3.0 - Architecture and Design Flashcards

Question 1

Q

What purpose do Industry-standard frameworks
and reference architectures serve?

Answer

A

They provide a roadmap for aligning IT with the organization’s business strategy.

Question 2

Q

What is the difference between Industry-standard frameworks and reference architectures?

Answer

A

Industry-standard frameworks is more general than the eference architectures.

Question 3

Q

This non-regulatory publication is a common framework for IT Security.

Answer

A

The NIST Framework for Improving Infrastructure Cybersecurity (or Cybersecurity Framework, or CSF)

Question 4

Q

This organization is a good source of benchmarking guides.

Answer

A

CIS (Center for Internet Security)

Question 5

Q

The Department of Defense provides implementation guides through this agency.

Answer

A

DISA STIGs (Defense Information Security Agency Security Technical Implementation Guides)

Question 6

Q

What is the greatest risk in configuring network infractructure devices.

Answer

A

Incorrect configuration of rulesets.

Question 7

Q

This security principle advocates multiple layers and overlapping controls.

Answer

A

Defense-in-Depth

Question 8

Q

Why is it important to have both security policy and technical controls.

Answer

A

Policies are important to provide a guideline for new systems.

Question 9

Q

Administrative Controls are…

Answer

A

… policies, regulations and laws.

Question 10

Q

Technical Controls are…

Answer

A

Passwords, logical access controls, ACLs, antimalware, firewalls, etc.

Question 11

Q

Most significant attacks include this component.

Answer

A

Most significant attacks include a user component. User training is vital.

Question 12

Q

This structure allows your important data servers to remain safe, while putting web and web application servers in a semi-trusted zone.

Question 13

Q

How does a DMZ keep external users away from sensitive data?

Answer

A

Users interact with a server in the DMZ, which in-turn requests the data from a server inside the organizations trusted network.

Question 14

Q

You want to share some company data with selected business partners. What is a good solution?

Answer

A

An Extranet would provide secure, private access to company data.

Question 15

Q

What are two methods to provide your Intranet data to users outside the network?

Answer

A

The Intranet content could be duplicated in the DMZ, or it could be provided via an Extranet.

Question 16

Q

What are the types of NAT?

Answer

A

Types of NAT:

Static - for web servers so that external users can initiate the connection
Dynamic - uses a pool of public IPs
Port Address Translation (PAT) - many internal users can share one public IP

Question 17

Q

Ad Hoc networks are difficult to manage. Why?

Answer

A

There is not central entry and exit point, so monitoring communcation is difficult.

Question 18

Q

What are the advantages and disadvantages of a flat network.

Answer

A

A flat network runs faster and avoids some latency issues associates with Spanning Tree Protocols. But letter every device see every other device creates security issues.

Question 19

Q

What is a network Enclave?

Answer

A

An enclave is a portion of an otherwise flat network that is partitioned off, by subnet, VLAN, proxy, firewalls, or routers.

Question 20

Q

This the most secure and most expensive method to segregate portions of the network.

Answer

A

Physical segregation - separate physical equipment to handle different classes of traffice.

Question 21

Q

Why are air gaps a poor security choice?

Answer

A

Air gaps are difficult to implement and must be strictly enforced. Failures can be significant.

Question 22

Q

This system is at the heart of a signature-based antivirus or IDS.

Answer

A

Correlation Engine

Question 23

Q

Where should a DDoS Mitigator be located?

Answer

A

A DDoS Mitigator needs to be at the edge of the network, in the network path of the systems it is protecting.

Question 24

Q

What does an Aggregation Switch do?

Answer

A

An Aggregation Switch connects many edge switches back to the core router, so that fewer ports are used on the router.

Question 25

Q

A Switch Port Analyzer (SPAN) is a type of what.

Answer

A

A SPAN is a mirror port. It can copy the activity of every port on a switch.

Question 26

Q

This is a passive signal-copying mechanism, which will not be overwhelmed by traffic during data collection.

Answer

A

TAP (Test Access Point)

Question 27

Q

This newer method allows engineers to re-configure network traffic flow without physically re-wiring the network.

Answer

A

SDN (Software-Defined Networking)

Question 28

Q

Defense-in-Depth incorporates which types of diversity?

Answer

A

Defense-in-Depth includes:

Vendor diversity
Control diversity
Redundancy

Question 29

Q

Why is securing hardware important, beyond just physical theft?

