Domain 3: Security Engineering Flashcards

Question

Running Key or Book Cipher

Answer 1

key is as long as the message itself and is often from a book

Answer 2

operate on chunks of messages

Answer 3

act on on bit at a time

Answer 4

relationship btwn plaintext and ciphertext is so complicated that an attacker can't determine the key

Answer 5

a change in the plaintext results in multiple changes spread through the ciphertext

Answer 6

Pro - Very Fast, used for bulk encryption | Cons - key distribution, does not implement non repudiation, not scalable, keys must be regenerated often

Answer 7

relies on a shared key given to all members used to encrypt and decrypt, aka secret key and private key

Answer 8

public key, each user has a public and private key, receivers public key encrypts, receivers private key decrypts, also digital signature tech

Answer 9

Pros - adding new users only requires 1 public-private key pair, easier to remove users, less key regeneration, provides integrity, authentication, nonrepudiation, key distribution is easy, no preexisting relationship is necessary Cons - speed

Answer 10

``` Symmetic = Single shared key, Confidentidality, Fast, Non Scalable, Out of band exchange, Bulk encyrption Asymmetric = Key pair, Confidentiality, Integrity, Nonrepudiation, authentication, Slow, Scalable, In-Band, Small blocks of data ```

Answer 11

Summary of a messages content produced by hashing

Answer 12

Data Encryption Standard - no longer secure, 64 bit block cipher with 5 modes of operation, key is 56 bits, uses 16 rounds of XOR operations to generate ciphertext

Answer 13

DES, 3DES, IDEA, Blwofish, Skipjack, AES

Answer 14

Cipher Block Chaining Mode, Cipher Feedback Mode, Output Feedback Mode, Counter Mode, Electronic Codebook Mode

Answer 15

Electronic Codebook mode - least secure, simply encrypts block with same key, enemy could build a code book

Answer 16

Cipher Block Chaining Mode - each block is XORed with the ciphertext block proceeding it before encyrption, IV

Answer 17

Cipher Feedback Mode - streaming cipher version of CBC, real time operation, IV and chaining

Answer 18

Output Feedback Mode - same as CFB but XORs with a seed value, no chaining, uses previous seed value to determine next

Answer 19

Counter Mode - stream cipher, uses a counter for XOR operation

Answer 20

Triple DES - adapted version of DES

Answer 21

DES - EEE3 = 168 bit key length DES - EDE3 = 168 bit key length DES - EEE2 = 112 bit key length DES - EDE2 = 112 bit key length

Answer 22

encrypts plaintext 3 times using 3 different keys, | C= E (K1, E (K2, E (K3,P)))

Answer 23

C= E (K1, D (K2, E (K3,P)))

Answer 24

C= E (K1, E (K2, E (K1,P)))

Answer 25

C= E (K1, E (K2, E (K1,P)))

Answer 26

International Data Encryption Algorithm = 64-bit block with 128 bit key, uses 52 16-bit subkeys, open to all, in PGP, same modes as DES

Answer 27

64 bit blocks of text, allows use of variable length keys ranging from 32 to 448 bits

Answer 28

64 bit block, supports escrow of encryption keys

Answer 29

Advanced Encryption Standard - 3 key strengths, 128 bit (10 round of encryption), 192 bit (12 rounds), 256 bit (14 rounds). Processes 128 bit blocks

Answer 30

``` Block size and key size AES = 128 bit block, 128, 192 or 256 bit key Rijndael = Variable block, 128, 192 or 256 bit key Blowfish = 64 bit block, 32-338 bit key DES = 64 bit block, 56 bit key IDEA = 64 bit block, 128 bit key RC2 = 64 bit block, 128 bit RC4 = Streaming, 128 bit RC5 = 32, 64 or 128 bit block, 0-2040 bit key Skipjack = 64 bit block, 80 bit key 3DES = 64 bit block, 112 or 168 bit key Twofish = 123 bit, 256 bit key ```

Answer 31

Offline distribution, Public key encryption, Diffie-Hellmen Key exchange

Answer 32

key is divided into two or more pieces and given to independent third parties

Answer 33

provides gov't with technical means to decrypt ciphertext

Answer 34

Most famous asymmetric algorithm - depends on the difficulty of factoring large prime numbers, key length of 1088 bits

Answer 35

asymmetric encryption, doubles the length of any message it encrypts

Answer 36

RSA, El Gamal, Elliptic Curve

Answer 37

more difficult to solve, only 160 bit kit equivalent to 1088 RSA key. Good for small devices with less processing power

Answer 38

take a long message and generate a unique output known as the message digest

Answer 39

1. Input can be any length 2. Output has a fixed length 3. Hash Function in relatively easy to compute 4. Hash Function is one-way 5. Hash Function is collision free

Answer 40

Secure Hashing Algorithm, SHA 2 is the most secure SHA-1 = 512 bit blocks, 160 bit message digest SHA-256 = 512 bit blocks, 256 bit message digest SHA-224 = 512 bit blocks, 224 bit message digest SHA-512 = 1024 bit blocks, 512 bit message digest SHA-382 = 1024 but blocks, 834 bit message digest

Answer 41

no longer used, 128 bit message digest

Answer 42

message padded to be 64 bits smaller than 512 bit multiple, 3 rounds of computation, 128 bit message digest, no longer used

Answer 43

512 bit blocks, same padding as MD4, reduce the speed, no longer secure, 128 bit message digest

Answer 44

Nonrepudiation and Integrity and Authentication

Answer 45

Alice hashes plaintext, encrypt message digest using her private key (this is the digital signature), Append signed message digest to plaintext message, Send to Bob, Bob decrypts digital signature using Alice's Public Key, Bob hases the plaintext message, Bob compares the decrypted message digest to his message digest

Answer 46

Hashed Message Authentication Code implements a partial digital signature, integrity but not non repudiation

Answer 47

Digital Signature Standard - by NIST, aka FIPS 186-4

Answer 48

provide communicating parties with the assurance that the people they are communicating with are who they claim to be - endorsed copies of an individuals public key

Answer 49

neutral organization which offer notarization services for digital certificates

Answer 50

the process of proving your identity to the CA to obtain a certificate

Answer 51

certificate revocation list

Answer 52

Online Certificate Status Protocol - eliminates latency of CRL

Answer 53

Choose encryption system wisely, select keys wisely, keep your private key secret, retire old keys, back up your key

Answer 54

encrypt the message

Answer 55

hash the message

Answer 56

digitally sign the message

Answer 57

encrypt and digitally sign the message

Answer 58

Pretty Good Privacy is a secure email system combining CA concept with web of trust

Answer 59

Secure Multipurpose Internet Mail Extensions - de factor standard for encrypted email, uses RSA and X.509 certificates

Answer 60

embed secret messages within another message

Answer 61

Digital Rights Management - uses encryption to enforce copyright restrictions on digital media

Answer 62

used to protect data in transit - protects entire communication circuits by creating a secure tunnel between two points, encrypts header info so you need to decrypt at points

Answer 63

used to protect data in transit - protects comms between two parties, more susceptible to eavesdroppers, faster, does not encrypt header info, ex: TLS, Banking, VPN

Answer 64

provides a complete infrastructure for secured network communications

Answer 65

Authentication Header - provides assurances of message integrity and nonrepudiation

Answer 66

Encapsulating Security Payload - provides confidentiality and integrity

Answer 67

Internet Security Association and Key Management Protocol - provides background security support services for IPsec by negotiating, establishing, modifying, and deleting SAs

Answer 68

Transport mode - only packet is encrypted | Tunnel mode - entire packet is encrypted

Answer 69

created to set up IPsec, represents the communication session and records any config and status info about the session, need one SA for each direction of data flow

Answer 70

Wired Equivalent Privacy - protect comms within wireless LAN, outdates

Answer 71

WiFi Protected Access, improves on WEP by implementing Temporal Key Integrity Protocol, outdated

Answer 72

adds AES cryptography

Answer 73

algebraic manipulation that attempts to reduce the complexity of the algorithm

Answer 74

exploits weaknesses in implementation, focus on sw code

Answer 75

focuses on inability to produce totally random numbers

Answer 76

uses known letter frequencies

Answer 77

Attacker has a copy of the plaintext and ciphertext

Answer 78

attacker has ability to decrypt chosen portion of the ciphertext

Answer 79

attacker has the ability to encrypt plaintext messages

Answer 80

attacker uses a known plaintext and encypts, decrypts equivalent ciphertext and finds which keys match up

Answer 81

attacker sits between two communication parties and intercepts communications

Answer 82

finds flaws in one to one nature of hasing

Answer 83

attacker intercepts message and later replays it to start a new session

Answer 84

allows a process to read from and write to only certain memory location and resources aka sandboxing

Answer 85

limits set on the memory addresses and resources it can access

Answer 86

a process is confined through enforcing access bounds

Answer 87

uses access rules to limit the access of a subject to an object

Answer 88

a system in which all protection mechanisms work together to process sensitive data for many types of users while maintaining a stable and secure computing environment

Answer 89

the degree of confidence in satisfaction of security needs

Answer 90

gives software designers something against which to measure their design and implementation

Answer 91

a combination of hw, sw and controls that work together to enforce your security policy, provide methods to access resources inside and outside TCB

