Domain 3 -- Security Architecture and Engineering Flashcards

Question 1

Q

The CPU is the _________ of a computer

Question 2

Q

The actual execution of instructions and logic is performed by the _________.

Answer

A

Arithmetic Logic Unit (ALU)

Question 3

Q

The control unit _________ and ________ the system while different apps and operating system instructions are being executed

Answer

A

manages and synchonizes

Question 4

Q

What are the two types of registers that the CPU has?

Answer

A

General Registers

Special Registers

Question 5

Q

The Program Status Word (PSW) in the CPU has a bit to indicate _______ Mode or _______ Mode

Answer

A

User

Privlieged

Question 6

Q

What’s the difference between Symmetric and Asymmetric modes of multi-processing?

Answer

A

With Symmetric Multiprocessing any CPU can be handed any piece of work (example – All CPU’s can execute OS threads and user threads)

With Asymmetric multiprocessing, not all CPU’s are created equal. Some CPU’s can be dedicated to a specific task (e.g. the Operating System) and other CPU’s can be dedicated to user threads

Question 7

Q

What is ROM memory?

Answer

A

Read Only Memory – It can’t be changed

Question 8

Q

What is PROM and can it be changed?

Answer

A

PROM - Programmable Read-only memory (can be programmed only one time)

Question 9

Q

What is EPROM and can it be modified?

Answer

A

EPROM stands for Erasable Programmable Read Only Memory

It can be erased, modified and upgraded

It is erased with UV Light

Question 10

Q

What is EEPROM and how is it differrent from EPROM?

Answer

A

EEPROM stands for Electrically Erasable ROM.

Instead of requiring UV light to erase it. It can be erased elecrically.

Erasing EEPROM is slow. Only 1 bit at a time.

Question 11

Q

How are Flash Memory and EEPROM similar? How are they different?

Answer

A

Flash Memory came after EEPROM.

It can be erased in blocks and is faster than EEPROM

Question 12

Q

What are the three key elements that make a program vulnerable to a buffer overflow attack?

Answer

A

Not validating the user input to perform proper bounds checking
Making a function call that pushes the return pointer into the stack
Using an insecure function that copies values without ensuring they do not exceed the size of the destination.

Question 13

Q

What are two memory Protection Techniques and how do they work?

Answer

A

ASLR – Address Space Layout Randomization. This is where the OS changes the layout of the memory continually, so attackers can’t attack it
DEP – Data Execution Prevention. It can mark certain memory locations as “off-limits” and thus reduce the “playing field for hackers.”

Question 14

Q

Where are the three places where memory leaks can take place?

Answer

A

Operating Systems
Applications
Software drivers

Question 15

Q

What are the two main countermeasures against memory leaks?

Answer

A

Developing better code that doesn’t create leaks
Using garbage collector software to identify unused memory and mark it as available to the OS

Question 16

Q

Operating systems provide multiprogramming. What does that mean?

Answer

A

Multiprogramming means that more than one program (or process) can be loaded into memory at the same time.

Note that multi-programming is a legacy term. It has been replaced by multi-tasking.

Question 17

Q

What’s the difference between multi-programming and multi-tasking?

Answer

A

Multiproramming means the ability to load more than one program into memory at the same time.

Multitasking means the ability not only to load more than one program into memory at the same time, but also deal with requests from different applications simultaneously.

Question 18

Q

What’s the difference between cooperative multi-tasking and preemptive multitasking?

Answer

A

Cooperative multitasking (Windows 3.1 and early Mac systems) requrired processes to voluntarily release resources they were using while they were waiting.

With Preemptive multitasking the OS controls how long a process can control a resource via mechanisms like time sharing.

Pre-emptive multi-tasking took control away from the apps and gave it to the OS, making it more stable.

Question 19

Q

What are the three states that a process can be in?

Answer

A

Running

Ready

Blocked

Question 20

Q

What’s the difference between a maskable and non-maskable interrupt?

Answer

A

A maskable interrupt is assigned to an event that is not overly important. It can be ignored by the application, if necessary

A non-maskable interrupt can never be overriden by an application.

Question 21

Q

What is a watchdog timer?

Answer

A

A watchdog timer is an example of a critical process that must always do its thing.

The watchdog timer will reset the system with a warm reboot if it cannot recover itself

Question 22

Q

In what order are the instructions in the Memory Stack performed?

Question 23

Q

What are the names of the two pointers related to the memory stack and what are they used for

Answer

A

Return pointer – where to send the results of processing after the instructions on the stack have been executed

Stack Pointer – used by the CPU to keep track of where it is in processing stack instructions

Question 24

Q

What are four methods of enforcing process isolation?

Answer

A

Encapsulation of objects
Time multiplexing of shared resources
Naming distinctions
Virtual memory mapping

Question 25

Q

What are the three goals of memory management?

Answer

A

Provide an abstraction level for programmers
Maximize performance with the limited amout of memory available
Protect the operating system and applications loaded into memory

Question 26

Q

What is a Dynamic Link Library (DLL)?

Answer

A

A DLL is a set of functions that applications can call upon to carry out differrent types of procedures

Question 27

Q

What is Virtual Memory?

Answer

A

When RAM and secondary storage are combined, the result is virtual memory

Question 28

Q

What are five ways that an OS can perform IO operations?

Answer

A

Programmed IO - Polling
Interrupt driven I/O – One character at a time to a printer
I/O using DMA (Direct memory access / AKA unmapped IO)
Premapped I/O - CPU sends device physical memory address and device is trusted to read it (scary)
Fully mapped I/O - OS works with devices via logical memory address. Device is not trusted with physical memory addresses.

Question 29

Q

What is a CPU microarchitecture?

Answer

A

The microarchitecture contains the things that make up the physical CPU (registers, logic gates, ALU, cache, etc.)

Question 30

Q

Describe the relationship between instruction set, micoarchitecture and Operating Systems.

Answer

A

The most common instruction set today (x86) can be used within different microarchitectures (Intel, AMD, etc.) and with different operating systems (Windows, MacOS, Linux, etc.)

Question 31

Q

What’s the definition of an API?

Answer

A

Application Programming Interface – An API is the doorway to a protocol, operating service, process or DLL.

Question 32

Q

What are the four basic OS architecture types and a brief definition?

Answer

A

Monolithic – all OS system processes run in kernel mode
Layered – All OS system processes run in a herarchical model in kernel mode
Microkernel - Core OS processes run in kernel mode and the remaining ones run in user mode.
Hybrid microkernel - All OS processes run in kernel mode. Core processes run within a microkernel and others run in a client/server model.

Question 33

Q

What is a security policy?

Answer

A

A security policy is a strategic tool that dictates how sensitive information and resources are to be managed and protected.

Question 34

Q

What is the Trusted Computing Base (TCB)

Answer

A

The TCB is a collection of HW, SW and firmware coponents within a system that provides some type of security and enforces the systems’s security policy

Question 35

Q

What is the security perimeter in the context of the TCB?

Answer

A

A security perimeter is a boundary that divides the trusted from the untrusted

Question 36

Q

Are the TCB and Security Perimeter Physical things?

Answer

A

No – the TCB and Security Perimeter are conceptual constructs to delineate between trusted and untrusted components and how they communicate

Question 37

Q

What is the Reference Monitor?

Answer

A

The reference monitor is an abstract machine that mediates all access subjects have to objects.

Question 38

Q

What is the security kernel?

Answer

A

The security kernel is made up of hardware, software and firmware coponents that fall within the TCB, and it implements and enforces the reference monitor concept.

Question 39

Q

What are the three main requirements of the security kernel?

