My Memory Palace-1 Flashcards

Question

Bell-LaPadula

Answer 1

CONFIDENTIALITY OF DATA 1. Simple Property - NO READ UP 2. Star Property - NO WRITE-DOWN 3. Discretionary Security Property - the system uses an access matrix to enforce discretionary access control

Answer 2

INTEGRITY 1. NO READ DOWN 2. NO WRITE-UP

Answer 3

INTEGRITY Takes a different approach than Biba, ditching the formal state machine in favor of defining each data item and allowing modification ONLY through a small set of programs. Uses a three-part relationship (subject | program | object) called a triple or an access control triple. **NO DIRECT ACCESS BY SUBJECTS TO OBJECTS**!!! (access only allowed through authorized programs). Principles: 1. well-formed transactions 2. separation of duties

Answer 4

focuses on the conflict of interest

Answer 5

INTEGRITY !!! (just not as well known as Biba). Credited with defining the concepts of **noninterference**. Based on predetermined a list of objects that a subject can access.

Answer 6

INTEGRITY focuses on preventing interference to support integrity. Based on state machine and information flow. Only allows for the use of a set of predetermined secure states to maintain the integrity and prevent interference. Is often used to **prevent covert channels from influencing outcomes.**

Answer 7

secure creation & deletion of subjects & objects specified via a collection of rules & detailed in an Access Control Matrix. 8 primary rules: a. securely create an object b. securely create a subject c. securely delete an object d. securely delete a subject e. securely provide the read access right f. securely provide the grant access right g. securely provide the delete access right h. securely provide the transfer access right

Answer 8

very similar to Graham-Denning. Composed of a set of generic rights and a **finite set of commands.** It is also concerned with situations in which a subject should be restricted from gaining particular privileges.

Answer 9

Preventive, Detective, Corrective, Recovery, Deterrent, compensating

Answer 10

Physical, Administrative, Technical 1. Physical - are implemented with physical devices, such as locks, fences, gates, and security guards. 2. Administrative - aka, directive. are implemented by creating and following organization policies, procedures, or regulations. User training and awareness also fall into this category. 3. Technical is implemented using software, hardware, or firmware that restrict logical access on an IT system. Examples include firewalls, routers, encryption, etc...

Answer 11

UDP: Authentication port: 1812 UDP: Accounting port: 1813

Answer 12

biggest weakness: storage of plain text symmetric keys

Answer 13

Use UDP port 49 for authentication, may also use TCP

Answer 14

Use TCP 49, plus allows for MFA

Answer 15

SOD - they are doing different activities Dual Control - they are doing the same activity Split knowledge - classic example - you create a encryption key - sting of characters - tear the paper in half and - each individual keeps their half

Answer 16

Planning Reconnaissance Scanning (aka Enumeration) Vulnerability Assessment Exploit Report

Answer 17

A holistic (Broader Scope) approach to assessing the effectiveness of access control; may cross multiple domains: * Policies, procedures, and other administrative controls * Assessing real world-effectiveness of administrative controls * Change Management * Architecture review * Penetration tests * Vulnerability assessments * Security Audits

Answer 18

Use to map customers' requirements to the software testing plan

Answer 19

Establish expected norms for the performance of these (Synthetic) transactions. Useful for testing application updates prior to deployment to ensure that functionality will not be negatively impacted.

Answer 20

Testing software after updates, modifications, or patches.

Answer 21

* Testing to ensure that the software meets the customer's operational requirements. * When the test is done by customer, it is called user acceptance testing

Answer 22

is a black-box testing method that seeks to identify and test all unique combinations of software inputs. Example - pairwise testing, aka all-pairs testing.

Answer 23

Threat x Vulnerability

Answer 24

Protect, Act, Provide, Advance * Protect society, the common good, necessary public trust and confidence, and the infrastructure. * Act honorably, honestly, justly, responsibly, and legally. * Provide diligent and competent service to principals. * Advance and protect the profession.

Answer 25

a method of enforcing "need to know", goes beyond the mere reliance upon clearance level and necessitates simply that someone requires access to information.

Answer 26

the main reason: reduce or detect personnel SPOF (single point of failure), and detecting and deterring fraud.

Answer 27

data is stored in specific-sized chunks known as clusters, which are sometimes referred to as sectors or blocks. A cluster is a minimum size that can be allocated by a file system. If a particular file, or final portion of a file, does not require the use of the entire cluster, then some extra space will exist within the cluster. This leftover space is known as slack space. This may be used intentionally by an attacker to hold data.

Answer 28

An attacker can mark it as bad and hide data here.

