Ch5: Securing Hosts and Data Flashcards
Least functionality
A core security principle stating that systems should be deployed with the least amount of applications, services, and protocols
Trusted OS
A trusted OS meets a set of predetermined requirements, such as those identified in the Common Criteria. Uses the MAC (mandatory access control) model
A master image provides
a secure starting point for systems
Admins create master images with templates or other tools to…
create a secure baseline
Integrity measurements discover…
when a system deviates from the baseline
The WannaCry ransomware worked only because…
Systems were not kept up-to-date with current patches. Microsoft had released an update to the known vulnerability two months before the attack
Patch management ensures
OS’s and applications are up to date with current patches to protect systems against known vulnerabilities
Change management
Defines the process and accounting structure for handling modifications and upgrades. Goal is to provide documentation for all changes and reduce risks related to unintended outages
Application whitelist
List of authorized software that prevents users from installing or running software that isn’t on the list
Application blacklist
List of unauthorized software that prevents users from installing or running software on the list
Sandboxing
The use of an isolated area, often used for testing
I can create a sandbox with…
A VM or the chroot command on Linux
Secure deployment environment includes
Development, testing, staging, and production elements
Secure systems design considers…
Electromagnetic interference (EMI) and electromagnetic pulse (EMP)
EMI sources
Motors, power lines, fluorescent lights. Can be prevented with shielding
Mild forms of EMP
Electrostatic discharge and lightning. Systems can be protected from these
TPM
Trusted Platform Module is a hardware chip included on many laptops and mobile devices that includes a unique RSA asymmetric key burned into the chip and provides a hardware root of trust
TPM provides
Full disk encryption and supports a secure boot process and remote attestation
HSM
Hardware security module is a removable or external device that can generate, store, and manage RSA keys used in asymmetric encryption. Many server-based applications use an HSM to protect keys
SaaS
Software as a Service cloud-based technologies includes any software or application provided to users over a network like the Internet, such as web-based email
PaaS
Platform as a Service provides customers with a fully managed platform, which the vendor keeps up to date with current patches