Answer

A

It must provide isolation for the processes carrying out the reference monitor concept and it must be tamperproof
It must be invoked for every access attempt and must be impossible to circumvent. Thus, the security kernel must be implemented in a complete and foolproof way.
It must be small enough to be tested and verified in a complete and comprehensive manner

Question 40

Q

What’s the relationship between Reference Monitor, the Security Kernel and the TCB?

Answer

A

The Reference Monitor is a concept in which an abstract machine mediates all access to objects by subjects
The Security Kernel is the hardware, software and firmware of the TCB that implements this concept
The TCB is the totality of protection mechanisms within a computer system that work together to enforce security policy

Question 41

Q

What is a multilevel security policy?

Answer

A

Multilevel security policies prevent information from flowing from a high security level to a lower security level.

Question 42

Q

What type of security model is the Bell-LaPadula model and what aspect of security does it enforce?

Answer

A

It’s a multi-level security policy
It only deals with Confidentiality

Question 43

Q

State the three main rules of the Bell-LaPadula Model and briefly describe them.

Answer

A

Simple Security Rule - A subject at a given security level cannot read data that rsides at a higher security level (No read up)
*-property (star property) rule - A subject in a given security level cannot write information to a lower security level (No write down)
Strong star property rule - a subject who has read and write capabilities can only perform both of those functions at the same security level. So, for a subject to be able to read and write to an object, its clearance and the objects clearance must be equal.

Question 44

Q

What aspect of Security is the Biba Security model concerned with?

Answer

A

Integrity

Question 45

Q

State the three main rules of the Biba Model and briefly describe them.

Answer

A

*-integrity axiom - A subject cannot write data to an object at a higher integrity level (no write up)
Simple integrity axiom - A subject cannot read data from a lower integrity level (no read down).
Invocation property - A subject cannot request service (invoke) at a higher integrity

Question 46

Q

What’s common about the Bell-LaPadula and Biba rules?

Answer

A

Both have simple rules
Both have * rules
If the word Simple is used, it’s with respect to reading
If the rule uses *, it’s about writing

Question 47

Q

What aspect of security is the Clark-Wilson model concerned with?

Answer

A

Integrity

Question 48

Q

What are the five elements used in the Clark-Wilson model?

Answer

A

Users - active agents
Transformation procedures (TP’s)
Constrained data items (CDI’s)
Unconstrained data items (UDI’s)
Integrity Verification Procedures (IVP’s)

Question 49

Q

What is a distinctive feature of the Clark-Wilson model, and what does it refer to?

Answer

A

Well formed transactions - these are a series of operations that transform a data item from one consistent state to another.

Question 50

Q

Briefly describe how the Clark-Wilson model works?

Answer

A

Data is separated into CDI (secure and worthy of protection) and UDI (less critical)
Users can’t modify CDI directly. They must use Transformation Procedures to modify the data on behalf of the user
The IVP ensures that all critical data manipulation follows the application defined integrity rules
The Clark-Wilson model enforces the “access triple”
1. Subject (user)
2. Program (TP)
3. Object (CDI)

Question 51

Q

What is a non-interference model and what is the point of it?

Answer

A

A non-interference model ensures that any actions that take place at a higher level of security do not affect or interfere with actions that take place at a lower level
It is concerned about what a subject knows about the state of the system
It is designed to prevent data leakage. If an entity at a higher security level performs an action, it cannot change the state for an entity at a lower security level.

Question 52

Q

What does the Brewer and Nash Model state? What is a synonym for it?

Answer

A

The model allows for dynamically changing access controls that protect against conflicts of interest
The Brewer and Nash model states that a subject can write to an object if, and only if, the subject cannot read another object that is in a different dataset
Its main goal is to protect against conflicts of interest by users’ access attempts (example – stock broker having access to earnings report)
It is also known as the Chinese Wall model

Question 53

Q

What are the eight rules covered by the Graham-Denning Model

Answer

A

How to securely create an object
How to securely create a subject
How to securely delete an object
How to securely delete a subject
How to securely provide the read access right
How to securely provide grant the access right
How to securely provide the delete access right
How to securely provide transfer access rights

Question 54

Q

What is the gist of the Harrison-Ruzzo-Ullman Model?

What does it deal with?

Answer

A

The Harrison-Ruzzo-Ullman model deals with access rights of subjects and the integrity of those rights

A subject can carry out only a finite set of operations on an object.

Gist – If there is a complex operation required (Steps A-F, for example) and one of those commands is not authorized, then the whole operation fails.
Think transaction integrity

Question 55

Q

Systems Evaluation / Common Criteria - What international standard refers to it?

Answer

A

ISO/IEC 15408

These are Common Criteria for the evaluation of the security level of a system

Question 56

Q

What are the seven Evaluation Assurance Levels (EALs) of the Common Criteria?

Answer

A

EAL1 - Functionally tested
EAL2 - Structurally tested
EAL3 - Methodically tested and checked
EAL4 - Methodically designed, tested and reviewed
EAL5 - Semiformally designed and tested
EAL6 - Semiformally verified design and tested
EAL7 - Formally verified design and tested

Question 57

Q

What does it mean that a system is “formally verified?”

Answer

A

It means that it’s based on a model that can be mathematically proven

Question 58

Q

The Common Criteria uses ______ _________ in its evaluation process

Answer

A

Protection profiles (pp)

Question 59

Q

What are the three sections typically contained in a Protection Profile?

Answer

A

Security Problem Description
Security Objectives
Security Requirements

Question 60

Q

What CAUTIONS should be kept in mind regarding Assurance Ratings?

Answer

A

It only means it has the potential of providing the specified level of protection. It must be properly configured to actually provide the desired level of protection
It is up to the customer to keep the software properly configured at all times.
The level of protection is a point in time snapshot. The next version of the software could have a lower level of protection

Question 61

Q

What are the three main parts of the ISO/IEC 15408 Internation Standard that deals with Security properties under the Common Criteria framework?

Answer

A

ISO/IEC 15408-1 Introduction and General model
ISO/IEC 15408-2 Security Functional Components
ISO/IEC 15408-3 Security Assurance Components

Question 62

Q

Within the context of the Common Criteria, what’s the difference between Certification and Accreditation?

Answer

A

Certification is the comprehensive technical evaluation of the security components and their compliance for the purpose of accredition
The goal of the certification process is to ensure that a system, product, or network is right for the customer’s purposes
Accreditation is the formal acceptance of the adequacy of a system’s overall security and functionality by management.
Following examination of the certifaction information, Management makes a formal accreditation statement

Question 63

Q

What’s the difference between Open Systems and Closed Systems?

Answer

A

Open Systems are based on standards, protocols and interfaces that have published specifications
Closed systems use an architecture that does not follow industry standards

Question 64

Q

Name three common models in Cloud Computing.

Answer

A

SaaS - e.g. Salesforce.com
PaaS = e.g. Web server
IaaS - User responsible for configuring the infrastructure

Answer 63

A

Bit level parallelism - multiple bits are processed in parallel
Instruction level parallelism - Two or more program instructions can be executed simultaneously (requires two or more processors)
Task level parallelism (breaking down a large problem, such as weather forecasting, into multiple tasks that can be executed in parallel.
Data parallelism - describes the distribution of data among different nodes that then process it in parallel.

Answer 64

A

Aggregation - puts together pieces of information available to get a view of secret information
Inference - the ability to derive information not explicitly available. It’s the goal of aggregation

Answer 65

A

Context based access control means that the software “understands” what actions should be allowed based on the state and sequence of the request.

What else was the user doing? What did he just attempt to do previously? What hours of the day are these access requests being made, etc.?

Answer 66

A

Content dependent access control is simple. Does the user have access to the resource or not?