Answer

A

Securing hardware prevents against:

Data loss
Data falling into the wrong hands
Firmware alteration by a bad actor

Question 30

Q

What is FDE and SED?

Answer

A

Full Disk Encryption (FDE)

and

Self Encrypting Disks (SED)

Question 31

Q

What is a TPM?

Answer

A

A Trusted Platform Module (TPM) is a hardware solution on the motherboard, which assists in security key generation and storage. This is a more secure soluton for storing keys.

Question 32

Q

What is an HSM?

Answer

A

A Hardware Security Module (HSM) is a device used to manage and store encryption keys. These are USB or network peripherals usually. On a larger network, an HSM is an efficient solution.

Question 33

Q

Why is UEFI a better choice for BIOS?

Answer

A

UEFI has security built in, including secure boot options.

Question 34

Q

What does UEFI Secure Boot enforce?

Answer

A

UEFI Secure Boot only allows signed drivers and OS loader to be invoked at bootup. It also enables the Attestation the drivers have not changed.

Question 35

Q

A Hardware Root of Trust must be secure, since it’s trust will be elevated to other systems. What are some hardware roots of trust?

Answer

A

Some hardware roots of trust are:

TPM chip
Apple’s Secure Enclave coprocessor
Apple’s signed Boot ROM
A highly-trusted software designed to securely store encryption keys

Question 36

Q

These external influences do not consist of code, but do represent a security threat to PC equipment.

Answer

A

EMI and EMP

Question 37

Q

This type of OS tends to be updated by the vendor.

Answer

A

Appliance OS’s are typically updated by the vendor. They are usually stripped down Linux distros and require unique updates.

Question 38

Q

What are the five types of OS?

Answer

A

Types of OS:

Network
Server
Workstation
Appliance
Kiosk
Mobile OS

Question 39

Q

What are the three common type of updates?

Answer

A

Common update types:

Hotfix - quick fix for a small issue, usually a security hole.
Patch - can include enhancements
Service Pack - large collection of patches and hotfixes

Question 40

Q

This the implicit deny philosophy, applied to functions on the PC.

Answer

A

Disabling unnecesary ports and services.

Question 41

Q

You’ve uninstalled games and other extra OS tools on a public-use PC and loaded only a web browser. What security principal are you using?

Answer

A

Least Functionality

Question 42

Q

What key feature does a Trusted OS have?

Answer

A

Multilevel security (often as defined by the Common Criteria for Information Security Evaluation)

Question 43

Q

What are the two Microsoft solutions to control application access?

Answer

A

Application access can be controlled by:

Software restriction policies - usually by PC not user
AppLocker, which allows for granular control over which users can execute which programs.

Question 44

Q

Mousejacking?

Answer

A

Yup. A wireless man-in-the-middle attack on a USB wireless mouse or keyboard.

Question 45

Q

The four environment types are?

Answer

A

Computing Environments:

Development - not scalable.
Test - closely mimics the production environment
Staging - common in organizations that have multiple production environments
Production - new system comes in contact with real data. Few changes should occur here.

Question 46

Q

What is Baselining?

Answer

A

Baselining is a process to establish a software’s base security state. Determine its capabilities and what processes and other apps it will need. Then remove or disable any unneeded processes. Then apply patches.

Question 47

Q

What is Integrity Measurement?

Answer

A

Integrity Measurement is an system that checks a system against a saved baseline to verify that is has not been compromised. A TPM chip, providing a root-of-trust anchor is a form of Integrity Measurement.

Question 48

Q

What is a SCADA system?

Answer

A

SCADA (supervisory control and data acquisition) is a sytem used to control automated systems, each an embedded system. Industrical Control Systems (ICS) are SCADA systems. Think Stuxnet or the Colonial Pipleline.

Question 49

Q

What is a SoC?

Answer

A

SoC - System on a Chip, usually stripped-down Linux.

Question 50

Q

What is a RTOS?

Answer

A

RTOS - Real-Time Operating Systems, are desiged for systems where processing must occur in real time. Anti-lock brakes, assembly line systems.

Question 51

Q

What makes RTOS-base software dangerous?

Answer

A

RTOS (Real Time OS) software are sensitive to timing issues. A mis-timed event can break some RTOS systems.

Question 52

Q

Why do medical devices rarely get software updates.

Answer

A

It would trigger the recertification process.

Question 53

Q

What is the suggested best practice for medical devices?

Answer

A

Keep them on a separate network, which is not usually possible.

Question 54

Q

What is a Controller Area Network (CAN)?

Answer

A

A CAN is a bus for multiple processors without a central host computer. Used in vehicles.

Question 55

Q

Describe the Waterfall software development model.

Answer

A

The Waterfall model is sequential and simple but it is poorly suited for complex work. Steps are:

Requirements

Design
Implementation
Verification
Maintenance

Question 56

Q

Describe the Agile software development model.

Answer

A

The Agile development methodology is a group methods designed to allow multiple teams to work quickly and efficiently.

Question 57

Q

Describe SCRUM.

Answer

A

SCRUM is an agile development model based on a 30-day timeline called a sprint. There is a master list called the product backlog, and daly burn-down charts. The idea is to keep the software in a ready to release state.

Security issues can be built into SCRUM as long as they make it into the product backlog and the burn-down charts.

Question 58

Q

What is XP development?

Answer

A

XP (Extreme Programming) is a development process based on user stories. It works better in smaller dev efforts. It stresses team-level communication, as a result including security methods is easy so long as the team is aware of them.

Question 59

Q

What is DevOps.

Answer

A

DevOps is a development model where changes and releases are nearly constant. Development and operations work together. Secure DevOps is when security practices are added to this model.

Question 60

Q

How does security automation work in DevOps?

Answer

A

Security automation is one of the methods used to make DevOps efficient. For instance automated patch management can reduce the manpower needed to keep systems up to date.

Question 61

Q

What does Baselining mean in DevOps?

Answer

A

In DevOps, Baselining records key variables between software updates to measure performance.

Question 62

Q

What is an Immutable System.

Answer

A

A system that will never be patched, but instead replaced if a change is needed.

Question 63

Q

What is Infrastructure as Code?

Answer

A

Infrastructure as Code is the user of code to build systems. A DevOps team is more involved in the defining system configuration. It is the interconnection of develper and production input.

Question 64

Q

What is Provisioning?

Answer

A

Provisioning is the process of assigning user or group permissions. It can also refer to assigning high-level access to certain processes or threads.

Answer 64

A

Users and processes should only be provisioned to the minimum-required security level, and only for as long as necessary. Deprovisioning keeps unneeded higher-level access from occurring.

Answer 65

A

Errors should be captured to a log file, which is protected by an ACL. This should be done by the process that created the error, not another process.

Errors should not be echoed to the user, where sensitive data could be captured by threat actors.

Answer 66

A

Proper input validation protects against buffer overflow and injection attacks. It is best to consider all input to be hostile.

Answer 67

A

Normalization is the process where inputs are converted to a canonical form – the simplest form. This may include stripping away capitalization or make phone number formatting uniform.

Answer 68

A

Stored Procedures are precompiled proceedures within a database engine. Sending user input to a stored procedure instead of directly to the SQL engine keeps a threat actor for running their own SQL commands on the system.

Answer 69

A

Never write your own algorithms, but also never implement standard algorithms yourself. Instead use a tested library.

Answer 70

A

Obfuscating exposed names such as server names and usernames is a good idea. Obfucation within your code will create issues for future programmers.

Answer 71

A

Automated dead code removal, deletes pieces of code that are never used again in the process. But these may be functions that delete sensitive data or otherwise cover traces that need to be hidden.

Answer 72

A

Client-side input validation can be corrupted by malware, a disgruntled user, or by misconfiguration. Server-side input validation is more work but it is safer.

Answer 73

A

Poor memory management can lead to a memory leak, which will eventually slow down the system.

Answer 74

A

SDK’s greatly speed up the development process. As long as developers manage dependency issues, the benefits outweight the costs.

Answer 75

A

Cryptography

Answer 76

A

A Static Code Analyzer is a program or person who reviews the base code looking for issues such as syntax approved function/library calls, and semantics associated with logic or calls. The code is not executed during static code analysis.

Answer 77

A

Dynamic Analysis is:

Testing code on a running system
Code is fed specific inputs designed to produce specific outputs
Especially useful on embedded systems
Important on high-risk ventures

Answer 78

A

Fuzzing is a form of Dynamic Analysis, where a large number of inputs are used to brute force errors from the tested system. It is a staple of SDLC-based testing. SDLC - sofware development life cycle.

