Chapter 6 - Security Architecture and Design Flashcards

1
Q

A holistic Life Cycle for developing security architecture that begins with accessing business requirements and subsequently creating a “chain of traceability” through phases of strategy, concept, design, implementation and metrics is characteristic of which of the following frameworks?

A. Zachman

B. SABSA

C. ISO 27000

D. TOGAF

A

B. SABSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following component of ITIL’s Service Portfolio is primarily focused on translating designs into operational services through a project management standard?

A. Service Strategy

B. Service Design

C. Service Transition

D, Service Operations

A

C. Service Transition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following can best be used to capture detailed security requirements?

A. Threat modeling, covert channels, and data classification

B. Data classification, risk assessments, and covert channels

C. Risk assessments, covert channels, and threat modeling

D. Threat modeling; data classification and risk assessments

A

D. Threat modeling; data classification and risk assessments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following security standards is internationally recogonized as sthe standards for sound security practice and is focused on the standardization and certification of an organization’s information security management system (ISMS)

A. ISO 15408

B. ISO 27001

C. ISO 9001

D. ISO 9146

A

B. ISO 27001

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following describes the rules that need to be implemented to ensure that the security requirements are met?

A. Security Kernel

B. Security Policy

C. Security Model

D. Security Reference Monitor

A

B. Security Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A two dimensional grouping of individual subjects into groups or roles and granting access to groups to objects is an example of which of the following types of models?

A. Multi-level lattice

B. State Machine

C. Non-interference

D. Matrix based

A

D. Matrix based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following models ensures that a subject with clearance level of Secret has the ability to write only to objects classified as Secret or Top Secret but is prevented from writing information classified as Public?

A. Biba - Integrity

B. Clark-Wilson

C. Brewer-Nash

D. Bell-LaPadula

A

D. Bell-LaPadula

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is unique to Biba Integrity Model?

A. Simple Property

B. *(star) property

C. Invocation Property

D. Strong * Property

A

C. Invocation Property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following models is best considered in a shared data hosting environment so that they data of one customer is not disclosed to a competitor or other customers sharing that hosted environment?

A. Brewer Nash

B. Clark - Wilson

C. Bell-LaPadula

D. Lipner

A

A. Brewer Nash - Chinese Wall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following security models is primarily concerned with how the subjects and objects are created and how subjects assigned rights and privileges?

A. Bell-LaPadula

B. Biba-Integrity

C. Chinese Wall

D. Graham Denning

A

D. Graham Denning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following ISO standards provides the Evaluation Criteria that can be used to evaluate Security Requirments of different products with different functions?

A. ISO 15408

B. ISO 27000

C. ISO 9100

D. ISO 27002

A

A. ISO 15408

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In the common criteria the common set of functional and assurance requirements for a category of vendor producs deployed ina particular type of environment are known as:

A. Protection Profiles

B. Security Target

C. Trusted Computing Base

D. Ring Protection

A

A. Protection Profiles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following evaluation assurance level that is formally verified, designed, and tested is expected for a high risk situation?

A. EAL1

B. EAL3

C. EAL5

D. EAL7

A

D. EAL7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Formal acceptance of an evaluated system by management is known as:

A. Certification

B. Accreditation

C. Validation

D. Verification

A

B. Accreditation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which stage of the Capability Maturity Model (CMM) is characterized by having organizational processes that are proactive?

A. Initial

B. Managed

C. Defined

D. OPtimizing

A

C. Defined

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following best provides a method of quantifying risks associated with information technology when validating the abilities of new security controls and countermeasures to address the identified risks?

A. Threat/Risk Assessment

B. Penetration Testing

C. Vulenrability Assessment

D. Data Classification

A

A. Threat/Risk Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The use of proxies to protect more trusted assests from less sensitive ones is an example of which of the following types of security services?

A. Access Control

B. Boundary Control

C. Integrity

D. Audit and Monitoring

A

B. Boundary Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following is the main reason for security concerns in mobile computing devices?

A. The 3G protocol is inherently insecure

B. Lower Processing Power

C. Hackers are targeting mobile devices

D. The lack of anti-virus software

A

B. Lower Processing Power

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

In decentralized environments device drivers that enable the OS to control and communicate with hardware need to be securely designed, developed and deployed because they are

A. typically installed by end users granted access to the supervisor state

B. typically installed by administrators and granted access to user mode state

C. typically installed by software without human interaction

D. integrated as part of the operating system

A

A. typically installed by end users granted access to the supervisor state

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A system administrator grants rights to a group of individuals called Accounting instead of granting rights to each individual. This is an example of whilch of the following security mechanisms?