Context dependent access control must know if the user has access to a resource, what other resources did he just ask to see? What time of day is it. What sequence of events is taking place, etc/

Answer 67

A

Context based access control - knowing context of the user’s request before granting access
Cell suppression - hide specific cells that could be used in inference attacks
Partitioning the database - Not having all the info in one place to make it tougher to connect the dots
Noise and Perturbation - intentionally inserting bogus information to misdirect the attacker and confusing them enough so that the actual attack will not be fruitful

Answer 68

A

Analyze website architecture and keep it as simple and straightforward as possible
Assume all user input is potentially dangerous and must be sanitized before being processed
All output generated by the system should be filtered to ensure private/sensitive data is not being disclosed
Make sure that the system fails securely
Web application firewalls – these inspect traffic into/out of the web site to filter malicious content. Added layer of security.

Answer 69

A

False base stations can be created
Confidential data can be stolen
Camera and microphone functionality can be used improperly
Internet sites can be accessed in violation of company policies
Malicious code can be downloaded
Encryption can be weak and not end to end

Answer 70

A

Only allow centrally managed devices to access corporate resources
Remote policies should be pushed to each device and user profiles should be encrypted with no local options for modification
Data encryption, idle timeout locks, screen saver lockouts, authentication, and remote wipe should be enabled
Bluetooth should be locked down, only allowed apps should be installed and social media sites should be restricted
Endpoint security should expand to mobile endpoints
802.1X should be implemented on wireless VoIP clients on mobile devices

Answer 71

A

Any system in which computers and phsical devices collaborate via the exchange of inputs and outputs to accomplish a task or objective is a cyber physical system

Examples:

Embedded systems
Internet of things

Answer 72

A

Authentication (usually it’s poor if it exists at all)
Encryption - since cryptography requires a lot of processing and memory, in many cases data at rest and in motion can be vulnerable
Updates - many vendors do not provide functionality to automatically update the software/firmware when patches are available

Answer 73

A

Industrial Control Systems

Answer 74

A

Programmable Logic Controllers (PLCs) - are computers designed to control electromechanical processes such as assembly lines, elevators, roller coasters and nuclear centrifuges. Typically communicate via RS-232
Distributed Control Systems (DCS) - Think hierarchy. At bottom are the devices to be controlled (e.g. hammers). Next level up are the PLC’s. Next level up from PLCs are Distributed Control systems that are supervisory computers that control, for example, an assembly line. DCS typically work within the context of a single plant
Supervisory Control and Data Acquisition (SCADA) – Essentially DCS across long distances. DCS could control a power plant. A SCADA system would control distribution of generated power across a power grid.

Answer 75

A

Remote Terminal Unit (RTU) - endpoint that connects to sensors and actuators

Data Acquisition Servers (DAS) - backends that receive data from RTU’s via telemetry system and perform processing

Human Machine Interface (HMI) - User Station

Answer 76

A

The single greatest threat to ICS security is the connectivity of these once-private networks to traditional IT networks

Answer 77

A

Apply risk management process to ICS
Segment the network to place IDS/IPS at the subnet boundaries
Disable unneeded ports and services on all ICS devices
Implement least privilege through the ICS
Use encryption wherever feasible
Ensure there is a process for patch management
Monitor audit trails regularly

Answer 78

A

6 defects per 1000 LOC.

Answer 79

A

Maintenance hooks are commands that only a developer knows that gives him/her easy access to the code

They should be removed before the software goes into production

Answer 80

A

No because:

Developers are not necessarily security minded
Enterprises are still running old software that may still have maintenance hooks.

Answer 81

A

Use a host base IDS to watch for attackers using back doors to access the system
Use file system encryption to protect sensitive information
Implement auditing to detect any type of back door use

Answer 82

A

The main concept is that it may be possible for an attacker to get “in the middle” of the sequence of instructions that are to be performed.

Example, Process 1 may check to see of Bob has access to a non-critical text file. However, before the file is opened, the attacker may change out the non-critical file with the password file and thus Bob would gain access to the password file.

This type of attack is also known as an asynchronous attack.

Answer 83

A

A race condition is when two different processes need to carry out their tasks on one resource and they must be performed in a certain order.

However, if process 2 can be manipulated to happen before process 1, it could generate incorrect results.

Example: If you are supposed to add 3 (process 1) and divide by 15 (process 2) and these processes happen out of order, they would generate the different results.

Answer 84

A

Use atomic operations (don’t break up authorization and authorization)
Apply software locks when carrying out its checking tasks

Answer 85

A

A cipher where each character is replaced with another character

Answer 86

A

When paper (or papyrus) is wrapped around a piece of wood it is readable, but otherwise not.

Answer 87

A

He created cipher text by shifting each character 3 positions forward in the alphabet.

Answer 88

A

A system or product that provides encryption and decryption.

Answer 89

A

An algorithm

Answer 90

A

Software
Protocols
Algorithms
Keys

Answer 91

A

Kerckhoff argued that the only secret in cyptography should be the key. That way lots of people know how it works and can make it better.

Not everyone agrees with this point of view.

Answer 92

A

The algorithm
The secrecy of the key
The initialization vectors
How they all work together

Answer 93

A

Work factor (i.e. how much work is required to break the system)

Answer 94

A

A one-time pad is a perfect encryption scheme because it is considered unbreakable if implemented properly.

Another name for a one-time pad is the Vernam cipher.

Answer 95

A

Convert the message to binary
Create a random one-time pad of 1’s and 0’s with as many bits as the plain text message
To create cyphertext, XOR the plaintext binary wtih the onetime pad, bit by bit
To decrypt it, also XOR the the ciphertext with the one-time pad

Answer 96

A

The pad must be used only one time
The pad must be as long as the message
The pad must be securely distributed
The pad must be secured at sender and receiver’s sites
The pad must be made up of truly random values

Answer 97

A

Each side has the same bookshelf of books

1st book:

49th page

6th line

7th column

The four parameters above give you the first character. Then, etc.

Answer 98

A

Example – You get a message, but the real message is to only read every third word.

A concealment cipher is an example of steganography.

Answer 99

A

Steganography is a method of hiding data in another media type so the very existence of the data is concealed.

Example is to conceal a message in a jpeg file.

Answer 100

A

Carrier - a signal, data stream or file that has hidden information in it
Stegomedium - the medium in which the information is hidden
Payload – the information that is to be concealed and transmitted

Answer 101

A

Least Significant Bit (LSB)

Answer 102

A

A substitution cipher replaces bits, characters or blocks of characters with different bits, characters, or blocks.

Answer 103

A

A transposition cipher does not replace the original text with different text, but rather moves the original values around. It rearranges the bits, characters or blocks of characters to hide the original meaning.

Answer 104

A

Substitution

Answer 105

A

Frequency analysis is looking at how often certain patters recur in order to break the code.

In English, the letter e is the most common, so once you know the cipher text for e you can go on to the next step.

Answer 106

A

Ker Derivation Functions (KDF’s) are used to generate keys that are made up of random values.

Answer 107

A

It’s where sender and receiver use two instances of the same key

Answer 108

A

Much faster than asymmetric systems
Hard to break if done with a large key size

Answer 109

A

Requires a secure mechanism to deliver keys properly
Each pair of users needs a unique key, so as the number of individuals increases, so does the number of keys, making key management overwhelming
Provides confidentiality, but not authenticity or non-repudiation

Answer 110

A

DES
Triple-DES
Blowfish
International Data Encryption Algorithm (IDEA)
RC4, RC5, RC6
Advances Encryption Standard (AES)

Answer 111

A

Asymmetric cryptography uses two different keys for encryption and decryption. Both keys are mathematically related.

Answer 112

A

Secure message format is encrypting the file with the receivers public key. That way only the receiver can decrypt it.