Answer 29

1. All **forensic principles must be applied to digital evidence** 2. Evidence should **not be altered** as a result of collection 3. **All activity** relating to the seizure, access, storage, and transfer of digital evidence **must be fully documented** and available for review 4. An **individual is responsible** for actions affecting digital evidence while that **evidence is in their possession** 5. Any entity responsible for seizing, accessing, storing, or transferring digital evidence is **responsible for compliance with these principles**

Answer 30

1. Identification 2. Preservation 3. Collection 4. Examination 5. Analysis 6. Presentation 7. Decision

Answer 31

In cryptography, zero-knowledge proof can be represented by encrypting something with your private key. To decrypt something that was encrypted using a private key, you will need to use the corresponding public key. In this case, you know that the item was encrypted using the private key, but you never actually view or are given the public key. Only the owner of the private key can prove they have the key.

Answer 32

A registration authority (RA) acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA).acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA).

Answer 33

With recent advancements in technology, it is becoming more and more difficult for copyright holders to control the illegal duplication of their software or digital content. One solution to this problem is the use of DRM. DRM protection can be provided using software or hardware-based solutions. Two types of software-based solutions include watermarking and fingerprinting. Watermarking involves embedding copyright information or a hidden message in the content. Watermarks can be visible or invisible and are copied as the file is passed from device to device or user to user. This can be useful in identifying content that might have been obtained through unauthorized means. Fingerprinting is a type of watermarking technique. It involves embedding a unique identification or serial number into the content so that it can be easily identified.

Answer 34

In HMAC, a secret key is added to the message. The message then runs through an algorithm, which generates a MAC value. Only the message and the MAC value are sent to the receiver, and not the secret key. The receiver accepts the message and adds their secret key to the message before an algorithm generates a MAC value for the message. If the receiver's MAC value matches the sender's, the message was not modified and was sent from a known computer. HMAC provides data origin authentication, but fails to provide data confidentiality.

Answer 35

1. Preparation (Policy, procedures, tools, etc) 2. Detection (Identification) 3. Response (Containment) 4. Mitigation (Eradication) 5. Reporting (All phases, begins with Detection) 6. Recovery 7. Remediation 8. Lesson Learned (post-incident activity, postmortem, or reporting)

Answer 36

Byte-level striping with dedicated parity

Answer 37

block-level striping with dedicated parity

Answer 38

block-level striping with distributed parity

Answer 39

Striped set w/dual distributed parity allow for failure of two drives and still function writes parity to two different disks

Answer 40

Block-level striped set

Answer 41

Mirrored set

Answer 42

The ***focus*** of BCP is on the business as a whole, ensuring that those critical services or functions the business provides or performs can still be carried out both in the **wake** of disruption and **after** the disruption has been weathered.

Answer 43

DRP is considered tactical rather than strategic and provides a means for immediate response to disasters. DRP focuses on efficiently attempting to mitigate the impact of a disaster by preparing the immediate response and recovery of critical IT systems. A short time plan for dealing with IT-oriented disruption. Example: Mitigating a malware infection that shows the risk of spreading to other systems.

Answer 44

1. Respond - The initial response to assess damaged. Is the event constitutes a disaster? 2. Activate Team - If declared, then the recovery team needs to be activated. Use "call tree" to help facilitate the process. 3. Communicate - often occurs out-of-band, leveraging an office phone will quite often not be a viable option. Internal status and must prepare to provide external communication (public) 4. Assess - Proceed to assess the extent of damage to determine the proper steps necessary to ensure the organization's ability to meet its mission. 5. Reconstitution - recover critical business operations at either a primary or secondary site. Also, a salvage team is employed to begin the recovery process at the primary facility that experienced the disaster.

Answer 45

NIST 800-34

Answer 46

provides hands-on protection of assets perform data backups and restoration, patch systems, configure av, etc.. DO NOT make critical decisions on how data is protected.

Answer 47

is a manager who is responsible for the actual computers that house the data. They ensure H/W is secure, OS is patched and up to date, the system is hardened, etc. Technical hands-on responsibilities are delegated to custodians.

Answer 48

Create and manage sensitive data w/in the organization. HR is often data controllers, as they create and manage sensitive data.

Answer 49

Manage data on behalf of data controllers. An outsourced payroll company is an example of a data processor who processes data on behalf of data controllers.

Answer 50

Public, Sensitive, Private, and Confidential.

Answer 51

Purpose: Provide procedures for recovering business operations **immediately following a disaster.** Scope: Address business Processes; not IT-focused; IT addressed based only its support for business process.

