Domain 3 - Security Engineering Flashcards Preview

CISSP > Domain 3 - Security Engineering > Flashcards

Flashcards in Domain 3 - Security Engineering Deck (177):
1

What is the simultaneous execution of more than one
application on a computer and is managed by the operating system.

Multitasking

2

This permits multiple concurrent tasks to be performed within a single process.

Multithreading

3

The use of more than one processor to increase computing power.

Multiprocessing

4

Similar to multitasking but takes place on mainframe systems and requires specific programming.

Multiprogramming

5

Processors that are capable of operating at only one security level at a time,

Single state processors

6

Processors that can simultaneously operate at multiple security levels.

Multistate processors

7

What are the four security modes approved by the federal government for processing classified information.

Dedicated systems - require that all users have appropriate clearance, access permissions, and need to know for all information stored on the system.
System high mode - removes the need-to-know requirement.
Compartmented mode - removes the need-to-know requirement and the access permission requirement. Multilevel mode - removes all three requirements.

8

The two layered operating modes used by most modern processors.

User mode and Privileged mode

9

User applications operate in a limited instruction set environment

User mode

10

The operating system performs controlled operations

Privileged mode

11

Nonvolatile memory that can't be written to by the end user or PC

Read only memory (ROM)

12

Similar to a ROM chip in functionality, but with one exception; special functionality
that allows an end user to burn in the chip’s contents later. However once it is burned in no further changes are possible

Programmable Read-Only Memory (PROM)

13

Memory chips that may be erased through the use of ultraviolet light and then can have new data written to
them.

Erasable Programmable Read-Only Memory (EPROM)

14

Memory chips may be erased with electrical current and then have new data written to them.

Electronically Erasable Programmable Read-Only Memory (EEPROM)

15

Memory chips that are volatile and lose their contents when the computer is powered off.

Random Access Memory (RAM)

16

A limited amount of memory that is included in the CPU that provide it with directly accessible memory locations that the brain of the CPU, the arithmeticlogical unit (ALU), uses when performing calculations or processing instructions.

Registers

17

At the computer level, it contains the basic instructions needed to start a computer. It is also used to provide operating instructions in peripheral devices such as printers.

Firmware

18

This ensures that individual processes can access only
their own data.

Process isolation

19

This creates different realms of security within a process and limits
communication between them.

Layering

20

This creates “black-box” interfaces for programmers to use without requiring knowledge of an algorithm’s or device’s inner workings.

Abstraction

21

This prevents data from being discovered or accessed by a subject by positioning it in a location that is not seen by the subject.

Data hiding

22

Enforces process isolation with physical controls.

Hardware segmentation

23

The role of a _____ ______ is to inform and guide the design, development, implementation, testing, and maintenance of some particular system.

Security Policy

24

The popular term referring to a concept of computing where processing and storage are performed elsewhere over a network connection rather than locally. It is often thought of as Internet-based computing.

Cloud computing

25

Typically designed around a limited set of specific functions in relation to the larger product of which it’s a component.

Embedded System

26

Applications, OSs, hardware sets, or networks that are confi gured for a specifi c need, capability, or function, and then set to remain unaltered.

Static environments

27

Ensures that only a minimum number of processes are authorized to run in supervisory mode.

Principle of lease privilege

28

Any method that is used to pass information but that is not normally used for information.

Covert Channels

29

This occurs when the programmer fails to check the size of input data prior to writing the data into a specific memory location.

Buffer Overflow

30

Checking data before it is saved to a database

Input checking

31

An engineering discipline concerned with the design and construction of computing systems at a logical level.

Computer architecture

32

From a security standpoint, _____ _____ organize code and components in an operating system (as well as applications, utilities, or other code that runs under the operating system’s control) into concentric rings. The deeper inside the circle you go, the higher the privilege level associated with the code that occupies a specific ring.

Protection rings

33

This is not a memory addressing scheme perse but rather a way of referring to data that is supplied to the CPU as part of an instruction.

Immediate addressing

34

In this memory addressing scheme, the CPU is provided with an actual address of the memory location to access.

Direct addressing

35

In this scheme the memory address supplied to the CPU as part of the instruction doesn’t contain the actual value that the CPU is to use as an operand. Instead, the memory address contains another memory address

Indirect addressing

36

This contains the operating system–independent primitive instructions that a computer needs to start up and load the operating system from disk.

BIOS

37

Database attack where attacker collects details at lower level to determine information at a higher level.

