Security Architecture and Design Flashcards

1
Q

Security Model Concepts

A

Confidentiality

Integrity

Availability

Defense in depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

System Architecture

A

Process of describing, representing components that make up the planned system and interrelationships between components.

Answer questions like:

what is the purpose of system?

who will use it?

what environment will it operate in?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

System Architecture Steps

A
  1. System Design Phase - gather system requirements, and manner in which requirements will be met
  2. Development Phase - HW, SW components assigned for development
  3. Maintenance Phase - System and Security architecture are evaluated to ensure system operates properly and security is maintained
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ISO / IEC 42010:2011 Terminology

Architecture

A

Describes organization of system including its components and their interrelationships along with principles that guide its design and evolution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

ISO / IEC 42010:2011 Terminology

AD - Architectural Description

A

Set of documents that convey the architecture in a formal manner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ISO / IEC 42010:2011 Terminology

Stakeholder

A

Individuals, teams, departments including groups outside organization with interests or concerns to consider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ISO / IEC 42010:2011 Terminology

View

A

Representation of the system from the perspective of a stakeholder or set of stakeholders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ISO / IEC 42010:2011 Terminology

Viewpoint

A

Template used to develop individual views that establish the audience, techniques and assumptions made

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Computing Platforms

Mainframe / Thin Clients

A

power is on mainframe, clients just used to access it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Computing Platforms

Distributed Systems (Client / Server)

A

devices have client software that interact with server software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Computing Platforms

Middleware

A

software that talks between two different systems

ex. Users connect to software that provides interface which accesses databases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Computing Platforms

Embedded Systems

A

Platform in another system.

System within a system

Embedded in hardware or software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Computing Platforms

Mobile Computing

A

software running on tablets, phones, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Virtual Computing and Security Services

A

Running multiple instances of operating system on a single server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security Services

Boundary Control

A

Placing components in security zones and maintaining boundary control among them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security Services

Access Control Services

A

Gives users only the access required to do their jobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Security Services

Integrity Services

A

Ensures data moving through OS or application can be verified as not damaged or corrupted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Security Services

Cryptography Services

A

Encrypting information in transit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Security Services

Auditing and Monitoring Services

A

Method of tracking the activities of users and of the operations of the system processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

System Components

CPU

A

Executes all instructions in the code

Multiprocessing allows executing multiple instructions in parallel

CPUs have their own memory

Can work in user mode (user or app) or privileged mode (for operating system)

If instruction for CPU is marked to be performed in privileged mode, it must be a trusted OS Process and is given functionality not available in user mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

System Components

RAM

A
Desktop
SDRAM - Synchronous Dynamic RAM
DDR SDRAM - Double Data Rate SDRAM
DDR 2 SDRAM - Double Data Rate 2 SDRAM
DDR 3 SDRAM - Double Data Rate 3 SDRAM

Laptop
SODIMM - Small Outline DIMM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

System Components

ROM

A

Flash Memory - electronically programmable ROM

PLD - Programmable Logic Device, integrated circuit with internal logic gates that can be changed programmatically

FPGA - Field Programmable Gate Array, a type of PLD programmed by blowing fuse connections on the chip, or using an antiques that makes connection when high voltage applied to junction

Firmware - type of ROM where a program or low-level instructions are installed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Memory Concepts

Associative Memory

A

Searches for specific data value in memory rather than by specific memory address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Memory Concepts