This ensures confidentiality

Answer 113

A

The sender would use his/her private key, because it is known only to the sender and would prove that the message came from the sending

Answer 114

A

Open message format means the sender encrypts the message with his/her private key.

Authenticity is ensured, but not confidentiality because anyone with the sender’s public key could decrypt it.

Answer 115

A

Public Key Cryptography

Answer 116

A

Better key distribution than symmetric systems
Better scalability than symmetric systems
Can provide authentication and non-repudiation

Answer 117

A

It’s much slower than symmetric key cryptography
Mathematically intensive tasks

Answer 118

A

Rivest-Shamir-Adelman (RSA)
Elliptic curve cryptosystem (ECC)
Diffie-Hellman
El Gamal
Digital Signature Algorithm (DSA)

Answer 119

A

Message is divided into fixed-length blocks
An encryption algorithm is run against each of the blocks

Answer 120

A

Confusion pertains to making the relationship between the key and resulting ciphertext as complex as possible so the key cannot be uncovered from the ciphertext.

Answer 121

A

Diffusion means that a single plaintext bit has influence over several of the ciphertext bits. Thus, changing a plaintext value should change many ciphertext values, not just one.

Answer 122

A

The avalanche effect means that a small change in the plaintext will make a big change in the ciphertext.

The avalanche effect is basically the same thing as diffusion.

Answer 123

A

Whereas a block cipher breaks a message down into blocks of fixed length, a stream cipher treats a message as a stream of bits and performs functions on each bit individually.

Answer 124

A

Easy to implement in hardware
Long periods of no repeating patters within keystream values
A keystream is not linearly related to a key (if a person figures out the keystream value, they still don’t have the key
A statistically unbiased keystream (as many zeroes as ones)

Answer 125

A

Block ciphers are considered more secure

Answer 126

A

Stream based data tends to use stream ciphers. Things like:

VOIP

Multimedia

Answer 127

A

Compression - reduce redundancy before plaintext is encrypted
Expansion - expanding the plaintext by duplicating values. This is done to increase the plaintext size to map to key sizes
Padding – Adding material to plaintext data before it is encrypted
Key mixing – using a portion (subkey) of a key to limit the exposure of the key. Key schedules are used to generate subkeys from master keys

Answer 128

A

Secret key cryptography
Session key cryptography
Private key cryptography (unfortunate because asym crypt also uses this term in a different way
Shared-key cryptography

Answer 129

A

DEA is the algorithm that fulfills DES, which is just a standard. Exam could refer to either one.

Answer 130

A

DES is a symmetric block encryption algorithm
64 bit blocks of plaintext go in and 64-bit blocks of ciphertext come out
Symmetric algorithm
64-bit key
- 56 bits for the true key
- 8 bits for parity
Blocks are operated on one at a time
Blocks are put through 16 rounds of transposition and substitution functions
The order and type of transposition depend on the key value

Answer 131

A

Not necessarily. If people are using session keys, then the key was only good for a single session and the attacker would have to break another key for a second session.

So, if you are a bank or a military, you probably wouldn’t ever use an encryption methodology that has been broken.

If your messages are less critical, you might.

Answer 132

A

Electronic Code Book (ECB)
Cipher Block Chaining (CBC)
Cipher Feedback (CFB)
Output Feedback (OFB)
Counter (CTR)

Answer 133

A

ECB mode operates like a code book.

A 64-bit data block is entered into the algorithm along with a key and a block of ciphertext is produced
For a given block of plaintext and given key, it will always produce the same ciphertext
It uses padding when messages don’t fit neatly into 64-bit blocks

Answer 134

A

Each block is encrypted with the exact same key
If an attacker uncovers the key, he would be able to decrypt all blocks of data encrypted with that key.
Or an attacker could gather the ciphertext and plaintext of each block and build the code book that was used without needing the key
The crux of the problem is that there is not enough randomness
If it is used to encrypt large amounts of data it would be easier to crack than small amounts of data.
Then why use it? It’s the fastest and is useful for small amounts of data like PINs, challenge/response values in authenticaion processes

Answer 135

A

Operations can be run in parallel, which decreases processing time
Errors are contained. If an error takes placed during th encryption procss, it only affects one block of data
It is only usable for the encryption of short messages
It cannot carry out preprocessing functions before recieving plaintext.

Answer 136

A

Cipher block chaining mode does not revel a pattern because for the next block of text the algorithm uses:
- the key
- the value based on the previous block are used.
See Figure 3-40
The algorithm uses an initialization vector for the first block since it doesn’t have a previous block to feed in to the algorithm

Answer 137

A

CFB works on 8-bit blocks
It is a combination of a block cipher and a stream cipher
For the first block of 8-bits it is necessary to use an IV
First 8-bit block is XORed with bits generated by keystream generator
Two things happen with the resulting 8-bit block of ciphertext
1. One copy goes over the wire to destination
2. One copy is used to encrypt the next 8-bit block of data

Answer 138

A

It’s very similar to CFB mode except, instead of feeding the Ciphertext into the algorithm for the subsequent block, OFB mode feeds the Keystream (output) from the previous stage into the algorithm of the subsequent stage.

This makes OFB mode more tolerant of single bit errors throughout the full encryption process

Answer 139

A

Counter mode is very similar to OFB mode, except instead of using a randomly unique IV to generate the keystream values, it uses an IV counter that increments for each plaintext block that needs to be encrypted.
The IV counter increments for each block to be encrypted
There is no chaining involved.
Encryption of different blocks can happen in parallel
Same with decryption
Used in protocols where blocks may arrive out of order
CTR is much faster because of parallelization

Answer 140

A

Synchronous systems use keystreams to encrypt plaintext one bit at a time
Asynchronous cryptosystems use previously generated output to encrypt the current plaintext values
A stream algorithm is considered synchronous
A block algorithm that uses chaining is considered asynchronous

Answer 141

A

Triple DES was meant to be a stop gap between DES and AES
3DES uses 48 rounds in its computation
3DES can take up to 3X longer to encrypt/descrypt

Answer 142

A

DES-EEE3 - uses 3 different keys for encryption. The data is Encrypted, Encrypted, Encrypted
DES-EDE3 - uses 3 different keys for encryption. The data is Encrypted, Decrypted, Encrypted
DES-EEE2 - Same as DES-EEE3, but only uses two keys. The first and third encryption process use the same key
DES-EDE2 - Same as DES-EDE3, but only uses two keys. The first and third encryption process use the same key

Answer 143

A

AES uses the Rijndael algorithm
It supports 128, 192 and 256 bit block sizes
- If key and block size are 128 bits, there are 10 rounds
- If key and block size are 192 bits, there are 12 rounds
- If key and block size are 256 bits, there are 14 rounds

Answer 144

A

IDEA is a block cipher
Operates on 64 bit blocks
Key is 128 bits long
IDEA is faster than DES when implemented in software
Has different modes similar to the DES modes
Harder to break than DES because key is longer
IDEA is used in PGP and other encryption software
It is patented, so limited use
No successful practical attacks against the algorithm

Answer 145

A

Block cipher
Works on 64 bit blocks
Key Length can be 32 bits up to 448 bits
16 rounds of cyptographic functions
Is in the public domain

Answer 146

A

RC4 is one of the most commonly implemented stream ciphers
Variable key size
Is used in SSL
Was a trade secret of RSA Data Security
Sometimes referred to as ARC4 because RC4 is trademarked
Simple, fast, efficient
Vulerable to modification attacks

Answer 147

A

RC5 is a block cipher
Developed by Ron Rivest
Parameters used to determine
- block size (32-bit, 64-bit, 128-bit)
- key length (up to 2048 bits)
- number of rounds used (up to 255)

Answer 148

A

Block Cipher
Very similar to RC5
Modifications to RC6 to increase speed
Was a candidate for AES, but was not chosen

Answer 149

A

Symmetric key cryptography only provides confidentiality, not authentication or non-repudiation
As the number of people who need to communicate increases, so does the number of symmetric keys required, meaning more keys must be managed
Secure Key Distribution - Symmetric key must be delievered to its destination via a secure courier.