Aggregation

38

Combining several pieces of nonsensitive information to gain access to information that should be classified at a higher level. Requires some level of deduction.

Inference

39

Facility construction and selection, site management, personnel controls, awareness training, and emergency response and procedures are all examples of what?

Administrative Physical security controls

40

Access controls, intrusion detection, alarms, CCTV, monitoring, HVAC, power supplies, and fire detection and suppression are all examples of what?

Technical physical security controls

41

Fencing, lighting, locks, construction materials, mantraps, dogs, and guards are all examples of what?

Physical controls for physical security

42

What are the key elements in making a site selection?

Visibility, composition of the surrounding area, area accessibility, and the effects of natural disasters.

43

What is the key element in designing a facility for construction?

Understanding the level of security needed by your
organization and planning for it before construction begins.

44

Name the three categories of security controls implemented to manage physical security

administrative, technical, and physical

45

Using someone else’s security ID to gain entry to a facility

Masquerading

46

Following someone through a secured gate or doorway without being identified or authorized personally.

Piggybacking

47

Ideal temperature for a computer room

60 to 75 degrees Fahrenheit

48

Ideal Humidity for a computer room

between 40 and 60 percent

49

A systematic effort to identify relationships between mission-critical applications, processes, and operations and all the necessary supporting elements.

Critical path analysis

50

The tendency for various technologies, solutions, utilities, and systems to evolve and merge over time.

Technology convergence

51

This clearly defines the response time a vendor will provide in the event of an equipment failure emergency.

service-level agreement (SLA)

52

The expected typical functional lifetime of the device given a specific operating environment.

mean time to failure (MTTF)

53

The average length of time required to perform a repair on the device.

mean time to repair (MTTR)

54

A box, mobile room, or entire building designed with an
external metal skin, often a wire mesh that fully surrounds an area on all sides (in other words, front, back, left, right, top, and bottom).

Faraday cage

55

A momentary loss of power

Fault

56

A complete loss of power

Blackout

57

Momentary low voltage

Sag

58

Prolonged low voltage

Brownout

59

Momentary high voltage

Spike

60

Prolonged high voltage

Surge

61

An initial surge of power usually associated with connecting to a power source, whether primary or alternate/secondary

Inrush

62

A steady interfering power disturbance or fluctuation

Noise

63

A short duration of line noise disturbance

Transient

64

Nonfluctuating pure power

Clean

65

The wire in an electrical circuit that is grounded

Ground

66

Class A fire extinguishers can be used on what? And what is the suppression material used?

Common combustibles; Water, soda acid (a dry powder
or liquid chemical)

67

Class B fire extinguishers can be used on what? And what is the suppression material used?

Liquids; CO2 , halon (or EPA approved halon substitue), soda acid

68

Class C fire extinguishers can be used on what? And what is the suppression material used?

Electrical; CO2 , halon (or EPA approved halon substitue)

69

Class D fire extinguishers can be used on what? And what is the suppression material used?

Metal; Dry powder

70

This suppression system is always full of water. Water
discharges immediately when suppression is triggered.

Wet Pipe System

71

This suppression system contains compressed air. Once suppression is triggered, the air escapes, opening a water valve that in turn causes the pipes to fill and discharge water into the environment.

dry pipe system

72

This suppression system is another form of dry pipe system that uses larger pipes and therefore delivers a significantly larger volume of water. They are inappropriate for environments that contain electronics and computers.

Deluge system

73

This suppression system is a combination dry pipe/wet pipe system. The system exists as a dry pipe until the initial stages of a fire (smoke, heat, and so on) are detected, and then the pipes are filled with water. The water is released only after the sprinkler head activation triggers are melted by sufficient heat. If the fire is quenched before sprinklers are triggered, pipes can be manually emptied and reset. This also allows manual intervention to stop the release of water before sprinkler triggering occurs.

Preaction system

74

The art of creating and implementing secret codes and ciphers.

Cryptography

75

The study of methods to defeat codes and ciphers.

Cryptanalysis

76

Specific implementations of a code or cipher in hardware and Software.

Cryptosystems

77

What are the main goals of cryptography?

confidentiality, integrity, authentication, and nonrepudiation

78

Cryptosystems that use a shared secret key available to all users of the cryptosystem.

Symmetric Key Systems

79

Cryptosystems that use individual combinations of public and private keys for each user of the system.

Asymmetric Cryptosystems

80

Cryptographic systems of symbols that represent words or phrases and are sometimes secret but don’t always provide confidentiality.