Implied Addressing

A

Refers to registers usually contained inside the CPU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Memory Concepts Absolute Addressing
Addresses the entire primary memory space. CPU uses the physical memory addresses that are called absolute addresses
26
Memory Concepts Cache
Small amount of high-speed RAM that holds the instructions and data from primary memory and that has high probability of being accessed during currently executed portion of a program
27
Memory Concepts Indirect Addressing
The address location specified in the program instruction contains the address of the final desired location
28
Memory Concepts Logical Address
Address at which a memory cell or storage element appears to reside from the perspective of an executing program
29
Memory Concepts Relative Address
Specifies its locations by indicating its distance from another address
30
Memory Concepts Virtual memory
Location on hard drive used for temporary storage when memory space is low
31
Memory Concepts Memory Leak
Occurs when computer program incorrectly manages memory allocations which can exhaust available system memory as an application runs
32
Rings of privilege 0, 1, 2, 3, 4
``` Ring 0 - Most privileged Ring 1 Ring 2 Ring 3 Ring 4 - least privileged etc ```
33
Multitasking Types Symmetric, Asymmetric
Symmetric Multitasking Two processes divide the same work Asymmetric Multitasking One processor is dedicated to the OS, other(s) dedicated to user operations
34
System Security Architecture
Views components that comprise a system from a security perspective Should be derived from the organization security policy System-specific policy must be more detailed. It addresses level security required on a device, OS or application
35
Trusted Computer System Evaluation Criteria (Orange Book Concepts) TCB - Trusted Computer Base
Composed of components (HW, firmware, SW) that are trusted to enforce the security policy of the system Security Perimeter - dividing line between trusted parts of system and untrusted parts Reference Monitor - any system component that enforces access controls on an object Security Kernel - The HW, firmware, SW elements of a TCB that implements the reference monitor concept
36
Security Architecture Frameworks Zachman Framework
2D model that intersects communication interrogatives (what, why, where, etc) with viewpoints like planner, owner, designer, etc
37
Security Architecture Frameworks SABSA - Sherwood Applied Business Security Architecture
Attempts to enhance communication process between stakeholders
38
Security Architecture Frameworks ITIL - IT Infrastructure Library
Set of best practices which have become de facto standard for IT Service Management
39
TOGAF The Open Group Architecture Framework
Calls for an ADM (architectural development method) that uses an iterative process which continuously monitors and updates individual requirements
40
Security Architecture Documentation ISO / IEC 27000 Series
Establishes information security standards published jointly by the International Organization for Standardization (ISO) and the Electrotechnical Commission (IEC)
41
Security Architecture Documentation CobiT Control Objectives for Information and Related Technology
Derived from the COSO framework created by the Committee of Sponsoring Organizations of the Treadway Commission. Deals with IT Governance
42
Security Models State Machine Model
Examines every possible state that system could be in and ensures the system maintains proper security relationships between objects and subjects in each state
43
Security Models Multilevel Lattice Models
Assigns each security subject a label defining upper and lower bounds of the subjects access to the system. Applies controls to all objects by organizing them into levels or lattices
44
Security Models Matrix-based models
Organizes tables of subjects and objects indicating what actions individual subjects can take upon individual objects, often implemented as a control matrix
45
Security Models Non-Interference Models
Concerned with subject's knowledge of the state of the system at a point in time. Concentrates on preventing actions that take place at one level from altering state presented to another level
46
Security Models Information Flow Models
Attempts to prevent flow of information from one entity to another that violates or negates the security policy
47
Security Models Bell-LaPadula Model
Incorporates 3 basic rules regarding flow of information in a system Simple Security Rule A subject cannot read data located at higher security level than that possessed by the subject (aka no read up) * - Property Rule A subject cannot write to a lower level than that possessed by the subject (aka no write down or confinement rule) Strong Star Property Rule A subject can perform both read and write functions only at the same level possessed by the subject
48
Security Models Bell-LaPadula Model Limitations
No provision for changing data access control. Only works well with access systems that are static in nature Doesn't address covert channels. Low-level subject can sometimes detect existence of a high-level object when it's denied access. Sometimes it's not enough to hide the content of an object, the existence may also need to be hidden Main contribution at expense of other concepts is confidentiality
49
Security Models Biba Model
Applies series of properties or axioms to guide protection of integrity Integrity Axiom A subject cannot write to a higher integrity level than that which he has access (no write up) Simple Integrity Axiom Subject cannot read to a lower integrity level than that which he has access (no read down) Invocation Property A subject cannot invoke (request service) of higher integrity
50
Security Models Clark-Wilson Integrity Model
Describes series of elements used to control integrity of data User - an active agent TP (Transformation Procedure) - An abstract operation like read, write, modify implemented via programming CDI (Constrained Data Item) - Item that can be manipulated only through a TP UDI (Unconstrained Data Item) - An item that can be manipulated by a user via read and write operations IVP (Integrity Verification Procedure) - A check of the consistency of data with the real world
51
Security Models Clark-Wilson Integrity Model part 2
Enforces its elements by allowing data to be altered only through programs and not directly by users. Goals are separation of duties and well-formed transactions Separation of duties - ensures certain operations require additional verification Well-Formed Transaction - Ensures all values checked before and after transaction by carrying out particular operations to complete change of data from one state to another
52
Security Models Lipner Model
Combines elements of Bell-LaPadula and Biba
53
Security Models Brewer-Nash (Chinese Wall) Model
If users accesses data set A, then set B is now unavailable Goal is to protect against conflicts of interests by tracking previous requests. Introduced concept of allowing access controls to change dynamically based on user's previous actions
54
Security Models Graham-Denning Model
Attempts to address issue ignored by Bell-LaPadula - Deals with delegate and transfer rights.
55
Security Models Harrison-Ruzzo-Ullman Model
Restricts set of operations that can be performed on an object to a finite set to ensure integrity
56
Security Modes Dedicated Security Mode
Employs single classification level All users can access all data, but they must sign NDA and be formally approved for access on need-to-know basis
57
Security Modes System High Security Mode
All users have same security clearance. They do not all have a need-to-know clearance for all the information in the system
58
Security Modes Compartmented Security Mode
All users must have the highest security clearance (as in both dedicated and system high security) They must also have valid need-to-know clearance, signed NDA and formal approval for information they have access
59
Security Modes Multilevel Security Mode
Allows two or more classifications levels of information to be processed at same time
60
System Evaluation and Assurance Levels TCSEC Trusted Computer System Evaluation Criteria
Developed by National Computer Security Center for the DoD to evaluate products
61
System Evaluation and Assurance Levels Orange Book
Collection of criteria based on Bell-LaPadula model used to grade the security of a computer system
62
System Evaluation and Assurance Levels Red Book
Addresses network security
63
System Evaluation and Assurance Levels ITSEC
Addresses integrity and availability plus confidentiality Mainly set of guidelines used in Europe
64
System Evaluation and Assurance Levels Common Criteria
Uses EAL's (Evaluation Assurance Levels) to rate systems with each representing successively higher level of security testing and design in a system
65
TCSEC Classes A B C D
A - Verified protection A1 - Verified design B - Mandatory Protection B1 - labeled security protection B2 - structured protection B3 - security domains C - discretionary protection C1 - discretionary security protection C2 - controlled access protection D - Minimal protection
66
ITSEC Ratings functional requirements assurance requirements
10 classes F1 to F10 to evaluate functional requirements 7 classes E0-E6 to evaluate assurance requirements
67
Common Criteria Assurance Levels EAL 1-7
EAL1 - Functionally tested EAL2 - Structurally tested EAL3 - Methodically tested and checked EAL4 - Methodically designed, tested and reviewed EAL5 - Semi-formally designed and tested EAL6 - Semi-formally verified design and tested EAL7 - Formally verified design and tested
68
Common Criteria Uses Protection Profile during the evaluation process
Protection profile contains these elements descriptive elements rationale functional requirements development assurance requirements evaluation assurance requirments
69
Certification vs Accreditation
Certification evaluates technical system components. comes before accreditation Accreditation occurs when adequacy of a system's overall security is accepted by management
70
Accreditation process by NIACAP has 4 phases
Phase 1 - definition Phase 2 - Verification Phase 3 - validation Phase 4 - Post accreditation
71
Types of accreditation
Type accreditation - evaluates application or system distributed to different locations. Not accredited by location, but by type System accreditation - evaluates application or support system Site accreditation - evaluates application or system at a specific self-contained location
72
Security Architecture Threats Maintenance Hooks
built into code (aka back door) that allows developers access without normal controls
73
Security Architecture Threats Time of check / time of use attacks
attempt to take advantage of sequence of events that occur as the system completes common tasks
74
Security Architecture Threats Web based attacks
operate by making normal or modified requests aimed at taking advantage of inadequate input validation and parameters, or instruction spoofing
75
Security Architecture Threats Server based attacks
focuses on operations of the server OS, rather than web applications
76
Addressing concerns with XML Define SAML and OWASP
SAML Security Assertion Markup Language - XML based open standard data format for exchanging authentication and authorization data, mainly between identity provider and service provider OWASP Open Web Application - open source application security project. They create guidelines, testing procedures and tools to help web security. Maintain top-ten list of web application security risks
77
Database Security Concepts Inference
Occurs when someone has access to info at one level that allows them to infer info about another level
78
Database Security Concepts Polyinstantiation
Main mitigation technique for inference Development of a detailed version of an object from another object using different values in the new object
79
Database Security Concepts Aggregation
Assembling or compiling units of information at one sensitivity level and having the resultant totality of data being of a higher sensitivity level than the individual components
80
Database Security Concepts Contamination
mixing of data with one sensitivity level, with another
81
Data Mining Warehouse
repository of information from various databases lets multiple data sources to be stored in one place and organized so that redundancy is reduced (aka data normalizing) data mining tools used to manipulate data and discover relationships
82
Distributed Systems Security Special cases where extra security concerns may be needed Cloud Computing Grid Computing Peer to Peer Computing
Cloud - centralizing data in web environment Grid - harnessing power of multiple computers to perform a job P2P - any client-server solution where any platform can be a client or server or both
83
4 Characteristics of ActiveX Data Objects (ADO)
high-level programming interface to an underlying data access technology like OLE DB set of COM objects for accessing data sources (not just database access) Allows developers to write programs that access data without knowing how database is implemented SQL Commands not required to access database when using ADO
84
In computer crime, what does MOM stand for?
Means Opportunity Motives
85
What does the Operating System's Control Unit do?
fetches programming code, interprets it, oversees execution of the instruction sets. It manages and synchronizes the system while different applications' code is being executed
86
What are 3 types of Digital Forensic Science?
Media Analysis Software Analysis Network Analysis
87
What type of DFS is referred to as "computer forensics"
media analysis
88
What encrypts all the data in a communication path including the header, trailer and routing information? End to End Encryption Link Encryption
Link Encryption
89
What generation does machine language exist in?
generation one ``` 1 - machine 2 - assembly 3 - high level 4 - very high level 5 - natural ```
90
What is least important when quantifying risks associated with a potential disaster? a. gathering information from agencies that report on disasters b. ID company's key functions c. ID critical systems d. estimating potential loss and impact
gathering information from agencies that report probability of certain natural disasters is the least important
91
What is key clustering?
when different keys generate the same ciphertext for the same message
92
The 5 defined maturity levels of the CMMI (Capability Maturity Model) ``` I R D M O ```
``` Initial Repeatable Defined Managed Optimizing ```
93
Are increased developmental testing and using only operational data - good remedies to buffer overflows?
yes
94
Do stateful inspection firewalls pay attention to previous packets and monitor the sequence and acknowledgement numbers of a connection, to understand when a packet could be out of sequence?
yes
95
Should you put smoke detectors near exterior rear doorways?
No
96
Do block ciphers perform substitution by using S-Boxes? (substitution boxes)
yes they use lookup tables to determine how a block is encrypted or decrypted, the key is used to decide on the s-box to use for each block
97
Does parallel computing happen at these 3 levels? user mode, kernel mode, or OS level or these 3 levels? bit, instruction, task
bit, instruction, task
98
