Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Chapter 8 - Design > Flashcards

Chapter 8 - Design Flashcards

1
Q

Confinement

A

• Process to restrict actions of a program.
• Process can read and write to only certain memory locations and resources.
• AKA sandboxing
Can be done in OS or application (VMWare)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Bounds

A

• Limits set on memory addresses and resources a process can access
• Usually segment logical areas of memory for each process to use
Physical bounds require each bounded process to run in an area of memory that is physically separated from other bounded processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Isolation

A

• When a process is confined through enforcing access bounds
• Used to protect the operating environment, kernel of OS, and other independent apps.
Prevents apps from accessing the memory or resources of other apps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Access Control Triple

A

subject/object/program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Goguen-Meseguer

A

• Integrity model
• Foundation of noninterference conceptual theories
• Based on predetermining the set or domain - a list of objects that a subject can access
Members of one domain can’t interfere with members of another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Sutherland

A

• Integrity model
• Focuses on preventing interference in support of integrity
• Does not directly indicate specific mechanisms for protection of integrity
• Based on idea of defining set of system states, initial states, and state transitions
Common example: prevent a covert channel from being used to influence the outcome of a process or activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Graham-Denning

A 
• Focused on secure creation and deletion
	• 8 primary protection rules:
		○ Create object
		○ Create subject
		○ Delete object
		○ Delete subject
		○ Provide read access
		○ Provide grant access
		○ Provide delete access
Provide transfer access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Rainbow Series

A 
Level Label	Requirements
D	Minimal protection
C1	Discretionary protection
C2	Controlled access protection
B1	Labeled security
B2	Structured protection
B3	Security domains
A1	Verified protection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TCSEC, ITSEC, CC

A

TCSEC ITSEC CC description
D F-D+E0 EAL0,EAL1 Minimal/no protection
C1 F-C1+E1 EAL2 Discretionary security mechanisms
C2 F-C2+E2 EAL3 Controlled access protection
B1 F-B1+E3 EAL4 Labeled security protection
B2 F-B2+E4 EAL5 Structured security protection
B3 F-B3+E5 EAL6 Security domains
A1 F-B3+E6 EAL7 Verified security design

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Common Criteria Structure

A

○ Part 1 - intro and general model - describes the general concepts and underlying model used to eval IT security. Intro and explanatory material.
○ Part 2 - Security Functional Requirements
○ Part 3 - Security Assurance - assurance requirements for TOEs in areas of config mgmt, delivery and operation, dev, guidance docs, and life-cycle support plus assurance tests and vuln assessments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Common Criteria Elements

A

○ Protection profiles - specify for a product to be evaluated the security requirements and protections (security desires)
○ Security targets - specify claims of security from vendor that are built into TOE (implemented security measures)
§ Package - intermediate grouping of security requirement components that can be added or removed from a TOE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions