test1 Flashcards
1
Q
3 components of security education
A
Policy - what to do
Training - skills for doing it
Awareness - changes behavior
2
Q
BPA, MOU/A, ISA
A
Business Partership Agreement: good for addressing ownership, profit & loss, clearly lays out who makes what decision, who owns what part of company
Memorandum of Understanding/Agreement: when two organizations connect their networks together, who owns what info, who is responsible for what actions, who has liabilities for particular exposures
Interconnection Security Agreement: typically part of MOU, involves who is allowed to keep info if partners separate. dictates technical security requirements associated with two organizations connecting networks
3
Q
CIA Triad vs DAD
A
CIA: Confidentiality (preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary data), Integrity (guarding against improper data modification, includes ensuring information non-repudiation and authenticity), Availability (ensuring timely and reliable access to and use of information)
DAD (logical opposite of CIA): Disclosure, Alteration, Destruction
4
Q
Controls are implemented across what three levels? Give examples for each
A
Administrative (aka directive): background checks, policies/procedures
Technical: encryption, smart cards
Physical: locks, securing laptops/magnetic media, protection of cable
5
Q
Criminal vs Civil
A
Criminal: possible to get jail time, burden of proof is beyond a reasonable doubt (99.9%)
Civil: tip of scale (50.1%)
6
Q
CVSS
A
Common Vulnerability Scoring System
7
Q
Draw chart of 5 types of documentation
A
refer to “Types of Documentation - Drawing 1B”
8
Q
Draw the qualitative RA matrix
A
Qualitative Risk Analysis Matrix helps identify most significant risks to organization
Likelihood on left vertical, Impact top horizontal (high med low)
Refer to “Qualitative RA Matrix - Domain 1 pg 67”
9
Q
Due Care vs Due Diligence
A
Due Care: minimal customary practice aka the “Prudent Man Rule”; are you doing what a reasonable organization would do when implementing security
If you trip and fall on property with steak knives sticking up from the ground you could sue for due care since Eric didn’t do what a normal person would do
Due Diligence: maintaining proper environment
If someone else did it and Eric was aware but didn’t change or alter it, then someone could sue Eric for Due Diligence
10
Q
Excessive risk
A
means above acceptable level of risk for executive / data owner; excessive does NOT mean a lot of risk
11
Q
Fork bomb
A
attack that says while 1=1 (which is always the case) keep forking out (starting new process) until all memory is used and system crashes
12
Q
Formula for Risk
A
risk = threat x vulnerability
threat drives calculation, vulnerability reduces the risk
threat: potential for harm, can be internal/external/competitor/govt (hurricanes, snowstorms, viruses, worms)
vulnerability: weakness (unpatched system, default install)
13
Q
Fraggle
A
variation of smurf involving spoofed UDP datagrams sent to UDP port 7
14
Q
IAAA
A
Identification: means by which users claim their identities to a system
Authentication: establishes, tests or reconciles a user’s identity
Authorization: rights/permissions granted to an individual (or process) that enable access to a computer
Accountability: system’s ability to determine actions of single individual within a system, shows that a particular individual performed a particular action e.g. audit trails and logs
15
Q
LAND attack
A
creates recursive loop which crashes system e.g. from 192.168.1.1 to 192.168.1.1 on 8080
16
Q
List all quantitative formulas
A
SLE (Single Loss Expectancy) = EF (exposure factor) x AV (asset value)
ARO (Annualized Rate of Occurrence)
ALE (Annualized Loss Expectancy) = SLE x ARO
TCO (Total Cost of Ownership)
ROI (Return on Investment)
Cost/Benefit Analysis
17
Q
List all types of controls and examples of each
A
Preventative: locks on doors, firewalls
Detective: goes off during attack (alarm systems, IDS), means preventative failed
Corrective: short-term fix to prevent future attacks (police guards, evacuation)
Compensating: alternative control (one-way firewall in hospital if MRI system could never be connected to network but doctors need info from it)
Recovery: long-term fix
Suppressive: where you detect and respond to deal with a problem
18
Q
Name a directive control that is a strategic user-focused document?
A
Policy
19
Q
Name and define the 5 types of documentation
A
- Policy - high level statement of what to do, should be specific, measurable, achievable e.g. All servers must be properly hardened by patching and turning off services
- Procedure - details of how to do it e.g. the security configuration must be applied when a system is built
- Standard - specifies a certain way something should be done or a certain brand/type of equipment to be used e.g. Admins must use Windows Server 2012 R2 as the base operating system
- Baseline - more specific implementation of a standard, specific technical details of how a system’s hardware/software should be configured; usually a baseline starts off as a guideline until it has been properly modified to meet the needs of org; e.g. The specific settings for Win Server 2012 R2 should match those in the CIS Security Benchmark
- Guideline (optional) - recommended way of doing something; best practice might start off as a guideline and if analysis shows there is great benefit, it may become a standard (mandatory) e.g. to ease the config, local GPOs can be used to roll out the changes
20
Q
Name different types of DoS attacks
A
DoS attacks:
- Crafted Packets
- Ping of Death
- LAND attack
- Tear drop
- Flooding
- Syn flood
- Smurf
- Fraggle
DDoS - compromising multiple machines to attack the victim
-Fork bomb
21
Q
OCTAVE
A
Operationally Critical Threat, Asset and Vulnerability Evaluation
22
Q
password guessing vs password cracking
A
Guessing (online, where you try to guess at website login prompt but subject to account lockout)
Cracking (offline, no account lockout but need raw encrypted passwords)
23
Q
PCI DSS
A
Payment Card Industry Data Security Standard - aka dirty dozen (12 requirements), know in general the 12 goals (don’t need to know order):
Install/maintain firewalls, no vendor default passwords/parameters, protect stored data, encrypt transmission of data across public network, use/update antivirus, develop/maintain secure systems and applications, restrict access to cardholder data by business need to know, authenticate access to system components, restrict physical access to cardholder data, track and monitor all access to network resources to cardholder data, regularly test security systems/processes, maintain a policy that addresses information security for all personnel
24
Q
Ping of Death
A
buffer overflow attack, if you send ping packet larger than the largest size you can
25
Privacy Act of 1974
Info about individuals will be kept private and if it needs to be disclosed the person will be notified; regulated at state level
26
RFI, RFP, RFQ
Request for Information - helps you tailor the RFP
Request for Proposal - stage of procurement to determine which providers will bid for project and what their proposal looks like, more detailed than RFQ
Request for Quote - can sometimes ask for RFQ to make sure we have enough budget before doing a full RFP
27
SLA, OLA, ELA
Service Level Agreement: delivering certain level of service and if you don't there's penalties e.g. ISP delivers certain level of bandwidth with certain reliability
Operating Level Agreement: internal agreement that supports SLA e.g. you need to make sure you have enough staff to meet the SLA
Enterprise License Agreement: site licensing for software e.g. Microsoft licensing agreement for Windows software
28
Smurf attack
spoof victim's IP and sends ICMP Echo Request (ping) to directed broadcast; adversary sends out one request to broadcast address saying to 1 million computers to reply to "me" which is spoofed source address of person you want to bring down (smurfs singing down the street with hundreds joining like multiple packets growing together)
29
Syn flood
has table that keeps track of connections, if you fill up, no new connections can come in
30
Tear drop
putting a bunch of different puzzle pieces that could never be put together
31
Third party governance
Before purchasing third party products, assess exposures and risks, validate software, etc. COTS (Commercial Off the Shelf software) e.g. Windows/Office
32
Types of IP
Intellectual Property
Formal methods of protection:
Patent: public, can't just be an idea, needs to be reduced to practice, show how it actually works; govt does it to encourage people to share best way to do something and share with society, then we'll give you 20 yr monopoly
Copyright: creator of work is implied owner of copyright e.g. monkey who took selfies had copyright, not photographer
Trademark: "Ultimate driving machine", "Just do it"
Informal means of protection:
Trade secret: formula for coca cola (if it were patent it would be public)
33
What is an internal SLA?
OLA (Operating Level Agreement)
34
What is OECD?
Organization for Economic Co-operation and Development, 34 countries in Europe, strict controls for information held on your behalf
-Working Party on Information Security and Privacy develops non-binding guidance (member countries do not have to implement recommendations)
EUDPD (European Union's Data Protection Directive) - binding requirement for EU member states, considered more stringent than US Privacy laws
35
What is the ultimate output of threat mapping or attack services?
Security dashboard: visual representation that shows you where high exposures are and what systems they are on
36
What is TOC/TOU?
Time of Check / Time of Use; difference should always be zero e.g. if you put system online for two hours before it's fully patched and secured there's a good chance it will be compromised
37
What methodology is most common for scoring vulnerabilities? Name a second system as well.
CVSSv2 (Common Vulnerability Scoring System) is most common. Another is OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation)
38
Which country does not have one set of privacy laws?
The US since privacy laws are at a state level, not federal. All of Europe has one set of laws.
39
Your company has decided to perform a major technology overhaul. Which would best describe impact to the organization:
a) policies and procedures will need major revisions
b) policies and procedures will need minor revisions
c) minor revisions to policy and major revisions to procedures
d) minor revisions to procedures and major revisions to policy
Answer: c
40
__ is for industries where we are constantly in litigation, no one can say any info was modified or changed because it is not possible with this technology.
WORM (Write Once Read Many)
41
__ is volatile memory.
RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means
42
A __ creates/manages info e.g. salary data managed by HR dept, and is ultimately responsible even if the __ (internal/external entity accessing the data e.g. outsourced payroll company) gets breached.
Data controller, data processor
43
Customizing a standard for an organization, beginning with scoping, and then adding compensating controls and parameters (security configuration settings).
Tailoring
44
Data classification process
1. Identify who's in charge (Identify administrator/custodian)
2. Criteria for classification (Specify criteria for how information will be classified and labelled)
3. Classify the data with approval by the supervisor (Classify the data by its owner who is subject to review by a supervisor)
4. Document exceptions (Specify and document exceptions to the classification policy)
5. Determine controls (Specify controls that will be applied to each classification level)
6. Determine declassification (Specify the termination procedures for declassifying the information or for transferring custody of the information to another entity)
7. Make people aware of the classification process (Create an enterprise awareness program about the classification controls
45
Degaussing and sector-by-sector overwrite are good for __ media.
Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction
46
Describe FIPS 199 levels of impact for CIA
limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact
47
Describe options for securely erasing drives
Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction (more expensive but more secure)
-NOT effective on EEPROMs: sector-by-sector overwrites can miss data (since writes randomly), degaussing (since not magnetic)
48
Describe the house analogy in terms of who owns and manages the data
```
Data owner (CEO, board): designs the house, makes the high-level strategic decisions, ultimately responsible
System owner: designs the HVAC/electrical subsystem in the house; plans design/updates, supports system processes; delegated a portion of the design but ultimately the data owner can still overrule
Business owner: focuses on security priorities to support the mission
Custodian (DBA, engineer): builds the house; very tactical, does all activities that need to be performed on behalf of owner, hardening/locking down, changing network
User: lives in the house; running application to perform function, analyzes info
```
49
How can an EEPROM device be securely erased?
Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction
50
Process that involves determining applicable portions of a standard that will be followed.
Scoping
51
The __ describes SBU data where the impact for CIA is:
limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact
FIPS (Federal Information Processing Standards Publication) 199
SBU (Sensitive but Unclassified)
52
The __ documents computer security best practices. Their 800 series publications cover which general areas of security?
United States NIST (National Insitute of Standards & Technology). NIST Special Publications (800 series) include NIST 800-37: Risk Mgmt, NIST 800-53A: Recommended Security Controls, NIST 800-34: Contingency Planning, NIST 800-115: Security Testing & Assessment
53
The __ manages/monitors protocols and specifications of the Internet. They specify requirements via RFCs which must be followed by everyone e.g. TCP/IP protocols.
IETF (Internet Engineering Task Force)
54
The __ says that at least 85% of targeted cyber intrusions could be prevented by top 4 mitigation strategies:
- application whitelisting
- patch applications
- patch OS vulnerabilities
- restrict admin priveleges and applications based on duties
ASD (Australian Signals Directorate)
55
Types of primary memory
RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means its faster and you have less of it; SRAM is cache
Good to be familiar with "Computer Architecture (Map of Targets) - Drawing 3C" but basically just need to know and be able to draw out "Memory diagram - Drawing 2A"
56
Types of ROM
ROM (Read only memory): non-volatile
PROM (Programmable): modifiable once e.g. firmware
EPROM (Erasable & Programmable): not the norm
EEPROM (Electrically Erasable): flash memory, can be written e.g. USB flash drives, SSDs, BIOS chips so can be upgraded
PLD (Programmable Logic Devices): integrated circuit that can be modified programmatically, general technology for all EPROM
57
Types of secondary memory
Slower memory e.g. magnetic disks (HDD)
58
Types of sequential memory
Sequentially searching from beginning rather than directly accessing location e.g. tape, advantage is they are very cheap
59
What are valid ways to distribute classified data?
Valid Freedom of Information Act request, Non-Disclosure Agreements, Government contracts, court ordering you to distribute the data
NOT a valid way: age of data (that's just not possible; this is declassifying data, not distributing)
60
What does ISO stand for?
What does ISO 27001 and 27002 focus on.
Which one replaced ISO 17799?
International Organization for Standardization
ISO 27001: focuses on auditing (verifying that you're doing what you say you're doing)
ISO 27002: focuses on best practices, formalized process of setting up ISMS (InfoSec Mgmt System)
27002 is replacement for ISO 17799
61
Which role is responsible for computer hardware and software design plans and updates and also ensures that proper training is in place?
System owners
62
Which role sets the information security priorities to support the mission of the organization?
Business owner
63
Which term describes writing data to an EEPROM?
Flashing
64
__ encompasses __ and cryptanalysis
Cryptology, cryptography (hidden writing)
| Cryptanalysis (verifying security of algorithms)
65
__ has replaced CRLs.
OCSP (Online Certificate Status Protocol)
Analogous to police officer looking up status of one driver's license rather than downloading entire list of revoked licenses and comparing against that.
66
__ is the art and science of hiding the meaning of communication from unintended recipients.
Cryptography (hidden writing)
67
___ and ____ substitution are subject to frequency analysis.
Arbitrary and Rotation substitution
68
___ destroys patterns connecting the key to the ciphertext.
Confusion; substitution provides confusion
69
___ destroys patterns connecting the plaintext to the ciphertext.
Diffusion; permutation provides diffusion
70
___ is a block cipher that has replaced DES. It has 3 key sizes (128-bit, 192-bit and 256-bit) and it is the new FIPS (Federal Information processing standard) publication 197.
AES (Advanced Encryption Standard)
71
___ is a DES mode stream cipher. Ciphertext is used as feedback into the key generation source to develop the next stream. Ciphertext generated by performing an xor of the plaintext with the key stream. Ciphertext has same number of bits as plaintext. In this mode errors will propogate.
CFB (Cipher Feedback Mode)
72
___ is a DES mode that operates with plaintext blocks of 64 bits, uses randomly generated 64-bit IV that is xored with the first block of plaintext, and the result is encrypted using the DES key
CBC (Cipher Block Chaining)
- CBC fixes ECB by encrypting every message block with a different key
- IV (initialization vector, just random data) is combined with key to start, then at each block after that the ciphertext is combined (XOR-ed) with a different key to create the next block's key
73
___ is native mode of DES, is a block cipher, is applied to 64-bit blocks of plaintext and produces corresponding 64-bit blocks of ciphertext.
ECB (Electronic code book) creates patters in ciphertext, this is fixed by CBC
74
____ substitution is one-to-many and therefore counters frequency analysis.
Polyalphabetic e.g. A=RW,WT,SM, therefore RW can only map to A and so forth
75
__fish is symmetrical encryption. __fish is adaptive version of it.
Blowfish and twofish (adaptive version, unbreakable) are symmetric.
76
A __ reflects a current security posture captured in time.
State Machine
| Policy dictates and guarantees secure state changes
77
A ___ ___ binds an individual's identity to the public key.
Digital certificate
78
A ___ is a newer type of computer monitor that is better quality and more expensive.
CCD (Charge Coupled Discharge)
79
A ___ is an older, lower cost computer monitor.
CRT
80
A ____ cookie exists in memory and is deleted upon browser exit.
Session cookie
81
A ____ cookie is saved to disk and may be used long-term.
Persistent cookie
82
A collection of related data about an organization intended for sharing by multiple users.
Database
83
A commercial garage is which type of gate?
Class II Commerical gate
84
A hole on the side of a boat or building to let our water and avoid flooding is a __. This is a __ measure.
```
bilge pump (or sump pump), corrective
evacuation is another corrective measure
```
85
A momentary power loss is a __.
fault
86
A prison gate falls under which class?
Class IV Restricted gate e.g. prison, airport
87
A record or row in a database
Tupl (TUP-el)
88
A residential gate is which class?
Class I Residential gate
89
A set of low level commands a CPU knows how to execute could be a __ or __.
CISC (Complex Instruction Set Computer) or RISC (Reduced Instruction Set Computer)
90
A stream cipher generates the ciphertext key by xoring the plaintext with a keystream. Feedback is used to generate the key stream, therefore the key stream varies. IV is required in this DES mode.
OFB (Output feedback mode)
91
A type of control where you detect and respond to deal with a problem.
Suppressive
92
A type of cryptographic attack where you are changing plaintext and looking for differences in ciphertext
Differential analysis
93
A type of cryptographic attack where you are looking for patterns across messages trying to find weaknesses in crypto
Linear analysis
94
A type of probability where two different messages using the same hash function can produce a common message digest at a higher frequency than you would think.
birthday attack
| applies to collisions in hashing, teaches us that it will happen with higher frequency than you would think
95
A type of research model that ensures high-level actions (inputs) do not determine low-level user visibility (outputs). Given input there should be no way to predict an output.
Noninterference
96
A type of research which is similar to BLP in that objects are labeled based on security classes in the form of a lattice (graph). Data can flow in either direction.
Information flow
97
A user deduces information of higher sensitivity from lower sensitivity information
Inference
98
A virtual machine hosted by a third-party internet hosting company
VPS (Virtual Private Server); building block for cloud computing, providing IaaS (Infrastructure as a Service)
99
A way to verify that an entire database transaction has been completed and if it hasn't, we have the option to roll back to the original point and then re-run the transaction.
2-phase commit: vote first before committing (distributed databases)
100
Allowed to access certain pieces of info e.g. there's no system that will let me get address where you live but can go into one system and find out your zip code, another the street, another the house number and combine all that to find out where you live. This is called __.
aggregation
101
Alternative to Halon (which is no longer produced since it releases ozone-depleting substances)
FM200
| Need more of FM200 (7% concentration rather than 5% with Halon) and it takes longer to put fire out
102
An "Employees Only" or "Unauthorized Personnel will be prosecuted" sign is a ___ control.
Deterrent, deterring unauthroized access
103
An airport gate falls under which class?
Class IV Restricted gate e.g. prison, airport
104
Asymmetric encryption is the __ channel for the ____ key
Asymmetric, secure, secret
105
Asymmetric is a difficult (intractable) problem to solve via which three methods?
Factoring a large number into its prime (RSA)
Solving the discrete logarithm problem for finite fields (e.g. El Gamal)
Solving discrete logarithmic problems for elliptic curves (ECC)
106
Asymmetric requires smaller or larger key lengths to have the same effect as symmetric?
Asymmetric requires larger key lengths which makes it slower
107
Because DES is not a ___, multiple encryptions increase security.
group
| If something is a group then E(K2,E(K,M)) = E(K3,M)
108
Boolean operation that outputs 1 (true) when both inputs differ.
XOR (Exclusive OR)
109
CCTV are traditionally thought of as ___ controls.
Detective
110
Centralized vs Decentralized vs Distributed Data
Centralized: all your data is in one place, Decentralized: minimal or no sharing between sites, Distributed: there is sharing between locations
First ask yourself # of locations, if one it's centralized; if multiple ask if sharing, if so it's distributed, if no sharing it's decentralized
111
Changing the order of letters e.g. position 1 in message goes to position 4 in ciphertext, is called ___.
Permutation aka scrambling
112
Chosen plaintext attack with iterations of input based on knowledge of output
Adaptive chosen plaintext
After choosing the plaintext that gets encyrpted, the cryptanalyst can also choose other blocks to be encrypted which allows more analysis.
113
Contraband checks are primarily ___ measures
Detective but can also deter someone from doing something if they know there is a high chance they are going to be caught
Contraband checks include x-ray scanners, metal detectors, bag inspection
114
Crypto attack where plaintext is inserted into device with unknown secret key and corresponding ciphertext is generated
Chosen plaintext
Cryptanalyst is able to choose what plaintext gets encrypted and see the resulting ciphertext. Sometimes this can reveal info about the key.
115
Crypto attack where portion of ciphertext is known
Ciphertext only
| Goal is to recover one or more plaintext messages or the key used to encrypt the messages
116
Crypto attack where portions of plaintext and corresponding portions of ciphertext are known
Known plaintext
Goal is to find the key used to encrypt the ciphertext or an alternate algorithm to decrypt any message with a key the cryptanalyst knows.
117
Crypto attack where there is chosen ciphertext attack with iterations dependent upon previous results
adaptive chosen ciphertext
118
Cryptographic attack where you get information from the chipset to find the cryptographic keys?
Side channel attack
119
Cryptographic attack where you use algorithms and mathematics to deduce key or reduce key space to be searched.
Analytic attack
120
Datacenter recommended temperature and RH (relative humidity)
70-74 F (21-23 C) ideal temperature range
| 40-60% ideal humidity range
121
Dedicated hardware chip that stores encryption keys?
TPM (Trusted Platform Module); can be used to authenticate the integrity of the BIOS, also supports/enhances full disk encryption
122
Describe the steps of Common Criteria
created by ISO (2nd intl attempt after Europeans' ITSEC classes); Need to know 7 layers pg 23, all have "tested" in them; EAL (Evaluation Assurance Level) is applied to product rather than system
EAL 1: Functionally tested, EAL 2: Structurally tested, EAL 3: Methodically tested and checked, EAL 4: Methodically designed, tested, and checked, EAL 5: Semi-formally designed and tested, EAL 6: Semi-formally verified, designed, and tested, EAL 7: Formally verified, designed and tested
123
Describe the type of attack where an adversary gets you to click on link that has embedded scripting that causes you to connected to a legitimate site and bounce your credentials back to the adversary.
XSS (Cross-site scripting) reflects a script via a trusted website. XSS attacks commonly use JavaScript. XSS attack is based on lack of input validation or output encoding by websites e.g. where tags such as script (with less than sign before and greater than after) are allowed as input
124
Describe/Draw out the Ring Layer Protection
CPU/Memory/HDD are bones in your body, OS is muscle/skin that wraps around the bones; kernel is the brains of the computer. Refer to "Ring layer protection - Drawing 3A". Example of ring protection scheme (pg 37): Ring 3: User, applications, programs (least trusted), Ring 2: I/O drivers and utiltiies, Ring 1: OS components that are not part of the kernel, Ring 0: Operating system kernel (most trusted)
125
Difficulty in recovering the plaintext from the ciphertext as measured by cost and/or time
Work function (factor)
126
Digital certificates are the ____ channel for the ____ key.
trusted, public
127
Ensuring that if a session key is compromised, previously captured communications may not also be decrypted. This is called __.
PFS (Perfect Forward Secrecy)
128
Escrowed encryption standard is embodied in the US Government's clipper chip which used the ___ secret key algorigthm (now unclassified).
skipjack
129
Example of an algorithm used for solving the discrete logarithmic problem for finite fields
El Gamal
130
Examples of asymmetric crypto
DEER (Diffie Hellman, El Gamal, ECC, RSA)
| Also Merkle-Hellman Knapsack, Chor Rivest Knapsack, LUC
131
Examples of Hashing algorithms
HMAC, MD4, MD5, RIPEMD, SHA-1, SHA-2
132
Examples of symmetric (secret key) crypto
DES, 3DES, IDEA, RC4, RC6, AES
133
Extinguishers need to be within __ ft of any electrical equipment and at exits. Use the color __ to mark lettering on signs at exit points.
50 ft, red
134
Factoring a large number into its prime
RSA (Ron Rivest, Adi Shamir, Leonard Adleman)
135
Fence heights and levels of protection
3-4ft / 1 meter (deters casual trespasser)
6-7ft / 2 meters (too high to easily climb)
8ft / 2.4 meters + 3 strands of barbed wire (prevents determined intruder)
136
Fences are traditionally a ___ control but can also be ___.
deterrent, preventive
| On exam assume fences are deterrent unless they say 8ft / 2.4m with 3 strands of barbed wire which would be preventive
137
Fire protection and insurance industries support __, not __, as the primary method for extinguishing fires.
Water, not gas
| even in datacenter since most gas-based systems are not what they lived up to be
138
For asymmetric encryption the type of crypto attack you would do is ___.
Ciphertext attacks since you're after the private key which is used to decrypt. Otherwise you would be trying to crack the public key (used to encrypt) which you already have.
139
For critical areas around buildings you should install lighting at least __ high and with illumination of __ candles
8ft / 2.4m high with illumination of 2ft candles
140
For symmetric encryption the type of crypto attack you would do is ___.
Plaintext attack since you're after the secret key
141
Given the following encryption algorithm D(c,k7)=E which algorithm was used to encrypt the message?
E(m,k7)=c
They can call key whatever they want e.g. "k7", "purple" etc
They'll just do one level of substitution, not multiple levels
142
Hash functions provide what primary function in a cryptosystem?
Message integrity
143
Having a lot of databases with smaller amounts of data as opposed to having one big database with everything would be called __-oriented security.
impact-oriented security
144
Hiding functionality/details of a system e.g. when you drag and drop a file, there's thousands of processes going on but you only need to know drag and drop
Abstraction
145
Hiding in plain sight is ___.
Steganography - algorithm embeds secret message in host file in such a way that no one can detect or see that the host image was altered
Crypto is confidentiality, Stego is secrecy (match up "C" and "S")
146
Hybrid of wet and dry pipe systems. Valve holds back water (dry pipe), is opened and releases water to the nozzle head. Then the the nozzle head melts and releases the water (wet pipe system).
Pre-action
| This additional delay allows for manual intervention before water is released.
147
If a system is executing one instruction at a time, it uses a ___.
Scalar processor
148
If an attacker impacts a host operating system after compromising a VM, this is called __.
VMEscape; the attack is against the hypervisor or virtual devices controlled by the hypervisor
149
If data is __ it is kept in multiple sites but not shared.
Decentralized
150
If data is __ it is shared among mulitple sites.
Distributed
151
If one process crashes it doesn't affect all the others. What is this called?
process isolation
152
If our organization is looking at setting up a new infrastructure for storing information to better support the mission and we are designing out the databases that will store information, what will we use to accomplish this?
DDL (Data Definiation Language)
153
If the computer has more than one CPU and it can execute instructions in parallel it is called _____.
Multi-processing
154
If we have databases designed and we are now starting to build out the queries which would we use
DML (Data Manipulation Language) e.g. SQL
155
If you are in the middle of a transaction and you have data loss, which type of database fault tolerance are you using?
Shadow database
156
If you are in the middle of a transaction and you have no data loss, which type of database fault tolerance are you using?
Failover (database operations continue on a second server if the first server fails
157
If you have a 256 bit key and you want a robust algorithm how many bits of entropy would you want?
256, should be 1 bit of entropy for every bit to be truly random
158
If you were in the process of building a fully integrated system that can manage, query and analyze what would we be using? DML, DDL, DBMS, TPM
DBMS (Database Management System)
159
In EAL model what comes after "structurally tested"?
Methodically tested and checked
160
In hashing there is no actual "key" however what can the key length in hashing refer to?
Fixed length of the hash e.g. RIPEMD-160 uses 160-bit key length
161
In PKI, a __ will vouch for the binding between public keys, certificate holder identities and other attributes
ORA (Organizational Registration Authorities)
162
In SCADA the __ displays the information received in an easy to understand graphical way and also archive all the data received.
HMI (Human-Machine Interface) element
163
In SCADA the __ gathers data from the __ out in the field. The __ then presents data to the operator who analyzes/monitors the data and sends commands back to the __ and gets pushed back out to the __.
Supervisory (control) unit, RTU (Remote Terminal unit or Remote Telemetry Unit), HMI (Human-Machine Interface presents data to human behind keyboard), Supervisory (control) unit, RTUs
164
In SCADA the function of the __ is to collect the onsite information and this information is sent to a central location with the help of the communication element.
RTU (Remote Terminal Unit aka Remote Telemetry Unit)
165
In symmetric encryption the secret key goes over a ___ channel (which no one can see or intercept). In asymmetric it goes over a ____ channel for the public key so it needs to be verified via digital certificate
secure, trusted
| If can find a better way to say this in book, great, if not that's fine
166
In XOR if the inputs are 1 and 1 what is the output?
0. If inputs are 0,0, output is 0 (false). Output of 1 is true.
0,1 = 1; 1,0 = 1; 1,1 = 0
Output of 0 = False, Output of 1 = True
167
In XOR if the inputs are the same the output would be __, if different the output is __.
0, 1
168
In XOR if the output is false, what is the output?
Output of 0 = False, Output of 1 = True
169
Is ECC stronger or weaker than comparable RSA?
ECC is a lot stronger
170
Is ECC stronger or weaker than comparable symmetric ciphers?
ECC is twice as weak
171
Lights are a primarily ___ control.
Detective, but if you have a building lit up that can be a detterent as well
172
List classes of fire what they can be suppressed with
Class A: ALL common combustibles e.g. wood products, laminates (suppress with water or soda acid)
Class B: BOTTLE, you put liquids in a bottle e.g.gas petroleum, coolants (gas [Halon], CO2, soda acid)
Class C: CIRCUIT/CURRENT e.g. electrical, wires (suppress with gas, CO2)
Class D: Metals (suppress with DRY powder)
173
Look at "Digital signature 3". What is the message digest. What is the digital signature?
Message digest is top-right. Digital signature is bottom-left.
174
Look at "XSS Cookie Theft - Domain 3 Pg 71". When does the user's bank send the session ID back to the user? Which step did the user compromise the system? What does this type of attack teach us?
Step 3, Step 1. Need to do explicit error checking on character type
You may need to click on right number or drag-and-drop words into the steps that are occuring.
Facebook.example.com is referring to some kind of advertisement on facebook posted by adversary that you might click
175
Loss of all power is a __.
blackout
176
Making sure information you enter is consistent e.g. being required to enter a City/State and a ZIP code
Referential integrity
177
Momentary high voltage is a __.
spike
178
Momentary low voltage is a __.
sag
179
Most efficient standard method of encryption
block cipher
180
Motion and proximity detection systems are exampes of ___ systems.
Active
Motion system uses doppler, 3 types: sonic (audible sound waves), ultrasonic (high-frequency sound waves), microwave (radio waves)
Proximity: uses electronic field that senses presence of an object or individual
181
Name a system that performs many operations per instruction and another system that uses simpler instructions using fewer cycles.
CISC (Complex-Instruction-Set-Computer) versus RISC (Reduced-Instruction-Set-Computer), respectively
182
Only one person can be updating a database record at a given time and when that person is working on that information, the information is locked. This prevents integrity issues and is called __.
concurrency
| this way two people can't edit record at the same time
183
Photometric systems and acoustical-seismic detection systems are examples of ___ systems.
Passive
Photometric system - detects changes in light
Acoustical-seismic detection system - detects sounds that exceed ambient noise level of the protected area e.g. when you walk and foot pushes air around
184
Prolonged high voltage is a __.
surge
185
Prolonged low voltage is a __.
brownout
186
Proposed by Brewer and Nash to deal with CoI (Conflict of Interest) e.g. Microsoft hires the top 100 law firms so they can't be used in patent cases against Microsoft, opposing counsel would have to start with 101 draft pick law firm
Chinese Wall Model
187
Protected area of operating system responsible for memory, process, disk and task management?
Kernel
188
Short duration noise interference is __.
transient
189
Similar to dry pipe suppression system but uses larger amount of water when discharging.
Deluge suppression system
| Not recommended for use in datacenters since too much water. May use for book factory.
190
Similar to lattice (graph) except it is a spreadsheet with subjects (user, program, process) down and objects (passive entity e.g. file or storage resource) across with privileges (r/w/x) in each cell
Access matrix
Refer to Access control matrix - Drawing 3B". Columns of access matrix are called ACLs (access control lists), Rows are called capability lists
191
Software that will convert physical machines to software
P2V
192
SQL (Standard Query Language) is a type of ___.
DML (Data Manipulation Language
193
Standard format for digital certificates is ____
X.509
194
Symmetric encryption is ____ for the message.
confidentiality
195
Symmetric encryption requires one of these three secure key distribution channels.
Pre-shared secret, asymmetric encryption, D-H key exchange
196
Symmetric vs Asymmetric strength (key lengths)
112 (DES), 128/192/256 (AES) vs 2048, 3072, 7680, 15360 (RSA/DSA) vs 224-255, 256-383, 384-511, 512+
So ECC two times weaker than comparable symmetric ciphers and far stronger than RSA/DSA
197
Systems that are more efficient and use fewer cycles.
RISC-based systems (Reduced-Instruction-Set-Computer) since they use simpler instructions which use fewer cycles
198
The __ mediates all requests and only allows subject to access object if its label is equal to or greater e.g. user with secret clearance can access secret or confidential file but not top secret.
reference monitor
199
The Chinese Wall model is also know as the __ model.
Brewer Nash (aka Chinese Wall Model) deals with potential Conflict of Interest
200
The DB transaction is being done on both servers simultaneously so if primary fails you haven't lost any data. This database backup system which is more robust but more expensive is called __.
Fail-over database
201
The TCSEC, also known as the __, is a security evaluation model used to categorize and rank the overall security of a system.
TCSEC (Trusted Computer Security Evaluation Criteria) is frequently referred to as the orange book. It was created by the US DoD and is the grandfather of security evaluation models.
202
The theft of a PDA can pose a threat to which tenet(s) of the CIA triad?
All of them: Confidentiality, Integrity and Availability
203
This DES mode uses a 64-bit random number. There is a different counter for every block of text e.g. each subsequent block incremented by 1). Used by ATM and Ipsec
CTR (Counter Mode)
204
This system stores data and provides operations on the DB such as create, delete, update and search. It also provides security and integrity controls.
DBMS (Database Management System)
205
Type of crypto attack where the cryptanalyst knows something about the specific relationships between the keys
Chosen-key attack
| Contrary to what the name suggests, the cryptanalyst does not choose the key, that would not leave much to reveal
206
Type of cryptographic attack where you are looking at the statistical chraracteristics of the language or weaknesses in keys.
Statistical analysis
207
Type of encryption used for authentication?
asymmetric e.g. LUC, RSA, etc
208
Type of encryption used for real-time communication such as VoIP.
stream cipher
209
Type of sprinkler system always filled with water up to the sprinkler head. Plastic holding back the water in the nozzle melts and releases the water under pressure
wet pipe suppression system
210
Type of sprinkler where water is held back at a distance from the sprinkler head by a valve. When temp hits 165 F the valve opens and water flows
dry pipe suppression system
| The delay of the water surge allows computer systems to power down to avoid water damage
211
Unique key for every single message
one-time pad; the key has the same length as the message
212
Verifying that the data values are correct e.g. if a name, make sure it's letters, if zip code, ensure it's numbers
Semantic integrity
213
Visible data hiding (hidden in the file but visible on the file) is ___.
digital watermarking
| embedding information in a file to show ownership; if removed it destroys the file
214
Water draining away from the building is __ drain. Similarly HVAC pushing air out of the building is __ pressure.
Positive drain, positive pressure
215
We are using both ESP and AH to communicate between client and server. How many SAs do you need?
Four
If the AH protocol is used and bi-directional communication is required two SAs must be established. If both the AH and ESP protocols are to be employed bi-directionally, four SAs are needed.
216
What are all the integrity-focused security models
Biba, Clark-Wilson, Non-Interference, Chinese Wall
217
What are all the security-relevant parts of a system called?
TCB (Trusted Computing Base)
218
What are examples of encryption algorithms that are based on the difficulty of solving the discrete logarithm problem as applied to elliptic curves?
Elliptic curve El Gamal encryption and signature schemes, Elliptic curve D-H key agreement scheme, Elliptic curve Schnorr signature scheme, ECDSA (Elliptic Curve Digital Signature Algorithm)
219
What are the 4 different types of data models?
hierarchical, mesh, object-oriented, relational
| For exam don't need to know details, just generally know them
220
What are the Digital Signature steps?
1. Sender creates plaintext and generates a message digest
2. Sender encrypts the message digest with his private key, creating a digital signature
3. Sender attaches the digital signature to the document
Digital signatures alone do not provide confidentiality. The message is still in plaintext. Another form of encryption must also be used.
221
What are the goals of cryptography
Confidentiality uses Symmetric - requires a secure key distribution channel: Pre-shared key, asymmetric, Diffie Hellman key exchange; attacks focused on plaintext and encryption process
Data Integrity uses Hashing; collision OK if no way to predict, similar items will not collide
Authentication uses Asymmetric - public keys are sent via digital certificates; private keys kept private; attacks focused on ciphertext and decryption process
Non-repudiation (Integrity/Authentication) uses Digital Signatures (Hash+Asymmetric) - Message hash encrypted with senders private key
222
What are the three most important smart phone security considerations?
Unlock code should be required
Encryption
Remote wiping capabilities and procedure
223
What asymmetric encryption algorithms are based on the difficulty of solving the discrete logarithm problem for finite fields?
El Gamal (main one), Diffe-Hellman key agreement scheme, Schnorr signature scheme, NIST's DSA (Digital Signature Algorithm)
224
What class does petroleum fall under?