identifying openings in a target's network is called what?
port scanning | not fingerprinting
99
What is a B3 TCSEC rating? What are its requirements?
B3 requires: trusted recovery monitors events and notifies appropriate personnel security administrator role defined (doesn't require formal methods and procedures) Class A rated product requires all of B3 plus formal methods and procedures
100
Does the Clark-Wilson model address confidentiality?
No It's an integrity model. It's better suited for the commercial industry than Bell-LaPadula which is a confidentiality model. It prevents unauthorized users from changing data Provides internal and external consistency prevents authorized users from improperly changing data
101
Key features of the Caesar Cipher
ROT 3
102
what percentage of businesses would go out of business if they had to close for only one week?
65%
103
Are products that pass through the Trusted Products Evaluation Program (TPEP) published in the List of Evaluated Products?
yes
104
Do you use CGI scripts or executables in a website to respond dynamically to code?
yes CGI scripts or executables translate, respond to requests, build new web pages and send them to the user.
105
Federal Sentencing Guidelines of 1991
Specifically for white collar crime Detailed specific responsibilities of senior executives Encouraged implementing security policies and a security program
106
What happens in the acceptance testing/implementation phase?
QA does testing Product is integrated into desired network Product is given to customer for certification and accreditation (But the product is NOT used in intended environment)
107
define a disaster in terms of length of time
disasters affect a business for one day or more
108
define a catastrophe in terms of length of time
catastrophes affect a business for weeks, months or years
109
Data mart
collection of data that fulfills a specific need / is targeted at one group or for a specific objective
110
What's so special about ISO/IEC 15408?
used as the basis for evaluating security products under the CC framework (common criteria)
111
Is DEA the algorithm used in DES?
yes
112
Are locks considered delaying devices?
yes
113
What are the 3 ways a computer can react to a problem / failure?
emergency system restart system reboot system cold start
114
How much stronger is 3DES than DES?
2^56
115
Why is computer generated or electronic information often categorized as hearsay (secondhand) evidence?
Because computer files and systems can be modified after the fact without others being aware
116
What happens in the project initiation phase?
formal introduction of project to participating parties entire scope is overviewed initial risk analysis performed (customer requirements are too granular and are performed in second phase)
117
Is tort law the same as civil law?
yes they typically don't require same degree of burden of proof that criminal cases require
118
multithreading
processing more than one request or thread at once
119
multitasking
processing more than one task or process at once
120
multiprocessing
multiple CPU's and processing separate instructions in parallel
121
Maximum Tolerable Downtime for: ``` critical urgent important normal non-essential ```
``` critical - minutes to hours urgent - 24 hours important - 72 hours normal - 7 days non-essential - 30 days ```
122
Define domain
set of resources available to a subject | subject can be a user, process, application
123
Define security domain
resources in the domain are working under the same security policy and managed by the same group
124
Why does the Internet Architecture Board sound like a bunch of wankers?
They state the "internet is a privilege and should be treated and used with respect"
125
What was cool about the Gramm-Leech-Bliley act of 1999?
Required financial institutions to tell customers their privacy rights requires Sr. executives to be accountable for security issues and provide training to employees about security
126
Chosen ciphertext
attackers possesses ciphertext and chooses which parts are decrypted. Those decrypted portions are analyzed to find the key
127
Why is computer generated or electronic information often categorized as hearsay (secondhand) evidence?
Because computer files and systems can be modified after the fact without others being aware It is admissible when the output is generated as part of normal business activities and not just once for the court, and has testimony of the person who generated them
128
When do you apply corrective controls?
when a situation needs correcting (fixing)! For instance, after an attack occurred, or after a vulnerability was found
129
Is accountability a characteristic of an identity?
no
130
to hold a person accountable, do you need uniqueness or accountability
uniqueness because accountability isn't a characteristic
131
Enticement vs Entrapment
Enticement - Honeypot that records attacker Entrapment - tricking attacker into committing a crime
132
Polymporphism
two different objects responding to same command in different ways objects are derived from different classes, so the respond differently to same command.