3.0 - Architecture and Design Flashcards
1
Q
What purpose do Industry-standard frameworks
and reference architectures serve?
A
They provide a roadmap for aligning IT with the organization’s business strategy.
2
Q
What is the difference between Industry-standard frameworks and reference architectures?
A
Industry-standard frameworks is more general than the eference architectures.
3
Q
This non-regulatory publication is a common framework for IT Security.
A
The NIST Framework for Improving Infrastructure Cybersecurity (or Cybersecurity Framework, or CSF)
4
Q
This organization is a good source of benchmarking guides.
A
CIS (Center for Internet Security)
5
Q
The Department of Defense provides implementation guides through this agency.
A
DISA STIGs (Defense Information Security Agency Security Technical Implementation Guides)
6
Q
What is the greatest risk in configuring network infractructure devices.
A
Incorrect configuration of rulesets.
7
Q
This security principle advocates multiple layers and overlapping controls.
A
Defense-in-Depth
8
Q
Why is it important to have both security policy and technical controls.
A
Policies are important to provide a guideline for new systems.
9
Q
Administrative Controls are…
A
… policies, regulations and laws.
10
Q
Technical Controls are…
A
Passwords, logical access controls, ACLs, antimalware, firewalls, etc.
11
Q
Most significant attacks include this component.
A
Most significant attacks include a user component. User training is vital.
12
Q
This structure allows your important data servers to remain safe, while putting web and web application servers in a semi-trusted zone.
A
DMZ
13
Q
How does a DMZ keep external users away from sensitive data?
A
Users interact with a server in the DMZ, which in-turn requests the data from a server inside the organizations trusted network.
14
Q
You want to share some company data with selected business partners. What is a good solution?
A
An Extranet would provide secure, private access to company data.
15
Q
What are two methods to provide your Intranet data to users outside the network?
A
The Intranet content could be duplicated in the DMZ, or it could be provided via an Extranet.
16
Q
What are the types of NAT?
A
Types of NAT:
- Static - for web servers so that external users can initiate the connection
- Dynamic - uses a pool of public IPs
- Port Address Translation (PAT) - many internal users can share one public IP
17
Q
Ad Hoc networks are difficult to manage. Why?
A
There is not central entry and exit point, so monitoring communcation is difficult.
18
Q
What are the advantages and disadvantages of a flat network.
A
A flat network runs faster and avoids some latency issues associates with Spanning Tree Protocols. But letter every device see every other device creates security issues.
19
Q
What is a network Enclave?
A
An enclave is a portion of an otherwise flat network that is partitioned off, by subnet, VLAN, proxy, firewalls, or routers.
20
Q
This the most secure and most expensive method to segregate portions of the network.
A
Physical segregation - separate physical equipment to handle different classes of traffice.
21
Q
Why are air gaps a poor security choice?
A
Air gaps are difficult to implement and must be strictly enforced. Failures can be significant.
22
Q
This system is at the heart of a signature-based antivirus or IDS.
A
Correlation Engine
23
Q
Where should a DDoS Mitigator be located?
A
A DDoS Mitigator needs to be at the edge of the network, in the network path of the systems it is protecting.
24
Q
What does an Aggregation Switch do?
A
An Aggregation Switch connects many edge switches back to the core router, so that fewer ports are used on the router.
25
A Switch Port Analyzer (SPAN) is a type of what.
A SPAN is a mirror port. It can copy the activity of every port on a switch.
26
This is a passive signal-copying mechanism, which will not be overwhelmed by traffic during data collection.
TAP (Test Access Point)
27
This newer method allows engineers to re-configure network traffic flow without physically re-wiring the network.
SDN (Software-Defined Networking)
28
Defense-in-Depth incorporates which types of diversity?
Defense-in-Depth includes:
* Vendor diversity
* Control diversity
* Redundancy
29
Why is securing hardware important, beyond just physical theft?
Securing hardware prevents against:
* Data loss
* Data falling into the wrong hands
* Firmware alteration by a bad actor
30
What is FDE and SED?
Full Disk Encryption (FDE)
and
Self Encrypting Disks (SED)
31
What is a TPM?
