Chapter 3: Security Architecture & Engineering Flashcards
Security model that helps specify & analyze integrity policies for computing systems.It focuses on preventing data corruption by faults or malicious intent.
Clark-Wilson Model
State transition system of com-
puter security policy. Describes a set of access control rules to ensure data integrity. Data and subjects are grouped into ordered levels of integrity.
Biba Model
State machine model used for enforcing access control in government and military applications. No clear distinction between protection & security.
Bell-LaPadula Model
AKA Chinese wall model, a security model that aims to prevent conflicts of interest by limiting access to sensitive information.
Brewer-Nash Model
What are the four stages of fire, for detection purposes?
Incipient, smoke, flame, heat
What is Haval ?
A hash algorithm
What are the three approved encryption algorithms for the Digital Signature Standard under FIPS 186-4?
DSA, RSA, ECDSA
(Digital Signature Alg.; Rivest, Shamir, Adleman; Elliptic Curve DSA)
State the Simple Integrity Property under the Biba Model.
An individual may not read a file classified at a lower security level than the individual’s security clearance.
What is SCADA ?
Supervisory Control and Data Acquisition
What is TPM ?
Trusted Platform Module. Hardware security technique. Stores an encryption key on a chip on the system motherboard.
What is TCB ?
Trusted Computing Base. The collection of all protection mechanisms related to security.
What is ESP in IPsec?
Encapsulating Security Payload. Provides confidentiality, authentication, and integrity.
What is AH in IPsec?
Authentication Header: Provides authentication and integrity.
What is IKE in IPsec?
Internet Key Exchange: Provides key management and Security Association (SA) management.
What are the first two Common Criteria Evaluation Assurance Levels (EAL) ?
EAL1: Functionally tested, with a minimal focus on security.
EAL2: Structurally tested, with basic security considerations.
What are the Common Criteria Evaluation Assurance Levels (EAL) 3 & 4?
EAL3: Methodically tested and checked, with moderate security assurance.
EAL4: Methodically designed, tested, and reviewed, with heightened security measures.
What are the Common Criteria Evaluation Assurance Levels (EAL) 5 through 7?
EAL5: Semi-formally designed & tested, w/med-to-high assurance.
EAL6: Semi-formally verified design & tested, w/med-to-high assurance.
EAL7: Formally verified design and tested, with high assurance.
What are the 7 principles of Privacy by Design ?
- Proactive, not reactive
- Privacy as the default setting
- Privacy embedded into design
- Full functionality - positive sum
- End-to-end security
- Visibility & transparency
- Respect for user privacy
What is Kerckhoff’s principle ?
A cryptographic system should be secure even if everything about the system, except the key, is public knowledge.
Explain Multistate .
Multistate systems are certified to handle data from different security classifications simultaneously.
Explain System High Mode .
For System High Mode, users must have security clearance & access approval for all info processed by the system, & need to know for at least some info.
What are the four System Security Modes ?
Dedicated, System High, Multilevel, and Partitioned (AKA Compartmented) are the four System Security Modes.
Differentiate Certification & Verification .
Certification validates security controls. Verification goes beyond to include testing and attestation by a trusted 3rd party.
What is TCSEC ?
Trusted Computer System Evaluation Criteria, AKA the EAL levels.
What is a Golden Ticket attack?
Using the hash of the Kerberos service account to create tickets in an Active Directory environment.
When an attacker uses specialized tools to extract encrypted Kerberos service tickets from a network, then tries to crack the encryption to obtain the user’s password hash.
Kerberoasting.
Using the hash of the Kerberos service account to create tickets in an Active Directory environment.
Golden Ticket Attack.
Using stolen Kerberos tickets to authenticate to resources.
Pass the Ticket Attack
Tell me about AES .
Symmetric. Still considered secure. Original name Rijndael. Won the AES challenge. Key size 128, 192, or 256. Block size 128.
Tell me about WPA3 .
A security protocol for personal and enterprise networks. Still considered secure. Has a personal and an enterprise version.
Tell me about MD5 .
Not considered secure. Hash algorithm.
What is a Mimikatz Tool ?
Multifunction widget dropped on a target host as part of an attack. Commonly used for pass-the-hash attacks.
Cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table.
ARP Poisoning.
What is TOCTOU ?
A Time Of Check to Time Of Use attack.
_____ is a formal model used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules.
Take-Grant Model
What is ASLR ?
Address space layout randomization (ASLR) is a computer security technique used in preventing exploitation of memory corruption vulnerabilities.
A cryptographic attack that weakens the security of multiple encryptions by storing intermediate values from encryption or decryption.
Meet-in-the-Middle attack.
Which of these are Symmetric?
RSA, 3DES, AES, Blowfish
3DES, AES, Blowfish are Symmetric.
The _____ access control model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.
Biba access control model.
The ____ access control model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects.
Bell-LaPadula Access Control Model.
What is the recommended humidity range for data centers?
40 to 60 percent.
What is a CRL ?
Certificate Revocation List. Includes serial numbers of all revoked certificates for a Certificate Authority.
The _____ model is primarily concerned with formalizing the notion of information integrity, using security labels to grant access to objects via transformation procedures and a restricted interface model.
Clark-Wilson Security Model
The _____ model is based on the Access Control Matrix model where rows correspond to subjects and columns correspond to objects and subjects, each element contains a set of rights between subject i and object j or between subject i and subject k.
Graham-Denning Security Model