Class A: ALL common combustibles e.g. wood products, laminates (suppress with water or soda acid)
Class B: BOTTLE, you put liquids in a bottle e.g.gas petroleum, coolants (gas [Halon], CO2, soda acid)
Class C: CIRCUIT/CURRENT e.g. electrical, wires (suppress with gas, CO2)
Class D: Metals (suppress with DRY powder)
225
What controls the flow of execution in a program?
CPU control unit
226
What coordinates system activities during execution of code?
CPU control unit
227
What describes the amount of randomness or disorder per bit?
Entropy
228
What enables concurrent execution of multiple instructions?
Superscalar processor
229
What encryption algorithm is synonymous with Rijndael?
AES (Advanced Encryption Standard)
230
What encryption is based on factoring large integers into their two prime factors?
RSA
231
What entails ensuring that if a session key is compromised previously captured communications may not also be decrypted?
PFS (Perfect Forward Secrecy)
232
What government security model deals with government labels and confidentiality?
BLP (Bell-LaPadula) uses government labels e.g. top secret
233
What is a bunch of DBMS's together?
Data warehouse
234
What is a digital signature that uses a pre-shared key?
HMAC (Hashed Message Authentication Code). The message and a pre-shared key are combined and hashed multiple times e.g. DNS TSIG (transaction signature) which uses HMAC-MD5 to verify integrity and authenticity of DNS transfers such as zone transfers. It serves similar role to digital signature, using symmetric instead of asymmetric encryption. Used when complexity of PKI is not needed
235
What is a good resource to help you understand and identify issues, determining the top exposures in web apps?
OWASP (Open Web Application Security Project) e.g. the OWASP Top 10
236
What is a set of memory addresses managed by the OS that don't correspond directly to physical memory?
Virtual memory
237
What is a top priority when working with physical security?
Safety
238
What is an attack from VM to host OS or VM to another machine?
VMEscape; the attack is against the hypervisor or virtual devices controlled by the hypervisor
239
What is an exception that results in copying memory data to and from the hard disk?
Page fault
240
What is another name for UI redressing where a user is tricked into taking harmful action?
Click-jacking e.g. the user is tricked into clicking on a malicious link; a frame with a transparent window is overlaid on top of another; a user may think they are clicking Yes to Close Window but it's really disabling the firewall
241
What is combining different instructions?
Pipelining
242
What is executing multiple HWPs at the same time on one CPU?
Multi-tasking; a task I sa HWP (Heavy Weight Process)
243
What is executing multiple LWPs at the same time on one CPU?
Multi-threading; a thread is a LWP (Light Weight Process)
244
What is executing multiple programs at the same time on multiple CPUs?
Multiprocessing
245
What is it called when a digital signature is applied to an application?
Code signing. When the program is run the digital signature validates the integrity of the executable, and authenticates the executable creator.
E.g. Microsoft hashes the application (piece of code) and distributes it with the code; your system runs original execurtable through a hash with public key and tells you if it matches.
246
What is it called when an adversary achieves read/write access to the data tier by sending commands via the web server?
SQL injection, can be solved by input validation otherwise an adversary could put a script in there to end the command and then delete a table, run any type of payload, etc
247
What is it called when something has to occur immediately like a mouse click and regular CPU execution is temporarily put on hold?
Interrupt
248
What is one way to protect from an SSL attack?
never click through the SSL warning you get on a webpage
249
What is responsible for data transfer operations, arithmetic operations, data editing and decision making?
ALU (Arithmetic/logic unit)
250
What is the best way to stop web-based attacks such as buffer overflows, SQL injecting and XSS?
input validation - make sure it meets the requirements of letters, numbers, special characters
251
What is the best way to view access and verify least privilege?
Answer in general will be Access Control Matrix
252
What is the class of a factory gate?
Class III Industrial gate (or link gate) e.g. loading dock, factory
253
What is the computers capability to execute instructions in parallel due to the usage of multiple CPUs?
Multi-processing
254
What is the CPUs capability to process more than one program at the same time?
Multi-tasking
255
What is the formal acceptance of certification?
Accreditation
256
What is the most critical part / weakest link / biggest exposure with cryptography?
Managing and keeping the secret key (with symmetric) and private key (with asymmetric) private.
257
What is the primary goal of HMAC? Authenticity, Integrity or Confidentiality
Integrity
| Can also be used to provide authentication e.g. if you know my pre-shared key you must have been given access to it
258
What is the process of moving data to and from the hard drive, either writing to RAM or the physical disk?
Paging
259
What is the simplest form of memory addressing?
Direct addressing
260
What is used to define the database schema/environment?
DDL (Data Definition Language)
261
What object-oriented programming technology does not use sandboxing?
ActiveX
262
What object-oriented programming technology uses sandboxing?
Java
263
What performs the calculations or operations based on program calls?
CPU arithmetic logic unit (ALU)
264
What prevents certain information from ever being paged?
Locked memory
265
What prevents one process from affecting the confidentiality, integrity or availability of another?
process isolation
266
What provides non-repudiation?
Digital signatures
Combination of authentication and integrity; proves a document was signed by the owner and has not changed; digital signatures use both asymmetric encryption and a hash algorithm e.g. RSA and SHA-1
267
What security model includes No Read Down and No Write Up?
Biba
No Read Down (the Simple Integrity Property) ensures a user does not receive inaccurate data from a lower level that is less trustworthy
No Write Up (the Integrity * Property) protects someone from overwriting data at a higher security level with false information
268
What security model includes No Read Up and No Write Down?
BLP (Bell-LaPadula)
No Read Up (Simple Security Property), obvious for information leakage
No Write Down (* Property) to prevent write-down trojans from declassifying information
269
What security model includes the Simple Integrity Property and the Integrity * Property?
Biba
No Read Down (the Simple Integrity Property) ensures a user does not receive inaccurate data from a lower level that is less trustworthy
No Write Up (the Integrity * Property) protects someone from overwriting data at a higher security level with false information
270
What security model includes the Simple Security Property and the * Property?
BLP (Bell-LaPadula)
No Read Up (Simple Security Property), obvious for information leakage
No Write Down (* Property) to prevent write-down trojans from declassifying information
271
What stores instructions and data for current programs in use
Primary storage memory unit
272
What two encryption protocols might IPsec use?
AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels. ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, integrity and authentication. ESP used when data needs to be encrypted over untrusted network.
273
What type of crypto attack uses physical data, such as monitoring CPU utilization, to break a cryptosystem?