Answer 79

A

Stress Testing tells developers how much workload the system can handle, and how it will perform when it goes past peak load. This will help define the operational limits in a SLA.

Answer 80

A

Model Verification makes sure the correct outputs will occur when correct inputs are entered. Testing is about what will happen when incorrect inputs are entered.

Answer 81

A

Hypervisors:

Type 1 - runs directly on hardware. VMware ESX, etc.
Type 2 - runs on top of a host OS. VMware player.

Answer 82

A

A Container or Cell allows multiple applications to interact with one OS, but each with separate memory, CPU and storage threads. This guarantees that they will not interact with each other. This is virtualization on the application level instead of on the OS level.

Answer 83

A

VM Sprawl - Many VMs with not policy or method to keep track of them. This can leave systems forgotten and unprotected.

VM Escape - When a software moves from the VM to the underlying software. This can be malware or an attacker.

Answer 84

A

Cloud Deployment Models:

SaaS - O365, Adobe Creative Suite. Good for highly-scalable, on-demand applications without installing endpoint software.
PaaS - AWS with Server 2016 loaded. Good for standardard resources in use by many other applications.
IaaS - Pay per use on a data center. BYO operating system. Good for highly customized, poorly scaling solutions that require specific resources.

Answer 85

A

Cloud privacy models:

Private - Only your org can access. Company’s SQL server in the cloud. Fewest security controls.
Public - Cloud hosting for your public-facing website or application.
Hybrid - Mix of both. Care must be used to keep track of which systems land on which side.
Community - Several organizations sharing a cloud environment.

Answer 86

A

Cloud location schemes:

On-Premise - your servers, but with a connection to the cloud. Hard to scale.
Hosted - located elsewhere, often a shared environment
Cloud - Distributed among many systems across the cloud? AWS?

Answer 87

A

VDI - Virtual Desktop Infrastructure - VMware ESX, Hypervisor controller, etc.

VDE - Virtual Desktop Environment - the OS that the users sees.

Answer 88

A

CASB - Cloud Access Security Broker is third party who ensures that proper security is maintained on your cloud systems. This is a type of Securiy as a Service.

Answer 89

A

Scripting can:

Reduce chance of user error
Chain together multiple, complex tasks
Save time

Answer 90

A

Configuration Validation is the act of checking the configuration of a new or existing system. Making sure only necessary application, processes, ports, etc. are active. This can be done by hand or automated by SCAP (Security Content Automation Protocol) application.

Answer 91

A

Templates are standardized recipies for the building of new systems. This can help codify the security steps and ensure systems are built securely.

Example: a LAMP stack is built over and IaaS implementation and includes Linux, Apache, MySQL, PHP/Python/Perl. Security settings are determined through a vendor form before the stack is built.

Answer 92

A

Non-persistence:

Snapshots - VMware snapshots
Revert to Known State - Windows Restore Points. Usually OS, but not user files.
Rollback to known config - Windows Last Known Good boot
Live Boot Media - Boot from USB or DVD, for recovery or forensic use.

Answer 93

A

Elasticity - dynamically increase workload capacity using added-on-demand hardware. Often occurs automatically in cloud environments. Can scale back down when workload reduces for cost savings.

Scalability - When a system is designed to accomodate larger workloads. Server farms and database clusters often have scalability issues do to the nature of their design.

Answer 94

A

Stateful jobs, such as DB queries, always refer back to the same server. Stateless jobs, such as website calls, can refer back to different servers in a cluster. So an additional means of distribuative allocation - such as a load balancer - is required.

Answer 95

A

Fault Tolerance - a design objective that results on high availabilty.

High Availability - an operational goal of maintaing system even when faults occur.

Answer 96

A

RAID types:

0 - Striped. Fast and dangerous
1 - Mirrored
2 - Striped at bit-level (rare)
3 - Striped at byte level (rare)
4 - Larger stripses than RAID 3. Dedicated parity drive.
5 - Block-Striped with error checks
10 - Mirrored then Striped (1 +0)

Answer 97

A

Fire Extinguishers:

A - Wood, paper, cloth, plastic

B - Petroleum, organic solvents

C - Electrical equipment

D - Flammable metals, magnesium, titanium

ABC is most common

Brainscape's Knowledge GenomeTM

3.0 - Architecture and Design Flashcards

Brainscape's Knowledge Genome^TM