Answer 92

an imaginary boundary that separated the TCB from the rest of the system, prevents insecure comms, need trusted paths for secure comms

Answer 93

part of the TCB that validates access to every resource prior to granting access requests

Answer 94

collection of components in the TBC that work together to implement reference monitor functions

Answer 95

a system that is always secure no matter what state it is in

Answer 96

designed to prevent unauthorized, insecure, or restricted information flow

Answer 97

loosely based on information flow, concerned with how the actions of a subject at a higher security level affect the system state of the actions of a subject at a lower security level

Answer 98

shows how rights can be passed from one subject to another or from a subject to an object

Answer 99

table of subjects and objects that indicated the actions or functions that each subject can perform on each other

Answer 100

No read up, No write down, enforced through DAC, confidentiality is upheld

Answer 101

No read down, no write up, Integrity is up held

Answer 102

objects can only be accessed through an interface

Answer 103

blocks conflicting data/access based on competition

Answer 104

subjects are allowed only to perform predetermined actions against predetermined objects

Answer 105

prevents interference in support of integrity, defines states

Answer 106

secure creation and deletion of both subjects and objects

Answer 107

set of standards that attempted to specify minimum acceptable security criteria

Answer 108

European Model, more focused on integrity and availability

Answer 109

A = Verified Protection (all phases of development are evaluated), B= Mandatory Protection (security labels, Bell La-Padula Model), C = Discretionary Protection (basic controls and complete documentation), D = Minimal Protection

Answer 110

TCSEC for networks

Answer 111

password creation and management guidelines

Answer 112

global effort to validate products,

Answer 113

Part 1: Intro and General Model Part 2: Security Functionality Requirements Part 3: Security Assurance

Answer 114

EAL1 - Functionally Tested EAL2 - Structurally Tested EAL3 - Methodically Tested and Checked EAL4 - Methodically Designed, Tested and Reviewed EAL5 - Semi-formally Designed and Tested EAL6 - Semi-formally Verified, Designed and Tested EAL7 - Formally Verified, Designed, and Tested

Answer 115

Payment Card Industry - Data Security Standard, requirements for improving security of electronic payment transactions

Answer 116

International Organization of Standardization

Answer 117

comprehensive evaluation of the technical and nontechnical security features of an IT system

Answer 118

management reviews the certification information and decides if it meets the security needs of the org

Answer 119

used to host one or more OSs within the memory of a single host computer

Answer 120

Trusted Platform Module - store and process cryptographic keys for the process of hard drive encryption

Answer 121

ability of a system to suffer a fault but continue to operate

Answer 122

tangible part of the system

Answer 123

handle two or more tasks at once (not truly multitasking)

Answer 124

harnessing the power of more than one processor

Answer 125

pseudosimultaneous execution of two tasks on a single processor, , special software, usually large scale systems

Answer 126

multiple tasks performed in a single process (i.e. opening multiple word docs)

Answer 127

use policy mechanisms to manage different levels of info, handle one level at a time

Answer 128

handle multiple security levels simultaneously

Answer 129

Ring 0- highest level of privilege, kernel/Memory Ring 1 - Other OS Components Ring 2 - Drivers, protocols Ring 3 - User Level programs and apps

Answer 130

Valid Clearance, Access Approval, & Need to Know for all info

Answer 131

MAC environment & physical control

Answer 132

Valid Clearance & Access Approval for all info, Need to Know for some info

Answer 133

Valid Clearance and Need to Know for all info, access approval for any info

Answer 134

Not all users have clearance, access approval and need to know for all info

Answer 135

Read Only Memory - has PROM, EPROM, Flash Memory

Answer 136

Random Access Memory - readable and writable, volatile

Answer 137

On board memory

Answer 138

magnetic, optical or flash based media that contain data not immediately available to the CPU

Answer 139

data retention, controlling access, ability to get data off of chips

Answer 140

Data remanence, sanitization issues, prone to theft

Answer 141

software that is stored in a ROM chip, BIOS and device firmware

Answer 142

code objects sent from a server to a client to perform some action

Answer 143

programs transmitted over the internet to perform operations on remote systems

Answer 144

proprietary Microsoft tech, no sandbox restrictions

Answer 145

combine records from one or more tables to produce potentially useful info , combine low level info and can get higher level info

Answer 146

use deductive capability to combine prices of nonsensitive data to get classified data

Answer 147

comb through data warehouses and look for potentially correlated info

Answer 148

large databases to store large amount of info

Answer 149

science of raw data examination with the focus of extracting useful info out of bulk info

Answer 150

processing and storage are performed elsewhere over a network connection

Answer 151

operating system as a cloud based service

Answer 152

Google Docs, Office 365

Answer 153

platform + computing services

Answer 154

groups of processors that work together to reach a specific goal

Answer 155

networked app solutions that share tasks and workload

Answer 156

Industrial Control System

Answer 157

Distributed Control Systems - large scale environment from a single location

Answer 158

Programmable Logic Controllers - single purpose digital computers

Answer 159

Supervisory Control and Data Acquisition - stand alone device or networked

Answer 160

device mgmt solution on mobile device that limits installation of apps

Answer 161

isolate the OS and preinstalled apps from user apps and data

Answer 162

maintain oversight over an inventory

Answer 163

Mobile Device Management - push or remove apps, manage data, config settings

Answer 164

MDM, Storage Segmentation, Asset Tracking, Disabling Unused Features, Remote Wiping, FDE, etc.