Side-channel attack
274
What type of encryption is Blowfish and Twofish?
Symmetrical
Blowfish: considered unbreakable using current technology
Twofish: adaptive version of blowfish
275
What type of encryption is Chor Rivest Knapsack?
Asymmetric
276
What type of encryption is Diffie-Hellman?
Asymmetric
Provides a method for exchanging symmetric keys via a public channel; symmetric keys may then be used to provide confidentiality
277
What type of encryption is ECC?
Asymmetric
| computing elliptic curves over finite fields
278
What type of encryption is El Gamal?
Asymmetric
| solving the discrete logarithm problem over finite fields
279
What type of encryption is IDEA?
Symmetric, IDEA (International Data Encryption Algorithm), symmetric algorithm using a 128-bit key
280
What type of encryption is LUC?
Asymmetric
281
What type of encryption is Merkle-Hellman Knapsack
Asymmetric
282
What type of encryption is RC4?
Symmetric
283
What type of encryption is RC5?
Symmetric. Block cipher of variable block length (typically 32,64,128 bits)
RC3, RC4, RC5, RC6, etc are all symmetric. Key size can range from 0 to 2048 bits, patented by RSA data security in 1997
284
What type of encryption is RIPEMD?
Hashing
285
What type of encryption is RSA?
Asymmetric
| factoring large integers into their two prime factors
286
What type of encryption is SHA?
Hashing
287
What type of gate is a loading dock gate?
Class III Industrial gate (or link gate) e.g. loading dock, factory
288
What type of model shows you what info can and cannot be accessed based on graphical information flow.
It is graphical representation (with directed arrows) of what the reference monitor will enforce.
Lattice model
Requires that every subject and object be labeled with a security designation, access is based on comparison of those labels e.g. personnell with confidential clearance can access only resources labeled confidential or unclassified
289
What type of system is typically used to control industrial equipment including power plants, elevators, prison doors, pipelines and HVAC
SCADA (Supervisory Control and Data Acquisition) systems
290
What was the first common European standard to delineate between functionality and assurance. It's also known as the flexible version of orange book.
ITSEC (Information Technology Security Evaluation Criteria) classes
They later realized it was too complicated and didn't work so ISO started Common Criteria.
So it was Orange Book (TCSEC, Trusted Computer Security Evaluation Criteria), then ITSEC classes, then Common Criteria.
291
What would ROT-3 on Y would be __.
B since it wraps around, Z would wrap around to C, etc
292
What would we use in the early stages of designing out the databases?
DDL (Data Definiation Language)
293
When a CPU can process more than one user program at the same time (or virtually the same time) it is called _____.
Multitasking
294
Which encryption protocol is part of IPsec and is used for internal tunnels only and protects the entire packet including headers?
AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels.
ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, in
295
Which encryption protocol is part of IPsec, protects the payload only and provides confidentiality?
ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, in
AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels.
296
Which integrity model focuses on internal consistency and external consistency?
Clark-Wilson. Deals with Integrity, focused on commercial application
Unauthorized users cannot make changes, authorized users cannot make unauthorized changes. Maintains internal and external consistency at the system level
297
Which integrity model focuses on well-formed transactions and separation of duties?
Clark-Wilson. Integrity enforced through well-formed transactions (e.g. C-W verifies after selling an item that inventory is correct before proceeding) and separation of duties (dash should remind you of separation of duties)
It is application-oriented rather than a general model like BLP or BIBA
298
Which is best asymmetric algorithm for mobile phones?
ECC (Elliptic Curve Crypto)
| tighter, faster code
299
Which memory ring do programs usually operate in?
Ring 3: User, applications, programs (least trusted)
300
Which memory ring do the drivers and utilities operate in?
Ring 2: I/O drivers and utilities
301
Which memory ring do the OS components that are not part of the kernel operate in?
Ring 1: OS components that are not part of the kernel
302
Which memory ring does the kernel operate in?
Ring 0: Operating system kernel (most trusted)
303
```
Which of following is NOT a method for locking down a smart phone?
Make sure there is unlock code on device
Register device with HR
Encrypt the device
Have remote wiping capabilities
```
Register device with HR
304
Which organization is responsible for creating RFCs?
IETF (Internet Engineering Task Force)
305
Which security model deals wth CoI?
Brewer Nash (aka Chinese Wall Model) deals with potential Conflict of Interest
306
Who creates encryption algorithms?
Cryptographers
307
Who dedicates their lives to breaking ciphers?
cryptanalysts
308
Why is 3DES used and not 2DES?
Double DES is vulnerable to meet-in-the-middle attack and only has effective key length of 57 bits
309
Write cryptographic formula and explain
```
E(m,k)=c
Encryption transformation(plaintext message,key or cryptovariable)=ciphertext
Run message and key through encryption algorithm and put it into meaningless data
D(c,k)=m = D(E(m,k),k)=m since using substitution
```
310
You are rolling out a new DBMS. Which is NOT a traditional data model: hierarchical, authenticated, mesh, object-oriented
authenticated; the other one is relational
311
you can't find out someone's salary but you and this person are the only person in a zip code so you can deduce that person's salary (information of higher sensitivity) from that lower sensitivity information
inference
e.g. if you know neighbor was in process of selling his business and all of a sudden you see ferrari in the driveway you can infer he sold the business for a lot of money
312
You generate session keys for each session you create so now if someone intercepts communications and breaks the session key they just have one message (rather than months and years of data). What is this called?
PFS (Perfect Forward Secrecy)
313
You have a database stored in a different location to take over if the primary fails. If you're in the middle of transaction and the database fails, you've lost the transaction. What type of database backup is this?
Shadow database
314
You have a portion of ciphertext and are attempting to obtain the corresponding plaintext. What type of crypto attack is this?
Chosen ciphertext
| The cryptanalyst has ciphertext and plaintext for messages that he chooses.
315
Your company is running McAfee Safeboot 8.1. You are in the process of upgrading to 9.3. Which does 9.3 use for authentication? IDEA, LUC, SHA, RIPEMD
LUC (or any other assymetric encryption listed)
| If you see confidentiality pick symmetric, if you see integrity pick hashing
316
Your organization is running a datacenter that has $5 billion worth of intellectual property and equipment. You are constantly targeted by adversaries and it's a significant risk if the datacenter gets compromised. If there is a fire in the data center how should the exterior doors fail?
Always be locked, fail open, fail closed, doors should never be used
Doors for any facility during a fire should always fail open. Safety is always the golden rule.
