Ch 5. Securing Hosts/Data Flashcards
Least Functionality
a core security principle stating that systems should be deployed with the least amount of applications, services, and protocols
Backdoor
an access point to an application or service that bypasses normal security mechanisms
Trusted Operating System
meets a set of predetermined requirements, such as those identified in the Common Criteria. It uses the mandatory access control (MAC) model.
Patch Management
ensures that systems and applications stay up to date with current patches
Change Management
defines the process and accounting structure for handling modifications and upgrades. The goals are to reduce risks related to unintended outages and provide documentation for all changes
Sandboxing
the use of an isolated area for testing. You can create one with a virtual environment and on Linux with the chroot command.
EMI
Electromagnetic Interference; comes from sources such as motors, power lines, and fluorescent lights and can interfere with signals transmitted over wires
EMP
Electromagnetic Pulse; a short burst of energy that can cause damage to computing equipment
FDE
Full Disk Encryption; encrypts an entire disk
SED
Self-Encrypting Drive; includes the hardware and software to encrypt all data on the drive and securely store the encryption keys
BIOS
Basic Input/Output System; includes software that provides a computer with basic instructions on how to start. Often referred to as firmware
UEFI
Unified Extensible Firmware Interface; like BIOS but with enhancements such as being CPU-independent
TPM
Trusted Platform Module; a hardware chip on the computer’s motherboard that stores cryptographic keys used for encryption
Secure Boot
process that checks and validates system files during the boot process. A TPM typically uses a secure boot process
Attestation
sends a report to a stored system to check and validate system files during the boot process
Hardware Root of Trust
a known secure starting point. TPMs have a private key (RSA) burned into the hardware that provides a hardware root of trust
HSM
Hardware Security Module; a removable or external device that can generate, store, and mange RSA keys used in asymmetric encryption. Many server-based applications use an HSM to protect keys
CASB
Cloud Access Security Broker; a software tool or service deployed between an organization’s network and the cloud provider. It provides Security as a Service by monitoring traffic and enforcing security policies
Four models of Cloud Deployment
Public, Private, Community, Hybrid
MDM
Mobile Device Management; helps enforce security policies on mobile devices
tethering
the process of sharing a mobile device’s Internet connection with other devices
WiFi Direct
a standard that allows devices to connect without a wireless access point
Embedded Systems
any device that has a dedicated function and uses a computer system to perform that function
SoC
system on a chip; an integrated circuit that includes all the functionality of a computing system within the hardware.
ICS
Industrial Control System; typically refers to systems within large facilities such as power plants or water treatment facilities
SCADA
Supervisory Control and Data Acquisition; a system that controls an ICS such as a power plant or water treatment facility.
RTOS
Real Time Operating System; an OS that reacts to input within a specific time. If it can’t respond within the specific time than it doesn’t process the data and typically reports an error
Data Exfiltration
the unauthorized transfer of data outside an organization