A Trusted Platform Module (TPM) is a hardware solution on the motherboard, which assists in security key generation and storage. This is a more secure soluton for storing keys.
32
What is an HSM?
A Hardware Security Module (HSM) is a device used to manage and store encryption keys. These are USB or network peripherals usually. On a larger network, an HSM is an efficient solution.
33
Why is UEFI a better choice for BIOS?
UEFI has security built in, including secure boot options.
34
What does UEFI Secure Boot enforce?
UEFI Secure Boot only allows signed drivers and OS loader to be invoked at bootup. It also enables the Attestation the drivers have not changed.
35
A Hardware Root of Trust must be secure, since it's trust will be elevated to other systems. What are some hardware roots of trust?
Some hardware roots of trust are:
* TPM chip
* Apple's Secure Enclave coprocessor
* Apple's signed Boot ROM
* A highly-trusted software designed to securely store encryption keys
36
These external influences do not consist of code, but do represent a security threat to PC equipment.
EMI and EMP
37
This type of OS tends to be updated by the vendor.
Appliance OS's are typically updated by the vendor. They are usually stripped down Linux distros and require unique updates.
38
What are the five types of OS?
Types of OS:
1. Network
2. Server
3. Workstation
4. Appliance
5. Kiosk
6. Mobile OS
39
What are the three common type of updates?
Common update types:
1. Hotfix - quick fix for a small issue, usually a security hole.
2. Patch - can include enhancements
3. Service Pack - large collection of patches and hotfixes
40
This the implicit deny philosophy, applied to functions on the PC.
Disabling unnecesary ports and services.
41
You've uninstalled games and other extra OS tools on a public-use PC and loaded only a web browser. What security principal are you using?
Least Functionality
42
What key feature does a Trusted OS have?
Multilevel security (often as defined by the Common Criteria for Information Security Evaluation)
43
What are the two Microsoft solutions to control application access?
Application access can be controlled by:
* Software restriction policies - usually by PC not user
* AppLocker, which allows for granular control over which users can execute which programs.
44
Mousejacking?
Yup. A wireless man-in-the-middle attack on a USB wireless mouse or keyboard.
45
The four environment types are?
Computing Environments:
* Development - not scalable.
* Test - closely mimics the production environment
* Staging - common in organizations that have multiple production environments
* Production - new system comes in contact with real data. Few changes should occur here.
46
What is Baselining?
Baselining is a process to establish a software's base security state. Determine its capabilities and what processes and other apps it will need. Then remove or disable any unneeded processes. Then apply patches.
47
What is Integrity Measurement?
Integrity Measurement is an system that checks a system against a saved baseline to verify that is has not been compromised. A TPM chip, providing a root-of-trust anchor is a form of Integrity Measurement.
48
What is a SCADA system?
SCADA (supervisory control and data acquisition) is a sytem used to control automated systems, each an embedded system. Industrical Control Systems (ICS) are SCADA systems. Think Stuxnet or the Colonial Pipleline.
49
What is a SoC?
SoC - System on a Chip, usually stripped-down Linux.
50
What is a RTOS?
RTOS - Real-Time Operating Systems, are desiged for systems where processing must occur in real time. Anti-lock brakes, assembly line systems.
51
What makes RTOS-base software dangerous?
RTOS (Real Time OS) software are sensitive to timing issues. A mis-timed event can break some RTOS systems.
52
Why do medical devices rarely get software updates.
It would trigger the recertification process.
53
What is the suggested best practice for medical devices?
Keep them on a separate network, which is not usually possible.
54
What is a Controller Area Network (CAN)?
A CAN is a bus for multiple processors without a central host computer. Used in vehicles.
55
Describe the Waterfall software development model.
The Waterfall model is sequential and simple but it is poorly suited for complex work. Steps are:
Requirements
* Design
* Implementation
* Verification
* Maintenance
56
Describe the Agile software development model.
The Agile development methodology is a group methods designed to allow multiple teams to work quickly and efficiently.
57
Describe SCRUM.
SCRUM is an agile development model based on a 30-day timeline called a sprint. There is a master list called the product backlog, and daly burn-down charts. The idea is to keep the software in a ready to release state.
