

025.2 Information confidentiality and secure communication

(

weight: 2)

Understanding the implications and risks of data leaks and intercepted communication

Understanding of phishing and social engineering and scamming

Understanding the concepts of email spam filters

025.3 Privacy protection

Understanding of the importance of personal information

Understanding of how personal information can be used for a malicious purpose

Understanding of the concepts of information gathering, profiling, and user tracking

Managing profile privacy settings on social media platforms and online services

Understanding of the risk of publishing personal information

Understanding of the rights regarding personal information (e.g., GDPR)

“With great power comes great responsibility.”

Words of wisdom. That's the message displayed for administrators when they log in for the first time to many Linux distributions. Who said those words first? Aristotle? Kant? Nope. Spiderman's uncle. But hey, accept the truth from any source.

While we'll discuss protecting yourself from attack at length later in the book, this chapter is all about responsibilities. It's about your responsibilities both as a consumer of computer technologies and as an administrator of computer technologies. It's your job to make sure nothing you do online or with your devices causes harm to anyone's assets.

How is all this relevant to the world of information technology (IT) and, specifically, to IT security? Computers amplify your strengths. No matter how much you can remember, how fast you can calculate, or how many people's lives you can touch, it'll never come close to the scope of what you can do with a computing device and a network. So, given the power inherent in digital technologies and the depth of chaos such power can unleash, you need to understand how it can all go wrong before you set off to use it for good.

The rest of this chapter will explore the importance of considering how your actions can impact people's personal and property rights and privacy and how you can both ensure and assess the authenticity of online information.

I'm not a lawyer, and this book doesn't pretend to offer legal advice, so we're not going to discuss some of the more esoteric places where individual rights can come into conflict with events driven by technology. Instead, we'll keep it simple. People should be able to go about their business and enjoy their interactions with each other without having to worry about having physical, financial, or emotional injury imposed on them. And you should be ready to do whatever is necessary to avoid or prevent such injuries.

Protecting Personal Rights

These days, the greatest technology-based threats to an individual's personal well-being will probably exist on one or another social media platform. Facebook, Twitter, LinkedIn, and other online sites present opportunities for anyone to reach out to and communicate with millions or even billions of other users. This can make it possible to build entire businesses or social advocacy movements in ways that would have been unthinkable just a few years back. But, as we all now know, it also makes it possible to spread dangerous scams, political mischief, and social conflict.

As the man said, “With great power comes great responsibility.” Therefore, you need to be conscious of the possible impact of any interaction you undertake. This will be true not only for your use of your own social media or email/messaging accounts but also for any interactions taking place on sites or platforms you administrate. You could, for instance, be held legally responsible for anonymous comments left on your blog or for the use of email accounts belonging to your organization. It can be a hard balance to achieve. Are your policies unnecessarily allowing damaging content to be published or, alternatively, unfairly restricting innocuous content?

A helpful tool for maintaining perspective in these areas is to apply the grandmother test. What's that? Before posting a message or comment on any online forum, take a minute to read it over one or two more times and then ask yourself, “Would both my grandmothers approve of what I've written? Is there anything that would make them uncomfortable?” In other words, ask yourself whether anyone could reasonably feel threatened or bullied by what you're about to publish. The bottom line is to make generous use of common sense and goodwill.

With typical attention to such details, the social media community has come up with new names to describe each of the nastiest online threats. You should, unfortunately, be familiar with each of them.

Cyberstalking

 Stalking isn't specific to online activities, but that doesn't make it any less frightening. In general terms, a stalker persistently follows and observes a target, often with the goal of forcing an unwanted reaction. In the online world,

cyberstalking

can include electronic monitoring of a target's online accounts and activities. Harassing cyberstalking can escalate beyond mere monitoring to include threats, slander, and identity theft.

Cybermobbing

 Mobbing involves large groups of people banding together to engage in bullying behavior. The nature of many social networking platforms—in particular the prevalence of anonymous accounts and the ease by which users can connect to each other—lends itself to mob formation. Often, all it can take is a single public post expressing an unpopular position, and the power of tens of thousands of users can be brought to bear with the goal of making life miserable for the post's author.

