Domain 3 - Security Architecture & Engineering Flashcards
A major strength of this Encryption type is communication between parties previously unknown to eachother
Public Key Encryption
Define PKI Hierarchy of Trust Relationships
Trust = Permits combining asymmetric + symmetric cryptography to create a hybrid cryptography
What is the difference between Asymmetric and Symmetric Encryption?
Asymmetric uses a key pair. One to encrypt/one to decrypt. It is also not identical on both sides.
Shared Secret is _______ encryption
Symmetric
When a sender uses a shared key to encrypt and the receiver uses the same key to decrypt, what kind of algorithm is this?
Symmetric
The resource a user or process wants to access
Object
The user or process that makes a request to access a resource
Subject
This Framework uses various levels of testing (EAL) and confirmation of a system’s security capabilities
Common Criteria
Developed to replace ITSEC
Common Criteria
More flexible than TCSEC
Common Criteria
The first attempt at establishing a single standard for evaluating security attributes of computer systems
ITSEC
Gov’t Book that Addresses security evaluation topics for Networks and Network Components
Red Book
True or False? The Red Book states that subjects accessing objects on the network need to be Controlled, Monitored, and Audited?
True
Software designers do this to restrict actions of a program. It allows a process to read from and write to only certain memory locations and resources.
Process Confinement
How could a program that writes to and reads from an area of memory that’s being used by another program violate the 3 tenets of security - CIA?
Confidentiality
• I.e, if the data that’s processing was sensitive or secret, it’s confidentiality is no longer guaranteed
Integrity
• I.e, if the data is overwritten or altered, there is no guarantee of integrity
Availability
• If the data modification results in corruption or loss, it could become unavailable for future use
Limits being set on Memory Addresses and Resources is a process known as setting b_______.
Bounds
Bounds, similar to boundaries, state the area within which a p______ is confined or contained.
Process
Describe the difference between Logical Bounds and Physical Bounds
Logical - Segment logical areas of memory
Physical - Require every bounded process to run an in area of memory that is physically separated from other bounded processes
When a process is confined through enforcing access bounds, that process runs in ________n.
Isolation
_____ _______ ensures that any behavior will affect only the memory and resources associated with the isolated process
Process Isolation
Process Isolation is not required for preemtive multitasking, True or False?
False - Process Isolation is required for pre emptive multitasking
A System that is Always secure no matter what state it is in
Security Models (Computer Architecture and Operating System Design)
State Machine Model
Define a ‘State’ as it relates to the State Machine Model
A snapshot of a system at a specific Moment in Time
Which Access Control uses Static Attributes of the Subject and Object
Access Controls - Access Rules
MAC
