Chapter 9: Security Architectures

Question 1

Threat modeling

Answer 1

process of describing probable adverse effects on our assets caused by specific threat sources

Question 2

attack tree

Answer 2

a graph showing how individual actions by attackers can be chained together to achieve their goals

Question 3

STRIDE

Answer 3

threat modeling framework developed by Microsoft that evaluates a system’s design using flow diagrams, system entities, and event related to a system

Question 4

Lockheed Martin Cyber Kill Chain

Answer 4

identifies seven stages of cyberattacks

Question 5

MITRE ATT&CK framework

Answer 5

a comprehensive matrix of tactics and techniques used to model cyberattacks

Question 6

Defense in depth

Answer 6

the coordinated use of multiple security controls in a layered approach

Question 7

Zero trust

Answer 7

a model in which every entity is considered hostile until proven otherwise, and even that trust is limited

Question 8

Trust but verify

Answer 8

the principle that, even when an entity and its behaviors are trusted, we should double-check both

Question 9

Shared responsbility

Answer 9

a service provider is responsible for certain security controls, while the customer is responsible for others

Question 10

Separation of duties

Answer 10

divides important functions among multiple individuals to ensure that one person has the ability to intentionally or accidentally cause serious losses to the organization

Question 11

Least privilege

Answer 11

people are granted exactly the access and authority they require to do their jobs

Question 12

need-to-know principle

Answer 12

similar to the least-privilege principle, based on the concept that individuals should be given access only to the information they absolutely require in order to perform their job duties

Question 13

“keep it simple” principle

Answer 13

check we are not adding unnecessary complexity

Question 14

principle of secure defaults

Answer 14

every system starts off in a state where security trumps user friendliness and functionality

Question 15

principle of failing securely

Answer 15

in the event of an error, systems designed to behave in a predictable and noncompromising manner

Question 16

principle of privacy by design

Answer 16

to ensure privacy of user data, incorporate data protection as an integral part of the design of a system; not as an afterthought or later-stage feature

Question 17

Bell-LaPadula model

Answer 17

enforces the confidentiality aspects of access control

Question 18

Biba model

Answer 18

security model addresses the integrity of data within a system but not concerned with security levels and confidentiality

Question 19

Brewer and Nash model

Answer 19

Chinese Wall model; subject can write to an object if, and only if, the subject cannot read another object that is in a different dataset

Question 20

TPM

Answer 20

Trusted Platform Module; carries out security functions: storage of cryptographic keys and digital certificates, symmetric and asymmetric encryption, and hashing

Question 21

HSM

Answer 21

hardware security module

Question 22

hardware security module

Answer 22

removable expansion card or external device to generate, store, and manage cryptographic keys to improve encryption/decryption performance of the system into it is installed

Question 23

SED

Answer 23

self-encrypting drive; provides FDE through cryptographic module integrated with the storage media into one package

Question 24

FDE

Answer 24

full disk encryption

Question 25

Data in SEDs encrypted using ... key cryptography

Answer 25

symmetric key

Question 26

Bus encryption systems

Answer 26

use TPMs to encrypt data and prior to being put on the internal bus, so they are also encrypted everywhere else except when data is being processed

Question 27

TEE

Answer 27

trusted execution environment

Question 28

trusted execution environment

Answer 28

secure enclave; software environment where special applications and resources (files) have undergone rigorous checks to ensure they are trustworthy and remain protected

Question 29

processor security extensions

Answer 29

instructions that provide additional security features in the CPU and can be used to support a TEE

Question 30

Atomic execution

Answer 30

controlling the manner in which sections of a program run so that they cannot be interrupted between the start and end of the section

Question 31

STRIDE

Answer 31

developed by Microsoft; suitable for application to logical and physical systems alike

Question 32

MITRE ATT&CK framework

Answer 32

maps cyberthreat actor tactics to the techniques used for them and the detailed procedures used by specific threat actors during cyberattacks

Question 33

Data is encrypted in a self-encrypting drive system on

Answer 33

only on the disk drive; not in memory or on the bus

Question 34

Data is encrypted in a bus encryption system on ...

Answer 34

everywhere except the cryptoprocessor where it is decrypted: on the disk drive, in memory, on the bus

Question 35

TPM vs HSM

Answer 35

TPM permanently mounted on the motherboard and used for hardware-based assurance and key storage; HSM removable or external and used for both hardware accelerated cryptography and key storage

Question 36

TPMs required features

Answer 36

storage of cryptographic keys and digital certificates, symmetric and asymmetric encryption, and hashing

Question 37

changing a password on a self-encrypting drive does ...

Answer 37

the existing secret key is retained but is encrypted with the new password; encrypted data on the disk remains unaltered

Question 38

Processor security extensions

Answer 38

enable developers to encrypt memory associated with a process; instructions for security features in CPU to support a TEE