Doxxing

 Whether you present yourself to the online world using your real name or through an anonymous identity, you certainly don't want your complete personal profile to become public. Considering all the data that's already available on the Internet, it's often not hard for people with time on their hands to track down your physical address and private phone numbers. But making such information easily available on popular social media sites with the intention of causing the target harm is wrong—and, in some jurisdictions, also a crime. Victims of public doxxing have experienced relatively mild annoyances like middle-of-the-night pizza deliveries. But the practice has also proven deadly: it's been used as part of “swatting” attacks, where people call a victim's local police department claiming there's a violent crime in progress at the victim's address. More than one doxxer has been imprisoned for what, at the time, must have seemed like a clever prank.

Protecting Digital Privacy

Your primary concern must always be to secure the data under your control. But have you ever wondered why that is? What's the worst that could happen if copies of your data are stolen—after all, you'll still have the originals, right? Well, if your organization is in the business of profiting from innovations and complex, hard-to-reproduce technology stacks, then the consequences of data theft are obvious. But even if your data contains nothing more than private and personal information, there's a lot that can go wrong.

Let's explore all that by way of posing a few questions.

What Is Personal Data?

Your personal data is any information that relates to your health, employment, banking activities, close relationships, and interactions with government agencies. In most cases, you should have the legal right to expect that such information remains inaccessible to anyone without your permission.

But “personal data” could also be anything that you contributed with the reasonable expectation that it would remain private. That could include exchanges of emails and messages or recordings and transcripts of phone conversations. It should also include data—like your browser search history—saved to the storage devices used by your compute devices.

Businesses and government departments that handle many kinds of data must apply information classification systems to ensure that their data isn't mishandled. They might, therefore, label all data objects using designations like confidential, classified, and restricted. Clear policies based on those classifications should be enforced for the management of all that data.

Among other measures, organizations can seek to control the way their data is shared by imposing nondisclosure agreements (NDAs). Outside consultants doing work with such an organization might be required to sign an NDA that precisely defines limits for how the information they'll be shown should be handled.

You have the right to expect that social media platforms and other third-party organizations respect the privacy settings you choose for your accounts. However, it's your responsibility to ensure that your settings properly reflect your needs and preferences. You should make it a practice, from time to time, to revisit your account settings and, if necessary, update them.

Governments, citing national interest concerns, will reserve the right for their security and enforcement agencies to forcibly access your personal data where legally required. Of course, different governments will set the circumstances defining “legally required” according to their own standards. When you disagree, some jurisdictions permit legal appeal.

Where Might My Personal Data Be Hanging Out?

The short answer to that question is “probably lots of places you wouldn't approve.” The long answer will begin with something like “I can tell you, but expect to become and remain deeply stressed and anxious.” In other words, it won't be pretty. But since you asked, the following are some things to consider.

Browsing Histories

The digital history of the sites you've visited on your browser can take more than one form. Your browser can maintain its own log of the URLs of all the pages you've opened. Your browser's cache will hold some of the actual page elements (like graphic images) and state information from those websites. Online services like Google will have their own records of your history, both as part of the way they integrate your various online activities and through the functionality of website usage analyzers that might be installed in the code of the sites you visit.

Some of that data will be anonymized, making it impossible to associate with any one user, and some is, by design, traceable. A third category is meant to be anonymized but can, in practice, be decoded by third parties and traced back to you. Given the right (or wrong) circumstances, any of that data can be acquired by criminals and used against your interests.

E-commerce and Social Media Account Data

Everything you've ever done on an online platform—every comment you've posted, every password you've entered, every transaction you've made—is written to databases and, at some point, used for purposes you didn't anticipate. Even if there was room for doubt in the past, we now know with absolute certainty that companies in possession of massive data stores will always seek ways to use them to make money. In many cases, there's absolutely nothing negative or illegal about that. As an example, it can't be denied that Google has leveraged much of their data to provide us with mostly free services that greatly improve our lives and productivity.

But there are also concerning aspects to the ways our data is used. Besides the possibility that your social media or online service provider might one day go to the “dark side” and abuse their access to your data, many of them—perhaps most infamously, Facebook—have sold identifiable user data to external companies. An even more common scenario has been the outright theft of private user data from insufficiently protected servers. This is something that's already happened to countless companies over the past few years. Either way, there's very little you can do to even track, much less control, the exciting adventures your private data may be enjoying—and what other exotic destinations it might reach 1, 5, or 10 years down the road.

