Domain 3

Question 1

Characteristics of Biba Model

Answer 1

All about Integrity
Write down, read up
STAR Integrity
Simple Integrity Property
Invocation Property

Question 2

Characteristics of Bell Lapadula Model

Answer 2

All about Confidentiality
Write up, read down
Star Property
Simple Property
Strong STAR

Question 3

Types of Fire Extinguishers

Answer 3

Class
A. Common Combustible
B. Liquid
C. Electrical
D. Metal

Question 4

What is the State Machine Security Model

Answer 4

Based on Finite State Machine
Map out the finite possible operational outcomes
verify that all

Question 5

Common Security Models

Answer 5

MATRIX - (Access Control)
Bell - Lapadula (Confidential control)
Biba (Integrity Control)
Information Flow Model
Clark Wilson (Integrity Model)
Multi Level Lattice

Question 6

Information Flow Model

Answer 6

Extends The State Machine Model
Finite State Machine; you specify well defined paths for information to flow on those paths
Uses lots of reference monitors

Question 7

Non-Interference Model

Answer 7

Make sure objects and subjects are not affected on the level you’re at

Mandates that there is a hierarchy of levels

Question 8

MATRIX Model

Answer 8

Provides Access rights

Matrix to match users to privileges

Question 9

Clark Wilson Model

Answer 9

Integrity Model
Invented “Triple Security” which is now know as reference modeling
Very Commercial
Dictates
-Separation of Duties
- subjects access DTA through arbiter app
- Heavy Auditing Requiring

Question 10

Brewer Nash (Chinese Wall)

Answer 10

Stopping conflicts of internet problems

poster child of where BN should have been used in Arthur Anderson in Houston

Question 11

Graham Denning

Answer 11

Integrity and Confidentiality

Assigns

Question 12

Cloud Types

Answer 12

Public (AWS or AZURE)
Private (Data Center)
Community (Group of students sharing a space)
Hybrid (Hosting your website to public on private cloud

Question 13

Deployment Models

Answer 13

IaaS (provide your own software)
PaaS (cloud provider uses software and your software)
SaaS ( All software is Cloud providers)

Question 14

Traits of Cloud

Answer 14

Rapid Elasticity
On Demand Self Service
Metered Service
Broad Network Access
Resource Pooling

Question 15

Cloud Security Issues

Answer 15

Lose controls over security implementation
All security actions must be documented and put in contract BEFORE signing
Who is cloud provider, need to trusted
Limited authentication capabilities
Lack of Access to logs

Question 16

Cryptography Goals

Answer 16

P.A.I.N.

Privacy (confidentiality)
Authentication
Integrity
Non-repudiation

Question 17

Types of Security Models

Answer 17

State Machine Models
Multi Lattice Models
Matrix Models
noninterference Models
Information Flow Models
Confinement
Data in Use

Question 18

List the 7 EAL levels

Common Criteria Assurance Level

Answer 18

EAL 1 Functionally tested
EAL 2 Structurally tested
EAL 3 Methodically tested and checked
EAL 4 Methodically designed, tested and reviewed
EAL 5 Semi-formally designed and tested
EAL 6 Semi-formally verified design and tested
EAL 7 Formally verified design and tested

Question 19

Define Certification

Answer 19

evaluation of security and technical/non-technical features meet requirement (verify it does what it says it does)

Question 20

Define Accreditation

Answer 20

Declare that an IT system is approved to operate in predefined conditions (verify it is right for out system, network)

Question 21

Use of Cryptography

Answer 21

Confidentiality
Integrity
Proof of Origin
Non-repudiation
Protect Data at Rest
Protect Data in Motion

Question 22

What is the Orange Book

Answer 22

Collection of criteria based on the Bell-Lapadula Model used to grade or rate the security offered by a computer system product.

Question 23

Trusted Computer System Evaluation (TCSEC)

Answer 23

Evaluates OS, application and system.

Question 24

What is Green Book

Answer 24

Password Management

Question 25

What is Red Book

Answer 25

Similar to Orange book, but addresses network Security

Question 26

Chain of Custody

Answer 26

Important to Maintain to prove integrity of evidence to be admissible in court

Question 27

Interview Notes (Evidence collection)

Answer 27

Discoverable Evidence | State Only Facts, No opinions

Question 28

Core competencies of Forensics

Answer 28

Media Analysis Network Analysis Software Analysis Embedded Devices

Question 29

Criminal Court Types of Verdicts

Answer 29

Guilty or Not Guilty Beyond a reasonable Doubt

Question 30

Civil Court Types of Verdicts

Answer 30

Liable or NOT liable Preponderance of the evidence (There can be some doubt, however, the evidence leans a certain direction)

Question 31

Do you call immediately call law enforcement when a crime has happened

Answer 31

Follow what Policy and Senior Management dictate

Question 32

Symmetric Algorithms

Answer 32

``` DES - (Broken) 3DES AES Skip Jack Blowfish Twofish RC4 IDEA CAST ```

Question 33

Asymmetric Algothrims

Answer 33

Diffie-Hellman RSA Elgamal (terrible, subject to cipher text attack) Elliptical

Question 34

Parole Evidence Rule

Answer 34

Whatever is in written agreement is what will win in court. Cant have a written contract, then a verbal agreement later

Question 35

Two Kinds of Failure Modes

Answer 35

Physical Security Failure Mode | Logical Security Failure Mode

Question 36

Logical Failure Modes

Answer 36

Fail Open - Availability is main concern Fail Closed - Main concern is confidentiality and/or Integrity Fail Secure - "Fail into a consistent state" fails to desired state Fail Soft - "fail in to a diminished operating capacity"; essentially Hibernate mode Fail Safe - "When I fail, I take nothing else with me"

Question 37

Physical Failure Modes

Answer 37

Fail Secure - Locks Doors both ways (no in or out) Fail Safe - Locks Doors one way (get out but not in) Fail Open - Does not lock (can get in and out)

Question 38

Physical Failure Modes

Answer 38

Fail Secure - Locks Doors both ways (no in or out) Fail Safe - Locks Doors one way (get out but not in) Fail Open - Does not lock (can get in and out)

Question 39

Incident Response Steps

Answer 39

``` 1. Triage Detect Assess Communicate *React 2. Corrective/Investigation Containment Eradication Root Cause Analysis 3. Recovery Getting back to pre incident production 4. Lessons Learned Ask 3 questions Could we have responded better? Could we have prevented this incident completely Are we sure it was the root cause? ```

Question 40

Disaster Recovery Plan Testing Plans

Answer 40

1. Desk Check 2. Tabletop Exercise 3. Structured Walkthrough 4. Parallel 5. Full scale

Question 41

When is disaster considered over

Answer 41

Disaster is officially over when business is back at 100 percent operational to whatever designated site is to be used

Question 42

Disaster recovery attributes

Answer 42

Recover Most critical First | Moving to hot site/temp location

Question 43

Disaster restoration attributes

Answer 43

Recover least critical first | Moving from hot site/temp location back or to new permanent location

Question 44

Types of Communications Plans

Answer 44

Hazard Communications plan | Personnel Communications plan

Question 45

Crime Prevention through environmental Design (CPTED)

Answer 45

The ability to create land scaping that will identify boundaries, slow,

Question 46

4 foot fence keeps out how many intruders

Answer 46

Casual intruders

Question 47

6 foot fence keeps out what intruder

Answer 47

Most Intruders

Question 48

8 foot fence keeps out what intruders

Answer 48

Determined Intruders

Question 49

If a gate is in front of a residence, not matter the type

Answer 49

is considered a residential gate

Question 50

Types of Commercial Gates

Answer 50

``` residential Gate (in front of homes) Vehicle Gate (controls flow of vehicles) Industrial Gate (controls flow of people) Penitentiary Gate (chain link man trap) ```

Question 51

Type of Security Lights

Answer 51

``` Sodium Light (yellow Hue) This is the best because it works in foggy environment ```

Question 52

Window Security Best Practices

Answer 52

``` Steel Frames Not near doors first floor place landscaping in front to deter or prevent access Tempered glass laminate/wired mesh for tempered glass ```

Question 53

How to Detect broken Windows

Answer 53

Capacitance (Low voltage around window. when broken circuit breaks) Volume Metric Acoustical

Question 54

Five classes of fire

Answer 54

Class A. Paper, wood, conventional (ASH) Class B. Flammable Liquids (Beverage) (don't spray water on this) Class C. Electrical Fire (turn off power) (Circuit) Class D. Metals (Dent metal) Class E.

Question 55

Fire needs

Answer 55

Oxygen Fuel Heat

Question 56

What does Fire Suppression try to stop or restrict during fire

Answer 56

Oxygen Fuel Heat

Question 57

Types of Sprinkler System for fire suppression

Answer 57

Wet Pipe Deluge (flooding) Dry Pipe (Pressurized Air) Halon (removes oxygen, dangerous for humans) ARO-K ( FM200 ARGON ( Replace oxygen, suppresses fire, safe for humans)

Question 58

Recommended Fire suppression systems in server environments

Answer 58

ARO-K ( FM200 ( ARGON (Replace oxygen, suppresses fire, safe for humans)

Question 59

Types of alternative Sites

Answer 59

Cold Site (Location with no equipment, but have an alternate place available) Warm Site (Various level of backup in between cold and hot site some equipment readiness in alternate site) Hot Site (Equipment ready for use. Just restore latest backups and go, likely daily update) Mirroring (Equipment ready, backups sent and restored offsite immediately) Redundant Operations (most expensive as there are dual operations (least amount of down time or impact)

Question 60

Alternatives to Alternative Sites

Answer 60

Mobile Site (business work trailer) Reciprocal Agreements (Other company agrees to support and you support their company, bad idea, must rely on company) Outsourcing (get other company to work my business_ Cloud Hypervisor

Question 61

What impacts Electric Performance

Answer 61

Voltage | Amperage

Question 62

External Monitoring

Answer 62

Time domain reflectometry (TDR) - uses light to help detect intrusion. Coaxial Strain sensitive Cable (CSSC) - Uses electricity Microwave - emitter on one end, receiver on the other, if plane in broken by person, it will set it off. (can go through dry items, even concrete walls) Guard (human can react to new situations)

Question 63

What is external monitoring

Answer 63

Monitors intrusion and alerting people exactly where and how far away

Question 64

Volume Metric

Answer 64

sets sound in room, if somethin enter room, it changes the metric and sets alarm

Question 65

Motion Detector Technology

Answer 65

Volume Metric | Doppler Detection

Question 66

RAID Types

Answer 66

``` RAID0 Striping RAID1 Mirroring RAID3 Parity RAID4 Parity RAID5 Parity RAID 10 striping and Mirroring RAID 15 Parity and Mirroring ``` https://www.prepressure.com/library/technology/raid