Codes

81

These use a variety of techniques to alter and/or rearrange the characters or bits of a message to achieve confidentiality. They are always meant to hide the true meaning of a message.

Ciphers

82

Ciphers that use an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message.

Transposition Ciphers

83

Ciphers that use the encryption algorithm to replace each character or bit of the plaintext message with a different character.

Substitution ciphers

84

In this cipher, the encryption key is as long as the message itself and is often chosen from a common book.

Running Key Ciphers

85

These ciphers operate on “chunks,” or blocks, of a message and apply the encryption algorithm to an entire message block at the same time.

Block ciphers

86

These ciphers operate on one character or bit of a message (or data stream) at a time.

Stream ciphers

87

An extremely powerful type of substitution cipher. It uses a different substitution alphabet for each letter of the plaintext message.

One-time pad

88

This occurs when the relationship between the plain text and the key is so complicated that an attacker can’t merely continue altering the plain text and analyzing the resulting ciphertext to determine the key.

Confusion

89

This occurs when a change in the plain text results in multiple changes spread throughout the ciphertext.

Diffusion

90

Mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.

One-way Function

91

Boolean representation of AND operation

^

92

Boolean representation of OR operation

˅

93

Boolean representation of NOT operation

~

94

Boolean representation of Exclusive OR operation. Most commonly used in cryptographic applications.

© (Looks similar to this symbol)

95

Returns a true value when only one of the input values is true. If both values are false or both values are true, the output is false.

XOR (Exclusive OR)

96

A random number that acts as a placeholder variable in mathematical functions. When the function is executed, it is replaced with a random number generated at the moment of processing for one-time use. It must be a unique number each time it is used.

Nonce

97

A random bit string that is the same length as the block size and is XORed with the message. They are used to create unique ciphertext every time the same message is encrypted using the same key.

Initialization Vector (IV)

98

Prove your knowledge of a fact to a third party without revealing the fact itself to that third party. This is often done with passwords and other secret authenticators.

Zero-Knowledge Proof

99

The information or privilege required to perform an operation is divided among multiple users. This ensures that no single person has sufficient privileges to compromise the security of the environment.

Split Knowledge

100

A way to measure the strength of a cryptography system by measuring the effort in terms of cost and/or time to decrypt messages. The security and protection offered by a cryptosystem is directly proportional to this value.

Work Function or work Factor

101

DES Operational Modes

• Electronic Codebook (ECB) – Least secure
• Cipher Block Chaining (CBC)
• Cipher Feedback (CFB) -
• Output Feedback (OFB) –

102

Uses three iterations of DES with 2 or 3 different keys to increase the effective key strength to 112 or 168.

3DES (Triple DES)

103

The US government standard for the secure exchange of sensitive but unclassifi ed data. It uses the Rijndael algorithm.

AES

104

This system relies on pairs of keys assigned to each user of the cryptosystem. Every user maintains both a public key and a private key.

Public Key Cryptosystems

105

The most famous public key cryptosystem; it was developed by Rivest, Shamir, and Adleman in 1977. It depends on the difficulty of factoring the product of prime numbers.

RSA

106

An extension of the Diffie-Hellman key exchange algorithm that depends on modular arithmetic.

El Gamal

107

Algorithm depends on the elliptic curve discrete logarithm problem and provides more security than other algorithms when both are used with keys of the same length. Often used when hardware resources are low.

Elliptical Curve

108

They take a potentially long message and generate a unique output value derived from the content of the message. This value is commonly referred to as the message digest.

Hash Functions

109

This and its successors are government standard hash functions developed by the National Institute of Standards and Technology (NIST) and are specified in an official government publication.

SHA

110

Hashing algorithm that takes an input of virtually any length and produces a 160-bit message digest. The SHA-1 algorithm processes a message in 512-bit blocks. Therefore, if the message length is not a multiple of 512, the SHA algorithm pads the message with additional data until the length reaches the next highest multiple of 512.

SHA-1

111

Latest version of government standard hash functions. It supports variable length, ranging up to 512 bits.

SHA-2

112

A hash algorithm was developed by Ronald Rivest in 1989. It was later proved that it is not a one-way function. Therefore it should no longer be used.

MD2

113

Enhanced version of MD2 hashing algorithm. It processes 512-bit blocks of the message in three rounds of computation. The final output is a 128-bit message digest.

MD4

114

Latest version of MD2 algorithm. It uses four distinct rounds of computation to produce a digest of the same length as the MD2 and MD4 algorithms.

