Chapter 8 Flashcards
What type of exception handling technique tries handle errors in an application?
Try…Catch
What term describes where a system is allowed to continue operations after a component fails.
Fail-Soft
What term describes that when a system fails, it will revert to a state that protects the health and safety of people.
Fail-Safe
What term describes prioritizing the physical security of assets over anything else ?
Fail-Secure
What describes allowing a process to read from and write only to certain memory locations?
Confinement/Sandboxing
What is responsible for ensuring a system behaves properly and is the combination of hardware, software, and components that work together to enforce security policies.
TCB
What is a channel that allows communication between the TCB and system without exposing the TCB to Security exploitations.
Trusted Paths
What allows a subject from being able to break out of isolation to affect the TCB and allows a subject to perform command line ops without risk to the TCB.
Trusted Shell
What describes a system that is always secure no matter what state it’s in ?
State Machine Model
What is a table of subjects and objects that indicates the actions that each subject can perform on each object.
ACM
What Bell-LaPadula property states that a subject may not read information at a higher security level ?
Simple Security Property
What Bell-LaPadula property states that a subject may not write information to an object at a lower level ?
Star Security Property
What Bell-LaPadula property states that the system uses an access matrix to enforce discretionary access controls?
Discretionary Security Property
What model is based on the information flow model and focuses on integrity.
Biba Model
What Biba model property states that a subject cannot read an object at a lower security level ?
Simple Security Property
What Biba model property states that a subject cannot modify an object at a higher security level ?
Star Security Model
What model focuses on integrity and uses a three part relationship of subject/programs/objects?
Clark-Wilson Model
What model applies to a single integrated database, and creates security domains that are sensitive to the notion of conflict of interest ?
Brewer and Nash Model
What model permits access controls to change dynamically based on the user’s previous activity ?
Brewer and Nash Model
What model is where subjects are allowed to only perform predetermined actions against predetermined objects?
Goguen–Meseguer Model
What model is based on automation theory and domain separation ?
Goguen–Meseguer Model
What model is based on the idea of defining a set of system states, initial states, and state transitions?
Sutherland Model
What model is focused on the secure creation and deletion of both subjects and objects?
Graham-Denning Model
What model is an extension of the Graham-Denning model?
HRU Model
What focuses on the assignment of object access rights to subjects as well as the resilience of those assigned rights?
HRU Model
What are the two key elements of the common criteria?
Protection Profiles
Security Targets
What element of the common criteria specified the “I Want” from a customer ?
Protection Profiles
What element of the common criteria specifies the “I Will” from the vendor ?
Security Targets
What EAL level is when some confidence in correct operation is required but where threats to security is not serious ?
EAL1 / Functionally Tested
What EAL level is when delivery of design information and test results are in keeping with good commercial practices.
EAL 2 / Structurally Tested
What EAL level is when security engineering begins at the design stage and is carried through without substantial subsequent alteration.
EAL 3 / Methodically Tested and Checked
What EAL level is when rigorous positive security engineering and good commercial development practices are used ?
EAL 4 / Methodically Designed, Tested, and Reviewed
What EAL level uses rigorous security engineering and commercial development practices, including specialist security engineering techniques, for semi-formal testing.
EAL 5 / Semi-Formally Designed and Tested
What EAL level uses direct, rigorous security engineering techniques at all phases of design, development, and testing to produce a premium TOE.
EAL 6 / Semi-Formally Verified, Designed, and Tested
What EAL level is used only for highest-risk situations or where high value assets are involved?
EAL 7 / Formally Verified, Designed, and Tested
What authorization decision does an AO give when a security control is inherited from another provider?
Common Control Authorization
What authorization does an AO give when a third-party provider provides an IT/IS servers that are deemed to have risk at an acceptable level ?
Authorization to Use