Security issues can be built into SCRUM as long as they make it into the product backlog and the burn-down charts.
58
What is XP development?
XP (Extreme Programming) is a development process based on user stories. It works better in smaller dev efforts. It stresses team-level communication, as a result including security methods is easy so long as the team is aware of them.
59
What is DevOps.
DevOps is a development model where changes and releases are nearly constant. Development and operations work together. Secure DevOps is when security practices are added to this model.
60
How does security automation work in DevOps?
Security automation is one of the methods used to make DevOps efficient. For instance automated patch management can reduce the manpower needed to keep systems up to date.
61
What does Baselining mean in DevOps?
In DevOps, Baselining records key variables between software updates to measure performance.
62
What is an Immutable System.
A system that will never be patched, but instead replaced if a change is needed.
63
What is Infrastructure as Code?
Infrastructure as Code is the user of code to build systems. A DevOps team is more involved in the defining system configuration. It is the interconnection of develper and production input.
64
What is Provisioning?
Provisioning is the process of assigning user or group permissions. It can also refer to assigning high-level access to certain processes or threads.
65
Why is deprovisioning important?
Users and processes should only be provisioned to the minimum-required security level, and only for as long as necessary. Deprovisioning keeps unneeded higher-level access from occurring.
66
What is the best practice for error handling?
Errors should be captured to a log file, which is protected by an ACL. This should be done by the process that created the error, not another process.
Errors should not be echoed to the user, where sensitive data could be captured by threat actors.
67
Why is proper input validation important?
Proper input validation protects against buffer overflow and injection attacks. It is best to consider all input to be hostile.
68
What is Normalization?
Normalization is the process where inputs are converted to a canonical form -- the simplest form. This may include stripping away capitalization or make phone number formatting uniform.
69
This is the primary defense against SQL Injection attacks.
Stored Procedures are precompiled proceedures within a database engine. Sending user input to a stored procedure instead of directly to the SQL engine keeps a threat actor for running their own SQL commands on the system.
70
"Never roll your own crypto" means?
Never write your own algorithms, but also never implement standard algorithms yourself. Instead use a tested library.
71
When should you obfuscate or camouflage, and when should you not?
Obfuscating exposed names such as server names and usernames is a good idea. Obfucation within your code will create issues for future programmers.
72
Is reused code exempt from security reviews.
No.
73
How can dead code removal create issues?
Automated dead code removal, deletes pieces of code that are never used again in the process. But these may be functions that delete sensitive data or otherwise cover traces that need to be hidden.
74
Which is better - client-side or server-side input validation?
Client-side input validation can be corrupted by malware, a disgruntled user, or by misconfiguration. Server-side input validation is more work but it is safer.
75
Why is memory mangement and garbage collection important?
Poor memory management can lead to a memory leak, which will eventually slow down the system.
76
Is the use of third-party libraries and SDKs safe?
SDK's greatly speed up the development process. As long as developers manage dependency issues, the benefits outweight the costs.
77
What is the most common method to avoid data exposure?
Cryptography
78
What does a Static Code Analyzer do?
A Static Code Analyzer is a program or person who reviews the base code looking for issues such as syntax approved function/library calls, and semantics associated with logic or calls. The code is not executed during static code analysis.
79
What is Dynamic Analysis?
Dynamic Analysis is:
* Testing code on a running system
* Code is fed specific inputs designed to produce specific outputs
* Especially useful on embedded systems
* Important on high-risk ventures
80
What is Fuzzing?
Fuzzing is a form of Dynamic Analysis, where a large number of inputs are used to brute force errors from the tested system. It is a staple of SDLC-based testing. SDLC - sofware development life cycle.
81
Why is stress testing important to an SLA?
Stress Testing tells developers how much workload the system can handle, and how it will perform when it goes past peak load. This will help define the operational limits in a SLA.
82
How does Model Verification differ from code testing?
Model Verification makes sure the correct outputs will occur when correct inputs are entered. Testing is about what will happen when incorrect inputs are entered.
83
Hypervisors - Type I vs. Type II?
Hypervisors:
* Type 1 - runs directly on hardware. VMware ESX, etc.
* Type 2 - runs on top of a host OS. VMware player.
84
How is a Container or Cell different from a hypervisor?
A Container or Cell allows multiple applications to interact with one OS, but each with separate memory, CPU and storage threads. This guarantees that they will not interact with each other. This is virtualization on the application level instead of on the OS level.
85
VM Sprawl vs. VM Escape.
VM Sprawl - Many VMs with not policy or method to keep track of them. This can leave systems forgotten and unprotected.
VM Escape - When a software moves from the VM to the underlying software. This can be malware or an attacker.
86
Give examples of Cloud Deployment Models.
Cloud Deployment Models:
* SaaS - O365, Adobe Creative Suite. Good for highly-scalable, on-demand applications without installing endpoint software.
* PaaS - AWS with Server 2016 loaded. Good for standardard resources in use by many other applications.
* IaaS - Pay per use on a data center. BYO operating system. Good for highly customized, poorly scaling solutions that require specific resources.
87
List cloud privacy schemes.
Cloud privacy models:
* Private - Only your org can access. Company's SQL server in the cloud. Fewest security controls.
* Public - Cloud hosting for your public-facing website or application.
* Hybrid - Mix of both. Care must be used to keep track of which systems land on which side.
* Community - Several organizations sharing a cloud environment.
88
List cloud location schemes.
Cloud location schemes:
* On-Premise - your servers, but with a connection to the cloud. Hard to scale.
* Hosted - located elsewhere, often a shared environment
* Cloud - Distributed among many systems across the cloud? AWS?
89
VDI vs. VDE
VDI - Virtual Desktop Infrastructure - VMware ESX, Hypervisor controller, etc.
VDE - Virtual Desktop Environment - the OS that the users sees.
90
What is a CASB?
CASB - Cloud Access Security Broker is third party who ensures that proper security is maintained on your cloud systems. This is a type of Securiy as a Service.
91
Name three advantages of scripting.
Scripting can:
* Reduce chance of user error
* Chain together multiple, complex tasks
* Save time
92
What is Configuration Validation?
Configuration Validation is the act of checking the configuration of a new or existing system. Making sure only necessary application, processes, ports, etc. are active. This can be done by hand or automated by SCAP (Security Content Automation Protocol) application.
93
What are templates in this context and why are they important?
Templates are standardized recipies for the building of new systems. This can help codify the security steps and ensure systems are built securely.
Example: a LAMP stack is built over and IaaS implementation and includes Linux, Apache, MySQL, PHP/Python/Perl. Security settings are determined through a vendor form before the stack is built.
94
List types of non-persistence.
Non-persistence:
* Snapshots - VMware snapshots
* Revert to Known State - Windows Restore Points. Usually OS, but not user files.
* Rollback to known config - Windows Last Known Good boot
* Live Boot Media - Boot from USB or DVD, for recovery or forensic use.
95
Elasticity vs. Scalability?
Elasticity - dynamically increase workload capacity using added-on-demand hardware. Often occurs automatically in cloud environments. Can scale back down when workload reduces for cost savings.
Scalability - When a system is designed to accomodate larger workloads. Server farms and database clusters often have scalability issues do to the nature of their design.
96
How does Distributative Allocation work with stateful vs. stateless jobs.
Stateful jobs, such as DB queries, always refer back to the same server. Stateless jobs, such as website calls, can refer back to different servers in a cluster. So an additional means of distribuative allocation - such as a load balancer - is required.
97
Fault Tolerence vs. High Availabilty?
Fault Tolerance - a design objective that results on high availabilty.
High Availability - an operational goal of maintaing system even when faults occur.
98
List RAID types.
RAID types:
* 0 - Striped. Fast and dangerous
* 1 - Mirrored
* 2 - Striped at bit-level (rare)
* 3 - Striped at byte level (rare)
* 4 - Larger stripses than RAID 3. Dedicated parity drive.
* 5 - Block-Striped with error checks
* 10 - Mirrored then Striped (1 +0)
99
Types of Fire Extinguishers?
Fire Extinguishers:
A - Wood, paper, cloth, plastic
B - Petroleum, organic solvents
C - Electrical equipment
D - Flammable metals, magnesium, titanium
ABC is most common
