What types of encryption are used by CA UIM?

All "local" UIM encryption - which is to say, passwords that are stored in config files, bus and account user passwords, discovery profiles, etc, uses a standard encryption as this is handled by our SDK.

All of these types of strings are encrypted using the Twofish algorithm with a secret (128-bit) key - after this the encrypted string is base64 encoded.

The Base64 encoding technique uses a predefined key to encrypt the password before writing to the probe configuration file.

https://en.wikipedia.org/wiki/Twofish

Other UIM components (hub tunnels, web/application servers such as the wasp probe, data_engine connection to the database, etc.) generally use SSL/TLS when configured to do so, see also:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-4/installing/pre-installation-planning/install-and-configure-your-database-software/microsoft-sql-server/support-for-tls-v1-2-microsoft-sql-server.html

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-4/installing/optional-post-installation-tasks/encrypt-uim-network-traffic-with-ssl.html