Chapter 3: Security Architecture & Engineering

Question 1

Security model that helps specify & analyze integrity policies for computing systems.It focuses on preventing data corruption by faults or malicious intent.

Answer 1

Clark-Wilson Model

Question 2

State transition system of com-
puter security policy. Describes a set of access control rules to ensure data integrity. Data and subjects are grouped into ordered levels of integrity.

Answer 2

Biba Model

Question 3

State machine model used for enforcing access control in government and military applications. No clear distinction between protection & security.

Answer 3

Bell-LaPadula Model

Question 4

AKA Chinese wall model, a security model that aims to prevent conflicts of interest by limiting access to sensitive information.

Answer 4

Brewer-Nash Model

Question 5

What are the four stages of fire, for detection purposes?

Answer 5

Incipient, smoke, flame, heat

Question 6

What is Haval ?

Answer 6

A hash algorithm

Question 7

What are the three approved encryption algorithms for the Digital Signature Standard under FIPS 186-4?

Answer 7

DSA, RSA, ECDSA
(Digital Signature Alg.; Rivest, Shamir, Adleman; Elliptic Curve DSA)

Question 8

State the Simple Integrity Property under the Biba Model.

Answer 8

An individual may not read a file classified at a lower security level than the individual’s security clearance.

Question 9

What is SCADA ?

Answer 9

Supervisory Control and Data Acquisition

Question 10

What is TPM ?

Answer 10

Trusted Platform Module. Hardware security technique. Stores an encryption key on a chip on the system motherboard.

Question 11

What is TCB ?

Answer 11

Trusted Computing Base. The collection of all protection mechanisms related to security.

Question 12

What is ESP in IPsec?

Answer 12

Encapsulating Security Payload. Provides confidentiality, authentication, and integrity.

Question 13

What is AH in IPsec?

Answer 13

Authentication Header: Provides authentication and integrity.

Question 14

What is IKE in IPsec?

Answer 14

Internet Key Exchange: Provides key management and Security Association (SA) management.

Question 15

What are the first two Common Criteria Evaluation Assurance Levels (EAL) ?

Answer 15

EAL1: Functionally tested, with a minimal focus on security.
EAL2: Structurally tested, with basic security considerations.

Question 16

What are the Common Criteria Evaluation Assurance Levels (EAL) 3 & 4?

Answer 16

EAL3: Methodically tested and checked, with moderate security assurance.
EAL4: Methodically designed, tested, and reviewed, with heightened security measures.

Question 17

What are the Common Criteria Evaluation Assurance Levels (EAL) 5 through 7?

Answer 17

EAL5: Semi-formally designed & tested, w/med-to-high assurance.
EAL6: Semi-formally verified design & tested, w/med-to-high assurance.
EAL7: Formally verified design and tested, with high assurance.

Question 18

What are the 7 principles of Privacy by Design ?

Answer 18

1. Proactive, not reactive
2. Privacy as the default setting
3. Privacy embedded into design
4. Full functionality - positive sum
5. End-to-end security
6. Visibility & transparency
7. Respect for user privacy

Question 19

What is Kerckhoff’s principle ?

Answer 19

A cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

Question 20

Explain Multistate .

Answer 20

Multistate systems are certified to handle data from different security classifications simultaneously.

Question 21

Explain System High Mode .

Answer 21

For System High Mode, users must have security clearance & access approval for all info processed by the system, & need to know for at least some info.

Question 22

What are the four System Security Modes ?

Answer 22

Dedicated, System High, Multilevel, and Partitioned (AKA Compartmented) are the four System Security Modes.

Question 23

Differentiate Certification & Verification .

Answer 23

Certification validates security controls. Verification goes beyond to include testing and attestation by a trusted 3rd party.

Question 24

What is TCSEC ?

Answer 24

Trusted Computer System Evaluation Criteria, AKA the EAL levels.

Question 25

What is a Golden Ticket attack?

Answer 25

Using the hash of the Kerberos service account to create tickets in an Active Directory environment.

Question 26

When an attacker uses specialized tools to extract encrypted Kerberos service tickets from a network, then tries to crack the encryption to obtain the user’s password hash.

Answer 26

Kerberoasting.

Question 27

Using the hash of the Kerberos service account to create tickets in an Active Directory environment.

Answer 27

Golden Ticket Attack.

Question 28

Using stolen Kerberos tickets to authenticate to resources.

Answer 28

Pass the Ticket Attack

Question 29

Tell me about AES .

Answer 29

Symmetric. Still considered secure. Original name Rijndael. Won the AES challenge. Key size 128, 192, or 256. Block size 128.

Question 30

Tell me about WPA3 .

Answer 30

A security protocol for personal and enterprise networks. Still considered secure. Has a personal and an enterprise version.

Question 31

Tell me about MD5 .

Answer 31

Not considered secure. Hash algorithm.

Question 32

What is a Mimikatz Tool ?

Answer 32

Multifunction widget dropped on a target host as part of an attack. Commonly used for pass-the-hash attacks.

Question 33

Cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table.

Answer 33

ARP Poisoning.

Question 34

What is TOCTOU ?

Answer 34

A Time Of Check to Time Of Use attack.

Question 35

_____ is a formal model used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules.

Answer 35

Take-Grant Model

Question 36

What is ASLR ?

Answer 36

Address space layout randomization (ASLR) is a computer security technique used in preventing exploitation of memory corruption vulnerabilities.

Question 37

A cryptographic attack that weakens the security of multiple encryptions by storing intermediate values from encryption or decryption.

Answer 37

Meet-in-the-Middle attack.

Question 38

Which of these are Symmetric?
RSA, 3DES, AES, Blowfish

Answer 38

3DES, AES, Blowfish are Symmetric.

Question 39

The _____ access control model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

Answer 39

Biba access control model.

Question 40

The ____ access control model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects.

Answer 40

Bell-LaPadula Access Control Model.

Question 41

What is the recommended humidity range for data centers?

Answer 41

40 to 60 percent.

Question 42

What is a CRL ?

Answer 42

Certificate Revocation List. Includes serial numbers of all revoked certificates for a Certificate Authority.

Question 43

The _____ model is primarily concerned with formalizing the notion of information integrity, using security labels to grant access to objects via transformation procedures and a restricted interface model.

Answer 43

Clark-Wilson Security Model

Question 44

The _____ model is based on the Access Control Matrix model where rows correspond to subjects and columns correspond to objects and subjects, each element contains a set of rights between subject i and object j or between subject i and subject k.

Answer 44

Graham-Denning Security Model