Government Databases

National and regional government agencies also control vast stores of data covering many levels of their citizens' behavior. We would certainly hope that such agencies would respect their own laws governing the use of personal data, but you can never be sure that government-held data will never be stolen—or shared with foreign agencies that aren't bound by the same standards. It also isn't rare for rogue government agencies or individual employees to abuse their obligations to you and your data.

Public Archives

The Internet never forgets. Consider that website you quickly threw together a decade ago as an expression of your undying loyalty to your favorite movie called…wait, what was its name again? A year later, when you realized how silly it all looked, you deleted the whole thing. Nothing to be embarrassed about now, right? Except that there's a good chance your site content is currently being stored and publicly displayed by the Internet Archive on their Wayback Machine (https://archive.org/web/web.php). It's also not uncommon for online profiles you've created on social networking sites like Facebook or LinkedIn to survive in one form or another long after deletion.

The Dark Web

As we'll learn in Chapter 6, “Encrypting Your Moving Data,” information can be transferred securely and anonymously through the use of a particular class of encrypted connections known as a virtual private network (VPN). VPNs are tools for communicating across public, insecure networks without disclosing your identifying information. That's a powerful security tool. But the very same features that make VPNs secure also give them so much value inside the foggy world of the Internet's criminal underground.

A popular way to describe places where you can engage in untraceable activities is using the phrase “dark web.” The dark web is made up of content that, as a rule, can't be found using mainstream Internet search engines and can be accessed only through tools using specially configured network settings. The private or hidden networks where all this happens are collectively known as Darknet. The tools used to access this content include the Tor anonymity network that uses connections that are provided and maintained by thousands of participants. Tor users can often obscure their movement across the Internet, making their operations effectively anonymous.

Tor is actually an acronym that stands for “The Onion Router.” The many layers that make up an onion are an effective way to visualize the Tor protocol. Tor-based data can be transmitted across a network in the form of browser requests, for instance. A request can be encrypted in a way that permits each network node it visits to “peel back” only a single layer of encryption, exposing just enough information to direct the data to the next step along its path. The request is only fully decrypted once it reaches its final destination.

Tor is best known for allowing for anonymous browsing sessions—something designed to protect the identity of server clients. However, server identities can be similarly protected using what's known as hidden services (or, more often, onion services). When both clients and servers are using Tor, you can achieve true end-to-end encryption. Onion servers are identified by a string of 56 characters followed by .onion.

Like VPNs, the dark web is often used to hide criminal activity, but it's also popular among groups of political dissidents seeking to avoid detection and journalists who communicate with whistleblowers.

A great deal of the data that's stolen from servers and private devices eventually finds its way to the dark web.

What Are My Responsibilities as a Site Administrator?

Besides the moral obligation to protect your users and organization from harm, you will probably also need to ensure that your infrastructure configurations meet legal and regulatory requirements. One particularly prominent set of laws is the European Union's General Data Protection Regulation (GDPR). The GDPR affects any organization that processes data that's either sent to or from the European Union (EU). Failure to appropriately protect the privacy and safety of protected data moving through EU territory can result in significant—even crippling—fines.

Other regulatory systems that might, depending on where and how your organization operates, require your compliance include the Payment Card Industry Data Security Standards (PCI-DSS) administered by major international credit card companies and the U.S. government's Health Insurance Portability and Accountability Act (HIPAA).

Besides addressing your regulatory requirements, it's worthwhile thinking about the real-world consequences of failing to effectively protect your users' data. The impact of breaches, outages, and data loss events can go far beyond financial damage. It's not at all uncommon for clients and users to suffer permanent personal, social, health, or even ecological damage from IT disasters.

Can Escaped Genies Be Forced Back into Their Bottles?

Well, let me ask you this: have you ever successfully returned a genie to its bottle? I thought so. Unfortunately, it would probably be just as impractical to even try to find and delete all copies of stolen data that's been spread across an unknown number of sites—including some on the dark web.