Answer 150

A

It provides key agreement, not key exchange
Enables two systems to generate a symmetric key securely without having a previous relationship or prior arrangements
DOES NOT Provides encryption
DOES NOT provide digital signature
Based on the difficulty of calculating discrete logarithms in a finite field
Susceptible to man in the middle attacks

Answer 151

A

Tanya and Erika both generate a public and private key pair
They exchange public keys
Tanya’s software takes her private key and Erika’s public key and generates a symmetric key
Erika takes her private key and Tanya’s public key and generates the same symmetric key
Now they can use the same symmetric key to communicate securely

Answer 152

A

Make sure authentication takes place before accepting someone’s public key

Answer 153

A

Public Key Cryptography uses an asymmetric algorithm
Public Key Infrastructure is not an algorithm, protocol or application – It is an infrastructure based on public key cryptography

Answer 154

A

RSA stands for Rivest-Shamir-Adleman
It’s a public key algorithm
It’s the most popular asymmetric algorithm
Worldwide de facto standard
Provides authentication & encryption
Security is based on the difficulty of factoring large numbers into their original prime numbers
Advantage of RSA is that it provides encryption and signature verification

Answer 155

A

A one-way function is a mathematical function that is easier to compute in one direction than the other direction
RSA one way function is to multiply two large prime numbers
Multiplying these numbers is much easier than factoring the product to recover the initial large prime numbers
With RSA, encrypting with the public key is the one-way function
The private key is the “trap door” that contains information to decrypt the message securely

Answer 156

A

Work factor is the amount of time and resources needed to break an encryption method

Answer 157

A

El Gamal is a public key algorithm
Can be used for digital signatures
Can be used for encryption
Can be used for key exchange
Based on the difficulty of calculating discrete logarithms in a finite field
El Gamal is an extension of Diffie Hellman
Main drawback is performance. It’s usually the slowest

Answer 158

A

Provides much the same functionality as RSA:
- Digital signatures
- Secure Key distribution
- Encryption
More efficient than RSA or any other asymmetric algorithm
Security comes from the difficulty of calculating discrete logarithms along an elliptical curve
Since it’s more efficient, it is used in wireless and cell phones
ECC can provide the same level of security as RSA, but with smaller keys

Answer 159

A

It was based on the knapsack problem:
- if you have several different items, each with its own weight, can you add them to a knapsack so the knapack has a specific weight?
Knapsack is now considered insecure

Answer 160

A

It’s used in public key cryptography
If Irene sends you a message that she encrypted with her private key and you can verify that she sent it by decrypting it with her public key
Irene thus “proves” to you that she has her private key, but she never gives or shows you her private key.
Only the owner of the private key can truly prove that she has possession of the private key.

Answer 161

A

They only protect against unintentional modifications, not intentional ones.

Answer 162

A

A one-way hash is a function that takes a variable length string and produces a fixed length hash value.
The sender appends the hash value to the message
When the receiver receives the message, he recomputes the hash value and checks to make sure that it matches the one sent with the message
If the hash values match, then the message should be secure.
Hashing takes place without any keys
Weakness – If the message is intercepted someone can create a new message, create a new hash and send it to the receiver. The hash values will match, but it will be a message from an attacker

Answer 163

A

MAC stands for Message Authentication Code

A MAC function is an authentication scheme derived by applying a secret key to a message in some form.

The three basic types of MAC functions are:

HMAC
CBC-MAC
CMAC

Answer 164

A

The sender concatenates a symmetric key with the message
The result is put through a hashing algorithm
A MAC value is generated
The MAC value is appended to the message
The sender sends the message to the receiver (message + MAC value)
The receiver concatenates symmetric key to message
Receiver puts the message + symm key through hashing algorithm to generate MAC value
If the the MAC values match, then the message has not been modified

Note - the key is not used for encryption.

Answer 165

A

Cipher Block Chaining Message Authentication Code

Answer 166

A

Message is encrypted with symmetric block cipher in CBC mode
The output of the final block of ciphertext is used as the MAC
Sender sends the plaintext message with the MAC attached to it
Receiver receives the plaintext message + MAC
Receiver encrypts the message with the same block cipher
If the new MAC value matches the one sent with the message, then the message has not been altered

Answer 167

A

Message Authentication Codes (MAC’s) provide data origin authentication (aka system authentication), but not user authentication.

The reason for this is that symmetric keys are bound to a computer or device

Only private keys are bound to a user

Answer 168

A

CMAC stands for Cipher-based Message Authentication Code

It provides the same data origin authentication and integrity as CBC-MAC
It is a variation of CBC-MAC
It’s more mathematically secure
Symmetric keys are used to create subkeys
Subkeys are used to individually encrypt each of the blocks
Other than that, it’s the same as CBC-MAC

Answer 169

A

CCM combines CTR mode and CBC-MAC.
The goal is to provide both data origin authentication and encryption through the use of the same key
One key value is used for the counter values in CTR mode encyption and the IV value for CBC-MAC operations.
IEEE 802.11i wireless standard outlines the use of CCM mode for the block cipher AES

Answer 170

A

fingerprint

Answer 171

A

The hash should be computed over the entire message
The hash should be a one-way function so messages are not disclosed by their values
Given a message and its hash value, computing another message with the same hash value should be impossible
The function should be resistant to birthday attacks

Answer 172

A

MD4 is a one-way hash function designed by Ron Rivest
It produces a 128-bit digest value
It is no longer considered secure

Answer 173

A

It’s the follow-on to MD4
More complex algorithm / harder to break
It produces a 128-bit hash
MD5 is subject to collision attacks

Answer 174

A

SHA produces a 160 bit hash value (aka message digest)
The hash is then inputted into an asymmetric algorithm which computes a signature for a message
There are multiple versions of SHA (known as SHA-2 and SHA-3 families)
- SHA-256
- SHA-384
- SHA-512

Answer 175

A

A collision

Answer 176

A

How many people must be in the same room for the chance to be greater than even that another person has the same birthday as you? Answer: 253
How many people must be in the room for the chance to be greater than even that at least two people share the same birthday? Answer: 23
In a birthday attack, you have the original message and you tweak it to your advantage and keep changing it until the message digests match.

Answer 177

A

Public Key infrastructure consists of programs, data formats, procedures, communication protocols, security policies and public key cryptographic mechanisms working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion.
In other words, PKI establishes a level of trust in the organization

Answer 178

A

A CA is a trusted organization (or server) that maintains and issues digital certificates.
Could be at a company
Could be something like Verisign
A CA is a component of PKI

Answer 179

A

A man in the middle attack

Answer 180

A

When two private CA’s each trust the other in order for two separate organizations to be able to communicate securely

Answer 181

A

A CRL is a list of certs that have been revoked. The CRL is maintained by the CA.

Answer 182

A

It’s an improvement over the CRL approach
When OCSP is implemented, it checks the CRL in the background as part of the protocol
Thus, the CRL is checked every time and we are not risking trusting entities with certs that have been revoked for one reason or another

Answer 183

A

A certificate is the mechanism used to associate a public key with a collection of components in a manner that is sufficient to uniquely identify the claimed owner.
The cert includes a serial number, version number, identity information, algorithm information, lifetime dates and the signature of the issuing authority.