MD5

115

These are added to passwords before hashing them to reduce the effectiveness of rainbow table attacks.

Cyrptographic Salts

116

These have two distinct goals: assure the recipient that the message truly came from the claimed sender and assure the recipient that the message was not altered while in transit between the sender and recipient.

Digital Signatures

117

First use a hashing function to generate a message digest. Then encrypt the digest with your private key. To verify the digital signature on a message, decrypt the signature with the sender’s public key and then compare the message digest to one you generate yourself. If they match, the message is authentic.

Digital Signatures Implementation

118

uses the SHA-1 and SHA-2 message digest functions along with the one of three encryption algorithms: the Digital Signature Algorithm (DSA); the Rivest, Shamir, Adleman (RSA) algorithm; or the Elliptic Curve DSA (ECDSA) algorithm.

Digital Signature Standard (DSS)

119

Certificate Authorities (CAs) generate digital certificates containing the public keys of system users. Users then distribute these certificates to people with whom they want to communicate. Certificate recipients verify a certificate using the CA’s public key.

Public Key Infrastructure (PKI)

120

These are the glue that binds the public key infrastructure together. These neutral organizations offer notarization services for digital certificates.

Certificate authorities (CAs)

121

These are maintained by the various certificate authorities and contain the serial numbers of certificates that have been issued by a CA and have been revoked along with the date and time the revocation went into effect.

Certificate revocation lists (CRLs)

122

This protocol eliminates the latency inherent in the use of certificate revocation lists by providing a means for real-time certificate verification.

Online Certificate Status Protocol (OCSP)

123

A protocol that has emerged as a de facto standard for encrypted email. It relies on the use of X.509 certificates for exchanging cryptographic keys. The public keys contained in these certificates are used for digital signatures and for the exchange of symmetric keys used for longer communications sessions.

S/MIME

124

Secure email system developed by Phil Zimmerman.

Pretty Good Privacy (PGP)

125

Based on SSL technology. It provides secure communications on the Internet.

TLS

126

Developed by Netscape to provide client/server encryption for web traffic. It relies on the exchange of server digital certificates to negotiate encryption/decryption parameters between the browser and the web server. Its goal is to create secure communications channels that remain open for an entire web browsing session.

SSL

127

A security architecture framework that supports secure communication over IP. It establishes a secure channel in either transport mode or tunnel mode. It can be used to establish direct communication between computers or to set up a VPN between networks. It uses two protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP).

IPsec

128

Provides assurances of message integrity and nonrepudiation. It also provides authentication and access control and prevents replay attacks. Part of IPSec

Authentication Header

129

Provides confidentiality and integrity of packet contents. It provides encryption and limited authentication and prevents replay attacks. Part of IPSec

Encapsulating Security Payload

130

In IPSec only packet contents are encrypted for peer-to-peer communication

Transport Mode

131

In IPSec the entire packet, including header information, is encrypted for gateway-to-gateway communications

Tunnel Mode

132

an attack that attempts every possible valid combination for a key or password. They involve using massive amounts of processing power to methodically guess the key used to secure cryptographic communications.

Brute-force attacks

133

The attacker has a copy of the encrypted message along with the plaintext message used to generate the ciphertext (the copy). This knowledge greatly assists the attacker in breaking weaker codes.

Known Plaintext attacks

134

the attacker has the ability to encrypt plaintext messages of their choosing and can then analyze the ciphertext output of the encryption algorithm.

Chosen plaintext attacks

135

the attacker has the ability to decrypt chosen portions of the ciphertext message and use the decrypted portion of the message to discover the key.

Chosen ciphertext attacks

136

Used to defeat encryption algorithms that use two rounds of encryption.

Meet-in-the-middle attack

137

a malicious individual sits between two communicating parties and intercepts all communications (including the setup of the cryptographic session).

Man-in-the-middle attack

138

also known as a collision attack or reverse hash matching seeks to find flaws in the one-to-one nature of hashing functions. In this attack, the malicious individual seeks to substitute in a digitally signed communication a different message that produces the same message digest, thereby maintaining the validity of the original digital signature.

Birthday attack

139

attack is used against cryptographic algorithms that don’t incorporate temporal protections. In this attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later “replays” the captured message to open a new session. This attack can be defeated by incorporating a time stamp and expiration period into each message.

Replay attack

140

These allow content owners to enforce restrictions on the use of their content by others. They commonly protect entertainment content, such as music, movies, and e-books but are occasionally found in the enterprise, protecting sensitive information stored in documents.