A. Layering

B. Data hiding

C. Cryptographic protections

D. Abstraction

A

D. Abstraction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

4 Main components Processors, storage, peripherals, and the OS

A

CPU, motherboard and memory operate together -4 main tasks - fetching, decoding, executing and storing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

multitasking system

A

switches from one process to another to quickly speed up processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

threads

A

series of instructions, multithreading is a process where the OS time slices the threads and gives one thread some time on the CPU and then switches to another thread

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

primary storage

A

memory, cache or registers - high probablity of being requested by the CPU - RAM (Volatile) SDRAM CACHE (high speed RAM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

secondary storage

A

holds data not being used by the CPU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

firmware

A

storage of programs or instructions in ROM (Non-volatile)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

system kernal

A

core of OS - provides access to system resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Enterprise Security Architecture

A

implements the building blocks of information security across the entire organization - long term strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Boundary Control Services

A

how and whether information is allowed to flow from one set of systems to another, or from one state to another - firewalls, border routers, proxies. Intended to enforce security zones of control by isolating entry points

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Access Control Service

A

identification, authentication, authorization of subject entities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Integrity services

A

antivirus, content filtering, file integrity, whitelisting, and intrustion prevention systems - automated checking to detect and correct corruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Cryptography Services

A

PKI - hashing and encryption, common services that can be deployed and reused by a variety of systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Audit and Monitoring Services

A

secure collection, storage, and analysis of audited events through centralized logging through intrustion detection systems

34
Q

Security Zones

A

used to group together entities with similar security requirments

35
Q

architecture frameworks

A

method for designing a target state as an integrated set of systems.

36
Q

Zachman

A

logical structure for identifying and organizing the models that are important in the management of enterprises

37
Q

Sherwood Applied Business Security Architecture (SABSA) Framework

A

holistic life cycle - creating chain of traceability through phases of strategy, concept, design, implementation and metrics

38
Q

The Open Group Architecture Framework (TOGAF)

A

Common set of terms, architecture development method, and architecture content framework and numerous reference models

39
Q

ITIL - IT Infrastructure Library

A

defines organizational structure and skill requirements, operational procedures and practices 5 main books

40
Q

Service Strategy

A

addresses new buisness needs by describing the range of services that are or will be deployed

41
Q

Service Design

A

focuses on creating the services described within service portfolio

42
Q

Service transition

A

translates designs into operational services through standard project management structure

43
Q

Continual Service Improvement

A

metrics used as key input

44
Q

State Machine Model

A

describes a system at a point in time - then describes the behavior as it moves between one state and another, from one moment to another. Role of time is very important

45
Q

Multilevel Lattice Models

A

strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers the are in. Hierarchial - lesser/greater privilieges - clearance of subject compared with classification of data

46
Q

Noninterference models

A

a type of multi level model that severly limits and higher-classified information from being shared with lower privileged subjects - also deals with covert channels - maintains activities at different security levels. Complete separation between security levels

47
Q

Matrix based models

A

focus on one to one relationships between subjects and objects - access control matrix - represent capabiliteis - may be put into roles

48
Q

Information Flow Models

A

how information is allowed or not allowed between individual objects - may identify covert channels, unintended information flow between compartments, used to determine if information is being properly protected throughout a given process.

49
Q

Bell-LaPadula Confidentiality Model

A

inspired by DoD - need to improve confidentiality, primary goal is to prevent diclosure as the model moves from one state to another. Subjects active, objects passive. Subjects assigned clearance levels for modes of access (Read, Write) to use with objects assigned a classification level. Use labels with set of rules. Simple security property subject can read but not right. Can read at their level or below but can’t read higher. * Property - To prevent disclosure subjects could write at their level or higher but cant write lower. The strong star property - restricted read/write to their level only.

50
Q

Biba Integrity Model

A

lattice based model with multiple levels. Same modes of access and interactions with subjects and objects. An itegrity model. Information maintained by preventing corruption. Simple Integrity property - can’t read from less accurate objects but can read from objects that are more accurate. * property - Subjects can not write to objects that are more accurate, but can write down Invocation property - getting a more priviliged subject to work on their behalf - this must be prevented or corruption could occur

51
Q

Clark Wilson Integrity model

A

Integirty at transaction level in a commercial environment. Prevent unauthorized, undesireable changes and behave consistently. constant mediation between every subject and every object for integrity to be maintained. Subject does not have direct access to the object - done through a program following a set of rules. Prevent undesireable changes by atuthorized subjects -separation of duties. Well-formed transactions - set of steps within any transaction would need to be carefully designed and enforced.