Answer 184

A

The RA performs the certificate registration duties

Answer 185

A

Certification Authority
Registration Authority
Certificate Repository
Certificate Revocation System
Key backup and recovery system
Automatic key update
Management of Key Histories
Timestamping
Client-side software

Answer 186

A

Confidentiality
Access Control
Integrity
Authentication
Non-repudiation

Answer 187

A

Confidentiality
Integrity
Authentication
Authorization
Non-repudiation

Answer 188

A

A digital signature is a hash value that has been encrypted with the sender’s private key

Answer 189

A

authentication
non-repudiation
integrity

Answer 190

A

DSA stands for Digital Signature Algorithm
It can only be used for Digital signatures
DSA is slower than RSA for signature verification

Answer 191

A

Key management

Answer 192

A

Key length should be long enough to provide the necessary level of protection
Keys should be stored and transmitted by secure means
Keys should be extremely random and the algorithm should use the full spectrum of the keyspace
The key’s lifetime should correspond to the sensitivity of the data it’s protecting. More sensitive data, shorter key lifetime
The more the key is used, the shorter it’s lifetime should be
Key should be backed up or escrowed in case of emergencies
Keys should be properly destroyed when they are no longer in use

Answer 193

A

Key escrow is a process or entity that can recover lost or corrupted cryptographic keys.
When two or more parties are needed to reconstruct a key for recovery, the process is known as multi-party key recovery

Answer 194

A

The Trusted Platform Module is a microchip that is installed on the motherboard of modern computers and is dedicated to carrying out security functions related to the storage and processing of symmetric and asymmetric keys, hashes and digital certificates.

Answer 195

A

Binding a hardrive to a specific computer. The TPM contains a key and the contents are encrypted by the key in the TPM. If the hard disk is removed, it can’t be read.
Sealing a systems state to a particular HW/SW configuration. It protects against tampering with system configuration. This is accomplished by the TPM generating hash values based on system configuration settings

Answer 196

A

Persistent Memory
- Includes Endorsement Key (EK). Public/Private key pair that is installed on the TPM at the time of manufacture. Private key always remains in the TPM
Storage Root Key (SRK)
- The master wrapping key used to secure the keys stored in the TPM

Answer 197

A

Versatile Memory.

Attestation Identity Key (AIK). Used for the attestation f the TPM chip itself to service providers. The AIK ensures the integrity of the EK
Platform Configuration Registers - Used to store cryptographic hashes of data used for TPM’s “sealing” functionality
Storage keys. Used to encrypt storage media of the computer system

Answer 198

A

Digital Rights Management (DRM) refers to a set of technologies that is applied to controlling access to copyrighted data

Answer 199

A

No. Digital Rights Management doesn’t necessarily mean a technology designed exclusively for DRM. It could be standard security technology.

Example - standard user authentication and authorization

Answer 200

A

It won’t work if the device does not have internet connectivity

Answer 201

A

Product Keys

Answer 202

A

If you use Product keys, then the attacker has the Key and the executable code of the algorithm that uses it.

The attacker could reverse engineer the algorithm and create a key generator.

The countermeasure for this is to require a one-time activation of the key before it will work.

Answer 203

A

Digital watermarks are an approach to DRM.

Digital watermarks are steganographically embedded into the file and can document details such as the owner, the licensee and data of purchase.

They can’t prevent someone from illegally copying the file, but they can be used to track, identify and prosecute the perpetrator.

Answer 204

A

Eavesdropping
Sniffing data

Since they are hard to detect, the approach is to prevent them from happening in the first place.

Answer 205

A

Altering messages
modifying system files
masquerading as another individual

Answer 206

A

Key
Algorithm
Implementation
Data
People

Answer 207

A

In this attack, the attacker has the cyphertext of several messages
Each of the messages has been encrypted with the same encrypted algorithm
Attackers goal is to discover the key used in the encryption process
Once the key is known, attacker can decrypt all of the other messages encrypted with the same key

Answer 208

A

It’s where the attacker has the plaintext and the corrresponding ciphertext of one or more messages
Goal is to uncover the key so other messages can be deciphered and read
The US used a known plaintext attack against the Germans and Japanese in WWII.

Answer 209

A

A chosen plaintext attack is where the attacker has the plaintext and ciphertext, but can choose the plaintext that gets encrypted to see the corresponding ciphertext.
Example is that an attacker has been sniffing.
Attacker creates a message they they believe will get forwarded. Since the attacker created the plaintext, they know it and when they sniff the corresponding ciphertext, they have two pieces of the puzzle to use to determine the key

Answer 210

A

It’s where the attacker can choose the ciphertext to be decrypted and has access to the resulting plaintext.
Goal is to figure out the key
It’s a hard attack to make because the attacker may have to take control of a system to carry out the attack.

Answer 211

A

It’s where the user starts with a certain type of attack and after they begin to gather puzzle pieces they may adapt their method and begin to use a different type of attack, to continue the attack.

Answer 212

A

It’s goal is to uncover the key
Attacker looks at ciphertext pairs generated by encryption of plaintext pairs with specific, intentional differences
Attacker analyzes the effect of those differences
In 1990 a differrential cryptanalysis attack was invented against DES and it was effective against it, as well as other block algorithms
It is considered a type of chosen plaintext attack

Answer 213

A

it performs functions to determine the highest probability that a specific key was employed during the the encryption process using a block algorithm
It uses probability of different keys producing the ciphertext at various S-Boxes in the process

Answer 214

A

A side channel attack doesn’t depend on trying to mathematically determine the key.
Instead, it looks around the cryptosystem and its attributes and characteristics
Examples: Measuring power consumption, radiation emissions, the amount of time needed for certain computations
In 1995, RSA private keys were uncovered by measuring the relative time cryptographic operations took.

Answer 215

A

A replay attack is where an attacker captures some type of data and resubmits it with the hopes of fooling the receiving device into thinking it is legitimate information.
It is often that the data captured is authentication information and the attacker is trying to authenticate himself as someone else.

Answer 216

A

Timestamps
Sequence numbers

Answer 217

A

An algebraic attack is when the attacker analyzes the vulnerabilities in the mathematics used within the algorithm and exploit the intrinsic algebraic structure.

For exaple, attacks on the textbook version of the RSA cryptosystem exploit the properties of the algorithm, such as the fact that the encryption of a raw “0” message is “0.”

Answer 218

A

An analytic attack identifies an algorithm’s structural weakness or flows as opposed to a brute force attack, which exhausts all possibilitites.

Examples:

Double DES attack
RSA factoring attack

Answer 219

A

Statistical attacks identify statistical weaknesses in algorithm design and exploit them.

Example - if statistical patterns are observed between the number of ones and the number of zeroes in a random number generator. If the keys are taken directly from the RNG, then that information could be used to reduce the search time for the keys

Answer 220

A

Goal of these attacks is to trick people into giving their sensitive information.

Examples:

Attacker convinces victim that he is a sysadmin
Attacker uses persuasion
Coercion
Bribery

Answer 221

A

It’s a mathematical analysis technique used to attack the problem from both sides

Forward map from one side

Inverse map from the other side at the same time

Works by:

Encrypting from one end
Decrypting from the other end at the same time
Thus, meet in the middle

Answer 222

A

Natural environmental threats – floods, earthquakes, etc.
Supply system threats – Power disruption, communication disruptions, water, gas, etc.
Manmade threats - Unauthorized access (internal and external)
Politically motivated threats

Answer 223

A

It’s the idea that human life is the top priority.

You could bar a door shut to keep out intruders, but if that prevents people from escaping in the event of a fire, it’s a bad idea.

Answer 224

A

Physical security is a combination of people, processes, procedures, technology and equipment to protect resources.