Digital rights management (DRM)

141

A system that is always secure no matter what state it is in. It ensures that all instances of subjects accessing objects are secure.

State Machine model

142

This model is focused on the flow of information. Designed to prevent unauthorized, insecure, or restricted information flow. Bell-LaPadula and Biba are both examples of this model.

Information Flow model

143

prevent the actions of subject A at a high level of security classification from affecting the system state at a lower level.

Noninterference model

144

employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object.

Take-Grant model

145

a table of subjects and objects that indicates the actions or functions that each subject can perform on each object.

Access Control Matrix

146

subjects have a clearance level that allows them to access only those objects with the corresponding classification levels. Developed by the Department of Defense. It is focused on maintaining the confidentiality of objects. “No read up”. Concerned with confidentiality.

Bell-LaPadula

147

prevents subjects with lower security levels from writing to objects at higher security levels. “No Write Up”. Concerned with Integrity

Biba

148

Bell-LaPadula Simple Security Property

states that a subject may not read information at a higher sensitivity level (no read up).

149

Bell-LaPadula * Star Security Property

states that a subject may not write information to an object at a lower sensitivity level (no write down).

150

Bell-LaPadula Discretionary Security Property

states that the system uses an access matrix to enforce discretionary access control.

151

Biba Simple Security Property

states that a subject cannot read an object at a lower integrity level (no read-down).

152

Biba * star Security Property

states that a subject cannot modify an object at a higher integrity level (no write-up).

153

an integrity model that relies on auditing to ensure that unauthorized subjects cannot access objects and that authorized users access objects properly. It allows modifications through only a small set of programs.

Clark-Wilson

154

also known as Chinese Wall. it creates a class of data that defines which security domains are potentially in conflict and prevents any subject with access to one domain that belongs to a specific conflict class from accessing any other domain that belongs to the same conflict class.

Brewer and Nash Model

155

the technical evaluation of each part of a computer system to assess its concordance with security standards.

Certification

156

is the process of formal acceptance of a certified configuration from a designated authority.

Accreditation

157

systems that are designed using industry standards and are usually easy to integrate with other open systems.

Open Systems

158

systems that are generally proprietary hardware and/or software. Their specifications are not normally published, and they are usually harder to integrate with other systems.

Closed Systems

159

restricts a process to reading from and writing to certain memory locations. Also known as sandboxing.

Confinement

160

the limits of memory a process cannot exceed when reading or writing. Also the area within which a process is confined or contained.

Bounds

161

the mode a process runs in when it is confined through the use of memory bounds.

Isolation

162

the user or process that makes a request to access a resource.

Subject

163

the resource a user or process wants to access.

Object

164

use access rules to limit the access by a subject to an object. Also allows subjects to access only authorized objects. Primary goal is to ensure the confidentiality and integrity of data by disallowing unauthorized access by authorized or unauthorized subjects.

Security Controls

165

Static attributes of the subject and the object are considered to determine the permissibility of an access. Each subject possesses attributes that define its clearance, or authority, to access resources. Each object possesses attributes that define its classification.

Mandatory Access Controls

166

Allows the creator/owner of an object to grant access as he or she sees fit.

Discretionary Controls

167

Provides access to resources based on profiles connected to a user’s role in an organization.

Role Based Access Control

168

Predefined rules state which subjects can access which objects. Often used in firewalls.

Rule-Based access control

169

Also known as the Rainbow Series.

TCSEC

170

Europe’s version of the Rainbow Series.

ITSEC

171

defines various levels of testing and confirmation of systems’ security capabilities, and the number of the level indicates what kind of testing and confirmation has been performed. Designed as a product evaluation model.

Common Criteria

172

the combination of hardware, software, and controls that form a trusted base that enforces the security policy.

Trusted Computing Base (TCB)

173

is the imaginary boundary that separates the TCB from the rest of the system. TCB components communicate with non-TCB components using trusted paths.

Security Perimeter

174

is the logical part of the TCB that confirms whether a subject has the right to use a resource prior to granting access.

Reference Monitor

175

is the collection of the TCB components that implement the functionality of the reference monitor.

Security Kernel

176

A cryptoprocessor chip on a motherboard that stores the encryption key that is used to encrypt the hard drive. This helps prevent hard drives being stolen from PC and the data accessed.

Trusted Platform Module (TPM)

177

the ability of a system to suffer a fault but continue to operate.

Fault tolerance