52
Q

Lipner model

A

combines Bell-LaPadula and Biba with the idea of job functions for both confidentiality and integrity. First to separate objects into data and programs

53
Q

Brewer-Nash (Chinese Wall) Model

A

focus on preventing conflict of interest when subject has access to objects with sensitive information associated with two competing parties. can not access confidential information for a client organization and one or more of its competitors - can’t get to one side of wall once on the other side

54
Q

Graham-Dennin Model

A

concerned how subjects and objects are created, assigned privilieges and how ownership is managed. Subjects - process and domain

55
Q

Harrison-Ruzzo

A

generic rights and a finite set of commands

56
Q

A formal security model

A

describes and verifies the ability to enforce security policy in mathematical or measurable terms

57
Q

3 Evaluation Criteria

A

TCSEC, ITSEC, Common Criteria

58
Q

Certification

A

System tested to see whether it meets documented requirements

59
Q

Accreditation

A

Management evaluates the capacity of the system and decides whether they will formally accept the evaluated system

60
Q

TCSEC - Trusted Computer System Evaluation Criteria

A

Orange Book 1983 DoD - Used to evaluate, classify, and select computer systems being considered for the processing, storage and retrieval of sensitive or classified information. Focused on confidentiality.

Trusted Computing Base (TCB) - are the fundamental controls implemented in a given system

C Level to B Level moves from DAC to MAC

61
Q

A - Verified Protection

A

A1 - verified Design - Highest Trust

62
Q

B - Mandatory Protection

A

B3 Security Domains; satisfy reference monitor, exclude non-essential code; minimize complexity; Security Administrator, Audits all, Automated IDS, Trusted Sytem Recovery, Covert timing

B2 Structurted Protection; configuration managment, DAC & MAC over all, clear security policy, covert storage, objects structured, more testing, hardened authentication, separate operator and administrator

B1 Labeled Security Protection - MAC over some, informal security policy, data sensitivity labels, flaws must be removed or mitigated

63
Q

C - Discretionary

A

C2 Controlled Access - improved DAC login process and audit trails

C1 Discretionary Security - DAC

64
Q

D - Minimal

A

Lowest

65
Q

ITSEC - information technology security evaluation

A

provides functional and assurance levels - integrity and availability; E Levels, targets of evaluation, higher E levels provide customers with higher degree of assurance

66
Q

Common Criteria - CC - ISO/IEC 15408

A

Supercede all other criteria, standardizes general approach to product evaluation

Protection Profiles - function and assurance requirements for a category of vendor products in a particular environment

EAL Levels - Common Evaluation Methodology

EAL1 - Functionally Tested

EAL2 - Structurally Tested

EAL3 - Methodically Tested and Checked

EAL4 - Methodically Designed, Tested and Reviewed

EAL5 - Semi-Formal Designed and Tested

EAL6 - Semi-Formal Verified Design and Tested

EAL7 - Formal Verified Design and Tested

67
Q

ISO 2700:2005

A

Standardization and Certification of an organization’s information security management system (ISMS)

Five key areas:

  1. General Requirements of the ISMS
  2. Management Responsibility
  3. Internal ISMS Audits
  4. Management Review of the ISMS
  5. ISMS Improvement
68
Q

ISO 27002

A

Code of Practice for Information Security Management which lists security control objectivevs and recommends a range of specific security controls according to industry best practice - more of a guideline

11 focus areas:

  1. Security Policy 2. Organization and information Security 3. Asset Management 4. Human Resources Security 5. Physical and Environmental Security 6. COmmunications and Operations Management 7. Access Control 8. Information System Acquisition, Development and Maintenance 9. Information Secuirty Incident Management 10. Business Contuity Mnagement 11. Compliance
69
Q

Control Objects for Information and Related Technology

A

Framework for IT Management - set of generally accepted processes to assist in maximizing the benefits derived using info technology and developing appropriated IT governance

70
Q

Payment Card Industry Data Security Standard (PCI-DSS)

A

Specifications to ensure safe processing, storing and transmission of the card holder’s information

71
Q

Complete Mediation

A

When no subject can gain access to any object without authorization

72
Q

Processor

A

Supervisor state (Kernel mode) - operating at highest priviliege - allowed to access any system resources

73
Q

Layering

A

Organization of programming into separate functional components that interact in some sequential and hierarchial way.

74
Q

Ring Protection

A

inner ring - lowest number, most priviliege (OS Kernel)

Outer ring - highest number, lowest privilege - end user application

75
Q

Tempest

A

set of standards designed to shield buildings and equipment to protect them against eavesdropping and passive emanations gathering attempts

76
Q

State attack - ‘Race conditions’

A

atempt to take advantage of how a system handles multiple requests

77
Q

Covert Channels

A

mechanism hidden from access controls - use irregular methods of communication such as free space or timing to transmit information

Storage - communicate via a stored object

Timing - modify timing of events relative to each other

Eliminate thru design

78
Q

XML

A

Extensible Markup Language - structuring data in a text file

79
Q

SAML

A

Security Assertion Markup Language - exchange authentication and authorization information

80
Q

OWASP

A

OPen Web Application Security Project - focus on improving securiy of software