Answer 52

Purpose: Provide procedures and capabilities to sustain an o**rganization's essential, strategic functions at an alternate site for up to 30 days.** Scope: Addresses the subset of an organization's missions that are deemed most critical; usually written at the headquarters level; not IT-focused.

Answer 53

Purpose: Provides procedures and capabilities for recovering a major application or general support system. Scope: Same as IT contingency plan; addresses IT system disruptions; not business process-focused.

Answer 54

Purpose: Provides procedures for disseminating status reports to personnel and the public Scope: Addresses communications with personnel and the public; not IT-focused.

Answer 55

Purpose: Provide strategies to detect, respond to, and limit the consequences of a malicious incident. Scope: Focus on information security responses to incidents affecting systems and/or networks

Answer 56

Purpose: Provide coordinated procedures for **minimizing loss of life** or injury and **protecting property damage** in response to a physical threat scope: Focuses on personnel and property particular to specifics facility; not business process or IT system functionality based

Answer 57

Archive data since the last full backup

Answer 58

Class I - Residential usage Class II - Commercial usage, where general public access is expected. examples: a public parking lot entrance, a gated community, or a self-storage facility. Class III - Industry usage, where limited access is expected. example: A warehouse property entrance not intended to serve the general public Class IV - Restricted access; this includes a prison entrance that is monitored either in person or via closed circuitry.

Answer 59

Negative testing is also called misuse testing. It is typically performed by entering invalid information to identify how it is handled by the application. Negative testing can also involve attempting to perform other actions that should not be allowed by the application. Determining whether an application will allow a web page to be accessed by a user without requiring them to log in first would be an example of a negative software test.

Answer 60

NIST 800-34 - Contingency Planning Guide ISO 27031 - focuses on BCP (DRP is handled by another framework) ISO 2476:2008 - Disaster Recovery Plan. BCI - Business Continuity Institute. Good Practice Guideline (GPG)

Answer 61

1. Lack of Management support 2. Lack of business unit involvement 3. Lack of prioritization among critical staff 4. Improper (often overly narrow) scope 5. Inadequate telecommunications management 6. Incomplete or Inadequate CMP 7. Lack of testing 8. Lack of training and awareness 9. Failure to keep the BCP/DRP plan up to date

Answer 62

Answer: A - Lattice?

Answer 63

Teardrop attacks occur when an attacker sends packets that are too small and result in a system locking up or rebooting. This type of attack takes advantage of the fact that systems do not check to see if a received packet is too small. The attacker creates these small packets in such a way that when the receiving system attempts to recombine the fragments, they cannot be reassembled properly. There are three common methods used to protect a system from this type of attack. Firstly, keep the operating system patched and up-to-date. Secondly, use a router to disallow any malformed packets from entering into the network environment. Finally, use a router to attempt to combine all fragments into the associated packet before sending them on to the destination system.

Answer 64

Multiprotocol Label Switching (MPLS) does not natively include encryption services. MPLS traffic can be encrypted before encapsulation by using protocols such as IP Security (IPsec) and Secure Sockets Layer (SSL). MPLS security can be facilitated through the specification of traffic flow routes and by hiding the IP destination addresses from intermediate devices.

Answer 65

PKI is a set of policies, processes, server platforms, software, and workstations to administer certificates and public-private key pairs. PKI has the ability to issue, maintain, and revoke public key certificates. PKI provides security services for confidentiality, integrity, authentication, nonrepudiation, and access control, based on using private and public key cryptography. A registration authority (RA) acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA). However, if an RA is not specifically being implemented within the PKI, the certificate authority (CA) can provide its verification services.

Answer 66

To provide confidentiality, authentication, nonrepudiation, and integrity, messages will have to be encrypted and digitally signed. Encryption provides confidentiality. RSA, ECC, and El Gamal are algorithms that provide encryption. Digital signatures provide authentication, nonrepudiation, and integrity. RSA, DSA, ECC, and El Gamal are algorithms that can be used to digitally sign a message.

Answer 67

Pretty Good Privacy (PGP) is a cryptosystem that was created to protect e-mail messages, which allows only the communicating parties to be able to read their e-mail messages. PGP works using RSA public key encryption, in which each communicating party creates an RSA public and private key pair. The private key remains private and the public key is distributed on the Internet. PGP uses the International Data Encryption Algorithm (IDEA) for encrypting bulk data, which provides data confidentiality. PGP relies on a web of trust in its approach to key management, so it does not require a PKI infrastructure. Each user has a file referred to as a key ring. This file contains a collection of the public keys received from other users.