Answer 165

Implicit Deny

Answer 166

data ownership, support ownership, patch mgmt, AV mgmt, forensics, privacy, on-boarding/off-boarding, adherence to corporate policy, user acceptance, Infrastructure considerations, legal concerns, Acceptable Use Policy, Camera/Video

Answer 167

a computer implemented as part of a larger system ex: smart TVs, HVAC controls, smart appliances, etc.

Answer 168

any computational device that can cause a movement to occur

Answer 169

Network Segmentation, Security Layers, App Firewalls, Manual Updates, Firmware Version Control, Wrappers, Control Redundancy and Diversity

Answer 170

controlling traffic among networked devices to isolate the static environment - VLANS, MAC Address, IP Addresses, TCP/UDP ports

Answer 171

Protection Mechanism Used to separate functions based on security, only allow communications through specific interfaces

Answer 172

object-oriented programming, "black-box" doctrine, don't need to know the details of how the object works just how to use it

Answer 173

data existing at one level of security is not visible to processes running at different security levels

Answer 174

requires the operating system provide separate memory spaces for each process, prevents reading and writing to other processes

Answer 175

similar to process isolation but enforces through physical access controls

Answer 176

run in user mode whenever possible

Answer 177

least privilege for admins

Answer 178

method used to pass info over a path not normally used for communication, best way to detect is to analyze audit logs

Answer 179

alters system component performance or modifies a resources timing

Answer 180

writes data to a common storage area where another process can read it

Answer 181

entry points into a system known only by developer (back doors)

Answer 182

attacker makes small, random, or incremental changes to data

Answer 183

stealing small amounts of money from accounts

Answer 184

time at which the subject checks the status of the object

Answer 185

time at which the procedure accesses the object

Answer 186

Time of check to time of use- attacker replaces original object with another inbetween TOC and TOU

Answer 187

enclosure that acts as an EM capacitor

Answer 188

define necessary supporting elements for operations

Answer 189

systems merge over time and perform similar or redundant

Answer 190

construction begins

Answer 191

facility construction, site management, awareness training, emergency response...

Answer 192

access controls, CCTV, IDS, HVAC, etc.

Answer 193

fencing, lighting, locks, dogs, guards, etc.

Answer 194

1. Deterrent 2. Denial 3. Detection 4. Delay

Answer 195

Mean time to failure - expected typical functional lifetime of the device

Answer 196

Mean Time to Repair - time to repair device

Answer 197

Mean time between failures - time between first and any subsequent failures

Answer 198

Wiring closet

Answer 199

communication pathway is constantly or periodically checked

Answer 200

Faraday Cage, White Noise, Control Zone

Answer 201

implementation of either a Faraday Cage or white noise generation or both to protect a specific area in a environment

Answer 202

Uninterruptible Power Supply - self charging battery

Answer 203

Momentary loss of power

Answer 204

complete loss of power

Answer 205

Momentary Low voltage

Answer 206

Prolonged low voltage

Answer 207

Momentary high voltage

Answer 208

prolonged high votlage

Answer 209

initial surge of power usually associated with connecting to a power source

Answer 210

steady interfering power disturbance or fluctuation

Answer 211

short duration of line noise disturbance

Answer 212

nonfluctuating power

Answer 213

allow for 8% drop in power btwn source and facility meter and 3.5% drop between the facility meter and wall outlet

Answer 214

60-70 degrees F, 40-60% humidity

Answer 215

A: Common combustibles; Water, Soda Acid B: Liquids; CO2, Halon, Soda Acid C: Electrical; CO2, Halon D: Metal: Dry Powder

Answer 216

always full of water, immediate discharge

Answer 217

contains compressed air, discharges water

Answer 218

dry pipe, larger amount of water

Answer 219

combination dry and wet pipe - most approriate to use

Answer 220

Hybrid but Asymmetric over Symmetric

Answer 221

Asymmetric

Answer 222

[N*(N-1)]/2

Answer 223

RSA, DSA, ECC, El Gamal, Diffue Hellmen, Knapsack