Chapter 6 - Security Architecture and Design

Question 1

A holistic Life Cycle for developing security architecture that begins with accessing business requirements and subsequently creating a “chain of traceability” through phases of strategy, concept, design, implementation and metrics is characteristic of which of the following frameworks?

A. Zachman

B. SABSA

C. ISO 27000

D. TOGAF

Answer 1

B. SABSA

Question 2

Which of the following component of ITIL’s Service Portfolio is primarily focused on translating designs into operational services through a project management standard?

A. Service Strategy

B. Service Design

C. Service Transition

D, Service Operations

Answer 2

C. Service Transition

Question 3

Which of the following can best be used to capture detailed security requirements?

A. Threat modeling, covert channels, and data classification

B. Data classification, risk assessments, and covert channels

C. Risk assessments, covert channels, and threat modeling

D. Threat modeling; data classification and risk assessments

Answer 3

D. Threat modeling; data classification and risk assessments

Question 4

Which of the following security standards is internationally recogonized as sthe standards for sound security practice and is focused on the standardization and certification of an organization’s information security management system (ISMS)

A. ISO 15408

B. ISO 27001

C. ISO 9001

D. ISO 9146

Answer 4

B. ISO 27001

Question 5

Which of the following describes the rules that need to be implemented to ensure that the security requirements are met?

A. Security Kernel

B. Security Policy

C. Security Model

D. Security Reference Monitor

Answer 5

B. Security Policy

Question 6

A two dimensional grouping of individual subjects into groups or roles and granting access to groups to objects is an example of which of the following types of models?

A. Multi-level lattice

B. State Machine

C. Non-interference

D. Matrix based

Answer 6

D. Matrix based

Question 7

Which of the following models ensures that a subject with clearance level of Secret has the ability to write only to objects classified as Secret or Top Secret but is prevented from writing information classified as Public?

A. Biba - Integrity

B. Clark-Wilson

C. Brewer-Nash

D. Bell-LaPadula

Answer 7

D. Bell-LaPadula

Question 8

Which of the following is unique to Biba Integrity Model?

A. Simple Property

B. *(star) property

C. Invocation Property

D. Strong * Property

Answer 8

C. Invocation Property

Question 9

Which of the following models is best considered in a shared data hosting environment so that they data of one customer is not disclosed to a competitor or other customers sharing that hosted environment?

A. Brewer Nash

B. Clark - Wilson

C. Bell-LaPadula

D. Lipner

Answer 9

A. Brewer Nash - Chinese Wall

Question 10

Which of the following security models is primarily concerned with how the subjects and objects are created and how subjects assigned rights and privileges?

A. Bell-LaPadula

B. Biba-Integrity

C. Chinese Wall

D. Graham Denning

Answer 10

D. Graham Denning

Question 11

Which of the following ISO standards provides the Evaluation Criteria that can be used to evaluate Security Requirments of different products with different functions?

A. ISO 15408

B. ISO 27000

C. ISO 9100

D. ISO 27002

Answer 11

A. ISO 15408

Question 12

In the common criteria the common set of functional and assurance requirements for a category of vendor producs deployed ina particular type of environment are known as:

A. Protection Profiles

B. Security Target

C. Trusted Computing Base

D. Ring Protection

Answer 12

A. Protection Profiles

Question 13

Which of the following evaluation assurance level that is formally verified, designed, and tested is expected for a high risk situation?

A. EAL1

B. EAL3

C. EAL5

D. EAL7

Answer 13

D. EAL7

Question 14

Formal acceptance of an evaluated system by management is known as:

A. Certification

B. Accreditation

C. Validation

D. Verification

Answer 14

B. Accreditation

Question 15

Which stage of the Capability Maturity Model (CMM) is characterized by having organizational processes that are proactive?

A. Initial

B. Managed

C. Defined

D. OPtimizing

Answer 15

C. Defined

Question 16

Which of the following best provides a method of quantifying risks associated with information technology when validating the abilities of new security controls and countermeasures to address the identified risks?