Answer 68

All cryptographic algorithms and protocols eventually age and become compromised. IS professionals must test the cryptographic systems of their organization and replace the systems that are outdated. The governance of cryptographic algorithms and systems should address the following at a minimum: Transition plans for replacing outdated algorithms and keys Procedures for the use of cryptographic systems Approved cryptographic algorithms and key sizes Key generation, escrow, and destruction guidelines Incident reporting guidelines

Answer 69

TCSEC provides a graded classification of systems that is divided into assurance levels. There are four divisions of assurance levels: A: verified protection B: mandatory protection C: discretionary protection D: minimal security Some of these divisions can also be further divided into one or more numbered classes. Division B evaluates the MACs and the reference monitor mechanisms used in a system. For the organization's systems to meet the B1 assurance level, security labels must be used by the subjects and objects of the systems. These security levels must be enforced by a MAC mechanism

Answer 70

A double-encapsulated 802.1Q frame attack involves an attacker exploiting a weakness in how the 802.1Q encapsulation process works. This weakness allows an attacker to encapsulate the frame with two VLAN tags. The first encapsulation will contain the VLAN number of the targeted VLAN (VLAN 7 for example). The second, outer encapsulation will contain the VLAN number of the native VLAN (VLAN 1 by default). The switch will remove the outer encapsulation, but it will not remove the inner encapsulation containing the second VLAN number of the targeted VLAN. Since the outer encapsulation that was removed contained the native VLAN number, the switch will then forward the frame along the trunk without encapsulating it. When the frame is received by the second switch, it will see the inner encapsulation containing the VLAN number of the targeted VLAN (VLAN 7 in this example). It will then remove the encapsulation and forward the frame on VLAN 7. This will allow an attacker to transmit packets on the wrong VLAN. The double-encapsulated 802.1Q frames attack can be prevented by removing (filtering) the native VLAN from all trunk links. Other measures that can help prevent this attack include issuing the switchport mode access and switchport nonegotiate commands on all user-facing switch ports.

Answer 71

A meltdown is a memory vulnerability that allows the contents of private kernel memory to be read by an unauthorized process. It happens when a modern CPU makes an inaccurate prediction about future instructions in an attempt to optimize performance. If the incorrect procedure isn't reversed entirely it can leave some data remnants exposed.

Answer 72

The information flow security model compartmentalizes data based on classification and the need to know. To access an object, a subject's clearance should dominate the object's classification and specify the need to know. This security model was the basis for models such as Bell-LaPadula and Biba. The goal of this model is to prevent the existence of covert channels in a system and to secure the flow of information. The model also ensures that information always flows from a low security level to a high security level and from a high integrity level to a low integrity level.

Answer 73

The Intelligent Electronic Devices (IED) component of a SCADA system is a sensor that is able to obtain data from devices and perform actions based on it. The IED provides a way of performing automatic control of devices at the local level.

Answer 74

A Transmission Control Protocol (TCP) sequence number attack exploits the communication session that is created between two hosts. It hijacks the session so that the attacker can communicate with the host that it wishes to attack. Once this attack is successful, the attacker will have the same privileges and access rights that the original host would have been granted. In a TCP sequence number attack, the attacker will sniff the network traffic and locate packets that are going between the two hosts. It will make note of the sequence numbers that are being used and attempt to trick the receiving host into thinking that it is the original client. It will do this by sending its own message using a sequence number that is valid, based on the previous numbers that it sniffed out of the traffic stream. Once successful, the original client will no longer be responded to, so it will have to set up a new session while the attacker is using the original session that was created.

Answer 75

Nondisclosure agreements (NDAs), not NCAs are typically used to protect a company's propietary or confidential information from being disclose by an employee.

Answer 76

Are typically used to prevent the threat of loss of an employee to a similar company as a means of wage negotiation and to prevent the potential loss of company skills to a competitor. Therefore, NDAs are more likely to contain a non-disclosure demand than NCAs. Like NCAs, NDAs are typically signed at the time of hiring and can be used to enforce strict penalties on employees who violate them. NCAs are likely to contain an expiration date because courts consider it unreasonable to bar an employee from working for competitor over a lifespan. NCAs can be difficult to enforce in court because legal systems recognize the employee's need to earn a reasonable income by using the knowledge or skills they already have. One way to prevent an employee from violating the NCAs is to ensure that the agreement is enforceable in a court of law. Therefore, most NCAs provide an expiration date to make the agreement enforceable. NCAs are likely to contain a job description and a geographic restriction for the same reason they contain an expiration date. Without these limitations, a court might consider the NCA to be unreasonable and therefore unenforceable.