Answer 225

A

Collusion is where two or more people work together to carry out fraudulent activity

Answer 226

A

Crime and disruption prevention through deterrence (fences, security guards, etc.)
Reduction of damage through the use of delaying mechanisms (locks, security personnel, barriers
Crime or disuption prevention - smoke detectors, motion detectors, CCTV, etc.
Incident assessment - Response of security guards to detected incidents and determination of damage level
Response procedures - fire suppression mechanisms, emergency response process, law enforcement notification, etc.

Answer 227

A

You devise measurements and metrics to guage the effectiveness of countermeasures. Things like:
- Number of successful crimes
- number of successful disruptions
- Number of unsuccessful disruptions
- business impact of disruption
- Time for a criminal to defeat a control
- Financial loss of a successful crime
- Financial loss of a successful diruption

Answer 228

A

Identify team of internal employess/external consultantgs to build the program
Define the scope
Carry out risk analysis
Identify regulatory and legal requirements
Work with management to define acceptable risk level
Derive the required performance baselines from that acceptable risk level
Create countermeasures and peformance metrics
Develop criteria from the results of the analysis and categorize them
Identify and implement countermeasures for each program category
Continually evaluate countermeasures against the set baselines to ensure acceptale risk is not exceeded

Answer 229

A

CPTED is a discipline that outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior.

Street furnishing like benches encourage people to sit and watch
security cameras in full view
No wooded areas
The establishment of security zones / different zones have different controls

Answer 230

A

The goal of natural surveillance is to make criminals feel uncomfortable by providing many ways observers could potentially see them and to make all ofther people feel safe and comfortable by providing an open and well-designed environment.

Answer 231

A

Target Hardening

Answer 232

A

Under raised floors
On dropped ceilings

Answer 233

A

The MDF is the Main Distribution Facility where higher bandwidth lines are divided into multiple lower bandwidth lines. It normally has its own room
- IDF is the Intermediate Distribution Facilities – which usually distribute individual lines or drops to multiple end points. These are often in the same room as other things, which makes them susceptible to tampering

Answer 234

A

They are secured
All access and transfers are logged

Answer 235

A

Internal Support systems refers to things like:

lights
air conditioning
water

Answer 236

A

Uninterruptable Power Supplies
Power line conditioners
Backup sources
- Possibly having power supplied by different power companies
- Generators

Answer 237

A

Voltage regulators
Line conditioners

Answer 238

A

Surge protectors
Shut down devices in an orderly fashion
Use power line monitors
Use regulators to keep voltage steady and the power clean
Protect distribution panels, master circuit breakers and transformer cables with access controls
Protect against magnetic induction through shielded lines
Use shielded cabling for long runs
Do not run data or power lines over fluorescent lights
Use three prong connections or adapters if using two-prong connections

Answer 239

A

HVAC system

Answer 240

A

Training employes how to react to a fire
supplying the right equipment
Ensuring equipment is in working order
Storing combustible elements in a proper manner

Answer 241

A

Red pull boxes
Smoke detectors

Answer 242

A

Fire suppression is the use of an agent to put out a fire.

Answer 243

A

Smoke activated
Heat activated

Answer 244

A

Smoke detectors should be located

above suspended ceilings
below raised floors
in air vents

Answer 245

A

CO2 is dangerous to life. It can remove Oxygen from the air and presents a risk to humans and other forms of life

Answer 246

A

Halon was banned by the Montreal protocol in 1992.

It’s replacement is FM-200 – similar to Halon, but does not damage the Ozone layer

Answer 247

A

Wet pipe – water is included in these at all times. If there is a leak, it will cause damage
Dry pipe – water is not held in the pipes, but in a holding tank
- If a heat or smoke detector is activated, water fills the pipe leading to the sprinkler heads
Preaction – similar to dry pipe, in that water is not held in the pipes
- Pressurized air in pipes holds back water supply
- A thermal-fusible link on the sprinkler head must melt to release the water
Deluge – sprinker heads are wide open to allow a large volume of water to flow very quickly. Not frequently used in data processing environments

Answer 248

A

The available key space for any given algorithm (or your choie of keys withtin it) will eventually “go stale” over time.

Answer 249

A

IoT devices

Answer 250

A

A nonce is like a salt. A nonce is a random number that acts as a placeholder variable in mathematical functions. When the function is executed, the nonce is replaced with a random number generated at run-time for one-time use.

It makes codes harder to break.

Answer 251

A

A zero knowledge proof enables you to prove your knowledge of a fact to a third party without revealing the fact itself to the third party.

Secret door: Peggy knows the password to a secret door in a circular cave. Victor wants to buy the password, but doesn’t want to pay until Peggy can prove that she knows the password.

Peggy doesn’t want to give the password for fear that Victor will not pay afterword.

Zero knowledge proof solves the dilemma. Victor stands at the main entrance. Peggy takes a left and opens the door and then victor sees her come back via the right entrace.

Answer 252

A

An M of N control system is frequently used in key escrow. It guarantees that no one person can perform the function.

In an M of N control system a Minimum number of M people out of N possible people must be involved to perform a function (i.e. recover a key).

In a 3 of 8 control system, at least 3 people must be involved out of 8 to recover a key.

Answer 253

A

Digital Signature Algorithm (DSA);
Rivest, Shamir, Adleman (RSA) algorithm;
Elliptic Curve DSA (ECDSA) algorithm.

Answer 254

A

Assurance

Answer 255

A

cryptographic key.

Answer 256

A

A preaction fire suppression system activates in two steps. The pipes fill with water once the early signs of a fire are detected. The system does not dispense water until heat sensors on the sprinkler heads trigger the second phase.

Answer 257

A

The Encapsulating Security Payload (ESP) protocol provides confidentiality and integrity for packet contents. It encrypts packet payloads and provides limited authentication and protection against replay attacks.

Answer 258

A

TEMPEST is a specification for techniques used to prevent spying using electromagnetic emissions and wouldn’t be used to stop attacks at any normal bank.

Answer 259

A

Business Owners

Answer 260

A

Clearing describes preparing media for reuse. When media is cleared, unclassified data is written over all addressable locations on the media. Once that’s completed, the media can be reused.
Erasing is the deletion of files or media.
Purging is a more intensive form of clearing for reuse in lower security areas, and
Sanitization is a series of processes that removes data from a system or media while ensuring that the data is unrecoverable by any means.

Answer 261

A

The U.S. government uses the labels:

Unclassified
Confidential for data that could cause damage if it was disclosed without authorization.
Secret data could cause serious damage.
Top Secret data is considered to potentially cause grave damage,

Classified is not a level in the U.S. government classification scheme

Answer 262

A

Spare sectors, bad sectors, and space provided for wear leveling on SSDs (overprovisioned space) may all contain data that was written to the space that will not be cleared when the drive is wiped.

Most wiping utilities only deal with currently addressable space on the drive.

SSDs cannot be degaussed, and wear leveling space cannot be reliably used to hide data. These spaces are still addressable by the drive, although they may not be seen by the operating system.

Answer 263

A

A watermark is used to digitally label data and can be used to indicate ownership.

Answer 264

A

Rogue access point: An access point intended to attract new connections by using an apparently legitimate SSID.

Evil twin: An attack that relies on an access point to spoof a legitimate access point’s SSID and MAC address.

Answer 265

A

The DMCA states that providers are not responsible for the transitory activities of their users. Transmission of information over a network would qualify for this exemption.

The other activities listed are all nontransitory actions that require remediation by the provider.

Answer 266

A

The three common threat modeling techniques are:

Focused on attackers (Social engineering is a subset of attackers)
Focused on software
Focused on assets.