A. Threat/Risk Assessment

B. Penetration Testing

C. Vulenrability Assessment

D. Data Classification

Answer 16

A. Threat/Risk Assessment

Question 17

The use of proxies to protect more trusted assests from less sensitive ones is an example of which of the following types of security services?

A. Access Control

B. Boundary Control

C. Integrity

D. Audit and Monitoring

Answer 17

B. Boundary Control

Question 18

Which of the following is the main reason for security concerns in mobile computing devices?

A. The 3G protocol is inherently insecure

B. Lower Processing Power

C. Hackers are targeting mobile devices

D. The lack of anti-virus software

Answer 18

B. Lower Processing Power

Question 19

In decentralized environments device drivers that enable the OS to control and communicate with hardware need to be securely designed, developed and deployed because they are

A. typically installed by end users granted access to the supervisor state

B. typically installed by administrators and granted access to user mode state

C. typically installed by software without human interaction

D. integrated as part of the operating system

Answer 19

A. typically installed by end users granted access to the supervisor state

Question 20

A system administrator grants rights to a group of individuals called Accounting instead of granting rights to each individual. This is an example of whilch of the following security mechanisms?

A. Layering

B. Data hiding

C. Cryptographic protections

D. Abstraction

Answer 20

D. Abstraction

Question 21

4 Main components Processors, storage, peripherals, and the OS

Answer 21

CPU, motherboard and memory operate together -4 main tasks - fetching, decoding, executing and storing

Question 22

multitasking system

Answer 22

switches from one process to another to quickly speed up processing

Question 23

threads

Answer 23

series of instructions, multithreading is a process where the OS time slices the threads and gives one thread some time on the CPU and then switches to another thread

Question 24

primary storage

Answer 24

memory, cache or registers - high probablity of being requested by the CPU - RAM (Volatile) SDRAM CACHE (high speed RAM)

Question 25

secondary storage

Answer 25

holds data not being used by the CPU

Question 26

firmware

Answer 26

storage of programs or instructions in ROM (Non-volatile)

Question 27

system kernal

Answer 27

core of OS - provides access to system resources

Question 28

Enterprise Security Architecture

Answer 28

implements the building blocks of information security across the entire organization - long term strategy

Question 29

Boundary Control Services

Answer 29

how and whether information is allowed to flow from one set of systems to another, or from one state to another - firewalls, border routers, proxies. Intended to enforce security zones of control by isolating entry points

Question 30

Access Control Service

Answer 30

identification, authentication, authorization of subject entities

Question 31

Integrity services

Answer 31

antivirus, content filtering, file integrity, whitelisting, and intrustion prevention systems - automated checking to detect and correct corruption

Question 32

Cryptography Services

Answer 32

PKI - hashing and encryption, common services that can be deployed and reused by a variety of systems

Question 33

Audit and Monitoring Services

Answer 33

secure collection, storage, and analysis of audited events through centralized logging through intrustion detection systems

Question 34

Security Zones

Answer 34

used to group together entities with similar security requirments

Question 35

architecture frameworks

Answer 35

method for designing a target state as an integrated set of systems.

Question 36

Zachman

Answer 36

logical structure for identifying and organizing the models that are important in the management of enterprises

Question 37

Sherwood Applied Business Security Architecture (SABSA) Framework

Answer 37

holistic life cycle - creating chain of traceability through phases of strategy, concept, design, implementation and metrics

Question 38

The Open Group Architecture Framework (TOGAF)

Answer 38

Common set of terms, architecture development method, and architecture content framework and numerous reference models

Question 39

ITIL - IT Infrastructure Library

Answer 39

defines organizational structure and skill requirements, operational procedures and practices 5 main books

Question 40

Service Strategy

Answer 40

addresses new buisness needs by describing the range of services that are or will be deployed

