Domain 3 set 5 Flashcards
(40 cards)
Simple Integrity Property
No “read Down”
Biba Model
Biba Model two rules and Enforces what?
- Simple Integrity Property
- Integrity Property
Integrity
- Integrity Property
No “Write Up”
Biba Model
A system design to operate at different security levels.
Multilevel Security
Bell-LaPadula Model two rules and Enforces what?
- Simple Security rule “No read up”
- *-Property Rules “No “write Down”
Confidentiality
What are the two Evaluation Models
- TCSEC (Orange Book)
2. Common Criteria ( international Model)
What are the 4 Accreditation options?
- Authorization To Operate (ATO)
- Interim Authorization To Operate (IATO)
- Interim Authorization To Test
- Denial of Authorization To Operate (DATO)
Authorization To Operate good for how long
3 years
Interim Authorization To Operate (IATO) good for how long
6 months
Accreditation is the same as?
Authorization
Type 1 Hypervisor is what?
barebone vm, data center
Type 2 Hypervisor is what?
vm on as application on the pc
VM escape attack is what?
when an attacker break out of the guest environment
What are the three Cloud models?
- Private Cloud
- Public Cloud
- Hybrid Cloud
The three type of public cloud service.
SaaS Software as a Service
PaaS Platform as a Service
LaaS Infrastructure as a Service
LaaS the Customer is responsible for?
OS
Application
Data
PaaS the Customer is responsible for?
Data
Application
SaaS the Customer is responsible for?
Data
Segmentation Fault
A error that occurs when an application requests unauthorized access to a memory segment
What are the two types of Covert channels?
- Covert Storage Channel (ICMP echo request)
2. Covert Timing Channel ( Port Knocking)
Raid 1
Disk mirroring ( 2 disk requested)
Raid 5
Disk striping with parity ( 3 disk requested)
Raid is what type of technique?
Fault tolerance not a backup strategy
applets run on what?
on the client
