Security Engineering

Question 1

Ability to deduce (infer) sensitive or restricted information from observing available information.

Answer 1

Inference

Question 2

Primarily concerned with how subjects and objects are created, assigned rights or privileges, and how ownership is managed.

Answer 2

Graham-Denning

Question 3

Defines the organizational structure and skill requirements of an IT Org as well as the set of operational procedures & practices that direct IT operations & infrastructure, including information Security operations

Answer 3

IT Infrastructure Library (ITIL)

Question 4

Represents the total number of possible values of keys in a cryptographic algorithm or other security measure, such as a password

Answer 4

Key Space

Question 5

Formula to determine how many keys in PKI environment

Answer 5

N(N-1)/2

Question 6

The size of the key, usually measured in bits or bytes, which a cryptographic algorithm used in ciphering or deciphering protected information.

Answer 6

Key Length

Question 7

Performs certificate registration services on behalf of a CA

Answer 7

Registration Authority (RA)

Question 8

Involves the removal of characteristics from an entity in order to easily represent its essential properties

Answer 8

Abstraction

Question 9

The study of techniques for attempting to defeat cryptography techniques and information security services

Answer 9

Cryptoanalysis

Question 10

Smart networked systems with embedded sensors, processors, & actuators that are designed to sense & interact with the physical world & support real-time, guaranteed performance in safety-critical apps

Answer 10

Cyber-Physical Systems

Question 11

Maintains activities at different security levels to separate these levels from each other

Answer 11

Data Hiding

Question 12

The science that deals with hidden, disguised, or encrypted communications. It embraces communications security & communications intelligence

Answer 12

Cryptology

Question 13

A repository for information collected from a variety of data sources.

Answer 13

Data Warehouse

Question 14

Electronic document that contains the name of an Org or individual, business address, digital signature of the CA issuing the certificate, the certificate holder’s public key, a serial number, & expiration date

Answer 14

Digital Signature

Question 15

Provided by mixing up the location of the plaintext throughout the ciphertext

Answer 15

Diffusion

Question 16

The reverse process from encoding-converting the encoded message back into its plaintext format

Answer 16

Decoding

Question 17

Attempt to take advantage of how a system handles multiple requests

Answer 17

State Attacks

Question 18

Holistic life cycle for developing security architecture that begins with assessing business requirements & subsequently creating a “chain of traceability” through the phases of strategy, concept, design, implementation, & metrics

Answer 18

Sherwood Applied Business Security Architecture Framework (SABSA)

Question 19

Diving a computer’s memory into segments

Answer 19

Segmentation

Question 20

An area or grouping within which a defined set of security policies & measures are applied to achieve a specific level of security

Answer 20

Security Zone of Control

Question 21

An XML-based standard used to exchange authentication & authorization information.

Answer 21

Security Assertion Markup Language (SAML)

Question 22

Holds data not currently being used by the CPU & is used when data must be stored for an extended period of time using high-capacity, nonvolatile storage.

Answer 22

Secondary Storage

Question 23

Provides a structured methodology for documenting security requirements, documenting & validating security capabilities, & promoting international cooperation in the area of IT Security

Answer 23

Common Criteria

Question 24

Provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns.

Answer 24

Community Cloud Infrastructure

Question 25

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter.

Answer 25

Confusion

Question 26

Provides a set of generally accepted processes to assist in maximizing the benefits derived using IT & developing appropriate IT governance

Answer 26

Control Objectives for Information and Related Technology (COBIT)

Question 27

Communications mechanisms hidden from the access control & standard monitoring system of an information system.

Answer 27

Covert Channels

Question 28

Logical structure for identifying & organizing the descriptive representations (models) that are important in the management of enterprises & to the development of the systems, both automated & manual, that comprise them.

Answer 28

Zachman Framework

Question 29

Represents the time & effort required to break a protective measure.

Answer 29

Work Factor

Question 30

Process of reordering the plaintext to hide the message.

Answer 30

Transposition

Question 31

Architecture content framework (ACF) to describe standard building blocks & components as well as numerous references models.

Answer 31

The Open Group Architecture Framework (TOGAF)

Question 32

Core of an OS, & one of its main functions is to provide access to system resources, which includes the system’s hardware & processes.

Answer 32

System Kernel

Question 33

A non-secret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance & to synchronize cryptographic equipment.

Answer 33

Initialization Vector

Question 34

Composition of two or more distinct cloud infrastructures (private, community, cloud, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data & application portability.

Answer 34

Hybrid Cloud Infrastructure

Question 35

Action of changing a message into another format through the use of a code.

Answer 35

Encoding

Question 36

Used to provide computing services in a small form factor with limited processing power.

Answer 36

Embedded Systems

Question 37

Provide authentication of a sender & integrity of a sender’s message.

Answer 37

Digital Signature

Question 38

A broad range of technologies that grant control & protection to content providers over their own digital media

Answer 38

Digital Rights Management (DRM)

Question 39

Provides a foundation upon which organizations can establish & review information technology security programs.

Answer 39

“Generally Accepted Principles & Practices for Securing Information Technology Systems” (NIST SP 800-14)

Question 40

The storage of programs or instructions in ROM.

Answer 40

Firmware

Question 41

Focused on setting the long-term strategy for security services in the enterprise.

Answer 41

Enterprise Security Architecture (ESA)

Question 42

Used to control industrial processes such as manufacturing, product handling, production, & distribution.

Answer 42

Industrial Control Systems (ICS)

Question 43

Accepts an input message of any length & generates, through a one-way operation, a fixed-length output.

Answer 43

Hash Function

Question 44

Describes the essential characteristics of an organization’s security engineering process that must exist to ensure good security engineering.

Answer 44

ISO/IEC 21827:2008, The Systems Security Engineering - Capability Maturity Model (SSE-CMM)

Question 45

Process of exchanging one letter or byte for another.

Answer 45

Substitution

Question 46

Operate with a single cryptographic key that is used for both encryption & decryption of the message.

Answer 46

Symmetric Algorithms

Question 47

When a cryptosystem performs its encryption on a bit-by-bit basis.

Answer 47

Stream-based Ciphers

Question 48

Describes the behavior of a system as it moves between one state & another, from one moment to another.

Answer 48

State Machine Model