Answer 267

A

The prudent man rule requires that senior executives take personal responsibility for ensuring the due care that ordinary, prudent individuals would exercise in the same situation. The rule originally applied to financial matters, but the Federal Sentencing Guidelines applied them to information security matters in 1991.

Answer 268

A

The U.S. Department of Commerce is responsible for implementing the EU-US Privacy Shield Agreement.

Answer 269

A

The Gramm-Leach-Bliley Act (GLBA)

Answer 270

A

The Federal Information Security Management Act (FISMA) specifically applies to government contractors. The Government Information Security Reform Act (GISRA) was the precursor to FISMA and expired in November 2002.

Answer 271

A

Spoofing
Tampering
Repudiation
Information disclosure
DoS
Elevation of Privilege

Answer 272

A

The Economic Espionage Act imposes fines and jail sentences on anyone found guilty of stealing trade secrets from a U.S. corporation. It gives true teeth to the intellectual property rights of trade secret owners.

Answer 273

A

For the test, YES

Answer 274

A

Between 40% and 60%

Answer 275

A

Serial number

Answer 276

A

Typing with the rhythm of Morse code

Answer 277

A

Lauren has implemented address space layout randomization, a memory protection methodology that randomizes memory locations, which prevents attackers from using known address spaces and contiguous memory regions to execute code via overflow or stack smashing attacks.

Answer 278

A

bcrypt is based on Blowfish. Bcrypt adds 128 additional bits as a salt to protect against rainbow table attacks

Answer 279

A

An Administrator assigns permissions based on the principles of least privilege and need to know.
A custodian protects the integrity and security of the data.
Owners have ultimate responsibility for the data and ensure that it is classified properly, and owners provide guidance to administrators on who can have access, but owners do not assign permissions.
Users simply access the data.

Answer 280

A

Nonrepudiation

Answer 281

A

One

16 divided by 3 equals 5, with a remainder value of 1.

Answer 282

A

Output feedback (OFB) mode prevents early errors from interfering with future encryption/decryption.

Cipher Block Chaining and Cipher Feedback modes will carry errors throughout the entire encryption/decryption process.

Electronic Code Book (ECB) operation is not suitable for large amounts of data.

Answer 283

A

is a one-way function.

Answer 284

A

The Advanced Encryption Standard uses a 128-bit block size, even though the Rijndael algorithm it is based on allows a variable block size.

Answer 285

A

The Twofish algorithm, developed by Bruce Schneier, uses prewhitening and postwhitening.

Answer 286

A

The El Gamal cryptosystem extends the functionality of the Diffie-Hellman key exchange protocol to support the encryption and decryption of messages.

Answer 287

A

4096 bits

The major disadvantage of the El Gamal cryptosystem is that it doubles the length of any message it encrypts. Therefore, a 2,048-bit plain-text message would yield a 4,096-bit ciphertext message when El Gamal is used for the encryption process.

Answer 288

A

160 bits

The elliptic curve cryptosystem requires significantly shorter keys to achieve encryption that would be the same strength as encryption achieved with the RSA encryption algorithm. A 1,024-bit RSA key is cryptographically equivalent to a 160-bit elliptic curve cryptosystem key.

Answer 289

A

160 bytes

The SHA-1 hashing algorithm always produces a 160-bit message digest, regardless of the size of the input message. In fact, this fixed-length output is a requirement of any secure hashing algorithm.

Answer 290

A

X.509 governs digital certificates and the public-key infrastructure (PKI). It defines the appropriate content for a digital certificate and the processes used by certificate authorities to generate and revoke certificates.

Answer 291

A

Pretty Good Privacy uses a “web of trust” system of digital signature verification. The encryption technology is based on the IDEA private key cryptosystem.

Answer 292

A

Certificate revocation lists (CRLs) introduce an inherent latency to the certificate expiration process due to the time lag between CRL distributions.

Answer 293

A

The simple property of Biba is no read down, but it implies that it is acceptable to read up.

Answer 294

A

Declassification

Declassification is the process of moving an object into a lower level of classification once it is determined that it no longer justifies being placed at a higher level. Only a trusted subject can perform declassification because this action is a violation of the verbiage of the star property of Bell-LaPadula, but not the spirit or intent, which is to prevent unauthorized disclosure.

Answer 295

A

Multitasking is processing more than one task at the same time. In most cases, multitasking is simulated by the operating system even when not supported by the processor.

Answer 296

A

Mobile device management (MDM)

Mobile device management (MDM) is a software solution to the challenging task of managing the myriad mobile devices that employees use to access company resources. The goals of MDM are to improve security, provide monitoring, enable remote management, and support troubleshooting. Not all mobile devices support removable storage, and even fewer support encrypted removable storage. Geotagging is used to mark photos and social network posts, not for BYOD management. Application whitelisting may be an element of BYOD management, but is only part of a full MDM solution.

Answer 297

A

In system high mode of operation, all users must have:

Signed NDA for ALL information on the system.
Proper clearance for ALL information on the system.
Formal access approval for ALL information on the system.
A valid need to know for SOME information on the system.
All users can access SOME data, based on their need to know.

Answer 298

A

In a dedicated system,

all users must have a valid security clearance for the highest level of information processed by the system,
they must have access approval for all information processed by the system, and
they must have a valid need to know of all information processed by the system.

Answer 299

A

The risk of a lost or stolen notebook is the data loss, not the loss of the system itself. Thus, keeping minimal sensitive data on the system is the only way to reduce the risk. Hard drive encryption, cable locks, and strong passwords, although good ideas, are preventive tools, not means of reducing risk.

Answer 300

A

Dynamic RAM chips are built from a large number of capacitors, each of which holds a single electrical charge. These capacitors must be continually refreshed by the CPU in order to retain their contents. The data stored in the chip is lost when power is removed.

Answer 301

A

Removable drives are easily taken out of their authorized physical location, and it is often not possible to apply operating system access controls to them. Therefore, encryption is often the only security measure short of physical security that can be afforded to them.

Answer 302

A

Physical security is the most important aspect of overall security. Without physical security, none of the other aspects of security are sufficient.

Answer 303

A

Lighting is the most common form of perimeter security device or mechanism. Your entire site should be clearly lit. This provides for easy identification of personnel and makes it easier to notice intrusions.

Answer 304

A

A capacitance motion detector senses changes in the electrical or magnetic field surrounding a monitored object.

Answer 305

A

There is no such thing as a preventive alarm. Alarms are always triggered in response to a detected intrusion or attack.

Answer 306

A

No matter what form of physical access control is used, a security guard or other monitoring system must be deployed to prevent abuse, masquerading, and piggybacking. Espionage cannot be prevented by physical access controls.

Answer 307

A

2

In the Fair Cryptosystem approach to key escrow, the secret keys used in communications are divided into two or more pieces, each of which is given to an independent third party.

Answer 308

A

Information flow

The information flow model applies state machines to the flow of information. The Bell-LaPadula model applies the information flow model to confidentiality while the Biba model applies it to integrity.

Answer 309

A

Mirai targeted “Internet of Things” devices, including routers, cameras, and DVRs. As organizations bring an increasing number of devices like these into their corporate networks, protecting both internal and external targets from insecure, infrequently updated, and often vulnerable IoT devices is increasing important.

Answer 310

A

Supervisory Control and Data Acquisition systems, or SCADA systems, provide a graphical interface to monitor industrial control systems (ICS). Joanna should ask about access to her organization’s SCADA systems.

Answer 311

A

This integrity model focuses on preventing interference in support of integrity.

Brainscape's Knowledge GenomeTM

Domain 3 -- Security Architecture and Engineering Flashcards

Brainscape's Knowledge Genome^TM