Question 41

Service Design

Answer 41

focuses on creating the services described within service portfolio

Question 42

Service transition

Answer 42

translates designs into operational services through standard project management structure

Question 43

Continual Service Improvement

Answer 43

metrics used as key input

Question 44

State Machine Model

Answer 44

describes a system at a point in time - then describes the behavior as it moves between one state and another, from one moment to another. Role of time is very important

Question 45

Multilevel Lattice Models

Answer 45

strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers the are in. Hierarchial - lesser/greater privilieges - clearance of subject compared with classification of data

Question 46

Noninterference models

Answer 46

a type of multi level model that severly limits and higher-classified information from being shared with lower privileged subjects - also deals with covert channels - maintains activities at different security levels. Complete separation between security levels

Question 47

Matrix based models

Answer 47

focus on one to one relationships between subjects and objects - access control matrix - represent capabiliteis - may be put into roles

Question 48

Information Flow Models

Answer 48

how information is allowed or not allowed between individual objects - may identify covert channels, unintended information flow between compartments, used to determine if information is being properly protected throughout a given process.

Question 49

Bell-LaPadula Confidentiality Model

Answer 49

inspired by DoD - need to improve confidentiality, primary goal is to prevent diclosure as the model moves from one state to another. Subjects active, objects passive. Subjects assigned clearance levels for modes of access (Read, Write) to use with objects assigned a classification level. Use labels with set of rules. Simple security property subject can read but not right. Can read at their level or below but can’t read higher. * Property - To prevent disclosure subjects could write at their level or higher but cant write lower. The strong star property - restricted read/write to their level only.

Question 50

Biba Integrity Model

Answer 50

lattice based model with multiple levels. Same modes of access and interactions with subjects and objects. An itegrity model. Information maintained by preventing corruption. Simple Integrity property - can’t read from less accurate objects but can read from objects that are more accurate. * property - Subjects can not write to objects that are more accurate, but can write down Invocation property - getting a more priviliged subject to work on their behalf - this must be prevented or corruption could occur

Question 51

Clark Wilson Integrity model

Answer 51

Integirty at transaction level in a commercial environment. Prevent unauthorized, undesireable changes and behave consistently. constant mediation between every subject and every object for integrity to be maintained. Subject does not have direct access to the object - done through a program following a set of rules. Prevent undesireable changes by atuthorized subjects -separation of duties. Well-formed transactions - set of steps within any transaction would need to be carefully designed and enforced.

Question 52

Lipner model

Answer 52

combines Bell-LaPadula and Biba with the idea of job functions for both confidentiality and integrity. First to separate objects into data and programs

Question 53

Brewer-Nash (Chinese Wall) Model

Answer 53

focus on preventing conflict of interest when subject has access to objects with sensitive information associated with two competing parties. can not access confidential information for a client organization and one or more of its competitors - can’t get to one side of wall once on the other side

Question 54

Graham-Dennin Model

Answer 54

concerned how subjects and objects are created, assigned privilieges and how ownership is managed. Subjects - process and domain

Question 55

Harrison-Ruzzo

Answer 55

generic rights and a finite set of commands

Question 56

A formal security model

Answer 56

describes and verifies the ability to enforce security policy in mathematical or measurable terms

Question 57

3 Evaluation Criteria

Answer 57

TCSEC, ITSEC, Common Criteria

Question 58

Certification

Answer 58

System tested to see whether it meets documented requirements

Question 59

Accreditation

Answer 59

Management evaluates the capacity of the system and decides whether they will formally accept the evaluated system

Question 60

TCSEC - Trusted Computer System Evaluation Criteria

Answer 60

Orange Book 1983 DoD - Used to evaluate, classify, and select computer systems being considered for the processing, storage and retrieval of sensitive or classified information. Focused on confidentiality.

Trusted Computing Base (TCB) - are the fundamental controls implemented in a given system

C Level to B Level moves from DAC to MAC

Question 61

A - Verified Protection

Answer 61

A1 - verified Design - Highest Trust

Question 62

B - Mandatory Protection

Answer 62

B3 Security Domains; satisfy reference monitor, exclude non-essential code; minimize complexity; Security Administrator, Audits all, Automated IDS, Trusted Sytem Recovery, Covert timing

B2 Structurted Protection; configuration managment, DAC & MAC over all, clear security policy, covert storage, objects structured, more testing, hardened authentication, separate operator and administrator

B1 Labeled Security Protection - MAC over some, informal security policy, data sensitivity labels, flaws must be removed or mitigated

Question 63

C - Discretionary

Answer 63

C2 Controlled Access - improved DAC login process and audit trails

C1 Discretionary Security - DAC

Question 64

D - Minimal

Answer 64

Lowest

Question 65

ITSEC - information technology security evaluation

Answer 65

provides functional and assurance levels - integrity and availability; E Levels, targets of evaluation, higher E levels provide customers with higher degree of assurance

Question 66

Common Criteria - CC - ISO/IEC 15408

Answer 66

Supercede all other criteria, standardizes general approach to product evaluation

Protection Profiles - function and assurance requirements for a category of vendor products in a particular environment

EAL Levels - Common Evaluation Methodology

EAL1 - Functionally Tested

EAL2 - Structurally Tested

EAL3 - Methodically Tested and Checked

EAL4 - Methodically Designed, Tested and Reviewed

EAL5 - Semi-Formal Designed and Tested

EAL6 - Semi-Formal Verified Design and Tested

EAL7 - Formal Verified Design and Tested

Question 67

ISO 2700:2005

Answer 67

Standardization and Certification of an organization’s information security management system (ISMS)

Five key areas:

1. General Requirements of the ISMS
2. Management Responsibility
3. Internal ISMS Audits
4. Management Review of the ISMS
5. ISMS Improvement

Question 68

ISO 27002

Answer 68

Code of Practice for Information Security Management which lists security control objectivevs and recommends a range of specific security controls according to industry best practice - more of a guideline

11 focus areas:

1. Security Policy 2. Organization and information Security 3. Asset Management 4. Human Resources Security 5. Physical and Environmental Security 6. COmmunications and Operations Management 7. Access Control 8. Information System Acquisition, Development and Maintenance 9. Information Secuirty Incident Management 10. Business Contuity Mnagement 11. Compliance

Question 69

Control Objects for Information and Related Technology

Answer 69

Framework for IT Management - set of generally accepted processes to assist in maximizing the benefits derived using info technology and developing appropriated IT governance

Question 70

Payment Card Industry Data Security Standard (PCI-DSS)

Answer 70

Specifications to ensure safe processing, storing and transmission of the card holder’s information

Question 71

Complete Mediation

Answer 71

When no subject can gain access to any object without authorization

Question 72

Processor

Answer 72

Supervisor state (Kernel mode) - operating at highest priviliege - allowed to access any system resources

Question 73

Layering

Answer 73

Organization of programming into separate functional components that interact in some sequential and hierarchial way.

Question 74

Ring Protection

Answer 74

inner ring - lowest number, most priviliege (OS Kernel)

Outer ring - highest number, lowest privilege - end user application

Question 75

Tempest

Answer 75

set of standards designed to shield buildings and equipment to protect them against eavesdropping and passive emanations gathering attempts

Question 76

State attack - ‘Race conditions’

Answer 76

atempt to take advantage of how a system handles multiple requests

Question 77

Covert Channels

Answer 77

mechanism hidden from access controls - use irregular methods of communication such as free space or timing to transmit information

Storage - communicate via a stored object

Timing - modify timing of events relative to each other

Eliminate thru design

Question 78

XML

Answer 78

Extensible Markup Language - structuring data in a text file

Question 79

SAML

Answer 79

Security Assertion Markup Language - exchange authentication and authorization information

Question 80

OWASP

Answer 80

OPen Web Application Security Project - focus on improving securiy of software