Chapter 9 Securing Dedicated Systems

Question 1

What are some characteristics of desktop computers?

Answer 1

Desktop computers offer the flexibility to run different operating systems and are expandable with the ability to add or remove components such as memory and storage.

Question 2

What is an embedded system?

Answer 2

An embedded system is a specialized computer system with fixed hardware, a specialized use, and a specific operating system designed for a particular purpose.

Question 3

What are some examples of embedded systems?

Answer 3

Examples of embedded systems include Raspberry Pi, industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, Internet of Things (IoT) devices, medical systems, in-vehicle computing systems, drones, smart meters, surveillance systems, VoIP phones, and mobile devices.

Question 4

What is the significance of real-time operating systems in industrial control systems (ICS) and SCADA systems?

Answer 4

Industrial control systems and SCADA systems often use real-time operating systems designed to handle real-time processing and respond to events in a timely manner.

Question 5

What are some unique security considerations for IoT devices?

Answer 5

IoT devices can connect to the Internet, making them susceptible to security vulnerabilities and attacks. Security measures should be implemented to protect against unauthorized access and ensure the privacy and integrity of data transmitted by these devices.

Question 6

How does voice over IP (VoIP) relate to embedded systems?

Answer 6

VoIP phones, which use IP networks to transmit voice calls, are considered embedded systems. They have CPUs, RAM, operating systems, and security considerations specific to VoIP technology.

Question 7

What distinguishes mobile systems in terms of security?

Answer 7

Mobile systems, such as laptops, tablets, and smartphones, are considered embedded systems with the added characteristic of mobility. They have fixed hardware, specific operating systems, and unique security concerns related to their portability and connectivity.

Question 8

What are industrial control systems (ICS) and what industries use them?

Answer 8

Industrial control systems are specialized computers used in various industries such as manufacturing, water treatment plants, and power grid utilities. They are responsible for controlling and monitoring physical processes and equipment in these industries.

Question 9

What is a programmable logic controller (PLC)?

Answer 9

A programmable logic controller (PLC) is an industrial control system device with an IP address and various ports used to connect sensors, robotic machinery, actuators, and other equipment. It plays a crucial role in controlling and monitoring physical processes in industrial environments.

Question 10

Why are industrial control systems a potential security concern?

Answer 10

Industrial control systems, including PLCs, are connected to networks and have the potential to be targeted by attackers. Compromising these systems can have serious consequences as they control physical equipment and processes in critical infrastructures.

Question 11

What security measures should be taken to protect industrial control systems?

Answer 11

Security measures for industrial control systems include applying firmware updates to address vulnerabilities, ensuring the security of monitoring stations that interact with the systems, implementing network isolation to limit exposure to external networks, and considering the use of lightweight operating systems specifically designed for industrial control applications.

Question 12

What is supervisory control and data acquisition (SCADA) and how does it relate to industrial control systems?

Answer 12

SCADA refers to a collection of industrial control system devices that focus on specific tasks such as monitoring and controlling processes in manufacturing, water treatment plants, power grids, and other industries. SCADA systems can be dispersed over a wide area network and often include a central supervisory station that retrieves data from multiple PLCs located in remote areas.

Question 13

What is the role of a supervisory control and data acquisition (SCADA) master station?

Answer 13

The SCADA master station serves as a central control and monitoring point for industrial processes. It collects data from various PLCs and provides real-time information on the status and performance of equipment and processes in industrial environments.

Question 14

What is the Internet of Things (IoT) and what does it encompass?

Answer 14

The IoT refers to interconnected devices that can transmit data over the internet, including laptops, smartphones, smartwatches, baby monitors, and more.

Question 15

What are some security considerations for IoT devices?

Answer 15

Security concerns include default credentials, lack of firmware updates, and vulnerability to malware. To mitigate risks, apply updates, change default credentials, use secure protocols, and secure interacting devices.

Question 16

Can you explain the security implications of IoT devices and the need for network isolation?

Answer 16

IoT devices can be vulnerable to attacks, compromising user privacy. Network isolation is essential to protect other networks by placing IoT devices on separate VLANs and implementing firewall rules.

Question 17

What is Zigbee, and how does it relate to IoT security?

Answer 17

Zigbee is a protocol for smart home wireless networking. It provides inherent security measures like encryption. However, vulnerabilities can still exist, so updating firmware, securing devices, and network isolation are important for IoT security.

Question 18

What is GPS?

Answer 18

GPS is a satellite navigation system that tracks objects based on coordinates to determine their location on Earth.

Question 19

What is infrared?

Answer 19

Infrared is a legacy wireless technology that requires line-of-sight communication and was commonly used for interconnecting devices in the past.

Question 20

What is cellular communication?

Answer 20

Cellular communication enables phone calls, texting, and data transmission over the cellular network.

Question 21

What are Wi-Fi and Bluetooth?

Answer 21

Wi-Fi and Bluetooth are wireless communication technologies that use radio waves for data transfer between devices.

Question 22

What is NFC?

Answer 22

NFC (Near Field Communication) is a short-range wireless technology used for tasks like mobile payments and data exchange between devices in close proximity.

Question 23

What is Wi-Fi Direct?

Answer 23

Wi-Fi Direct allows devices to establish a peer-to-peer connection over Wi-Fi without the need for an access point or internet connectivity.

Question 24

What is mobile device tethering?

Answer 24

Mobile device tethering enables sharing the internet connection of one device with other devices in the local vicinity.

Question 25

What are some security considerations for wireless connectivity?

Answer 25

Security considerations include disabling unnecessary services, updating firmware, and avoiding malicious hotspots.

Question 26

What are the constraints related to CPU power in mobile devices?

Answer 26

Mobile devices have limited CPU power, which can affect cryptographic operations and computational tasks.

Question 27

How does elliptic curve cryptography (ECC) address the CPU power constraint?

Answer 27

ECC uses smaller encryption keys than RSA, resulting in less computational overhead and better performance on mobile devices.

Question 28

What is a constraint related to battery life in mobile devices?

Answer 28

Battery life is limited, and performing computationally intensive tasks can drain the battery quickly.

Question 29

What is the limited transmission range constraint in mobile devices?

Answer 29

Mobile devices have shorter wireless range compared to devices connected to wired networks.

Question 30

What is the term for gaining full access to an Android phone, and why might someone do it?

Answer 30

Gaining full access to an Android phone is called rooting, and it allows users to customize firmware, run apps with elevated privileges, or install alternative operating systems.

Question 31

What is the equivalent term for gaining full access to an Apple iOS device?

Answer 31

Gaining full access to an Apple iOS device is called jailbreaking, and it serves similar purposes as rooting in Android.

Question 32

Why do organizations often prohibit rooting or jailbreaking of mobile devices?

Answer 32

Rooting or jailbreaking a device can pose security risks, as it grants unrestricted access, making the device vulnerable to malware or unauthorized actions.

Question 33

What are some constraints related to IoT devices in terms of firmware updates and default settings?

Answer 33

Some IoT devices may not receive firmware updates or allow changes to default settings, limiting their security and customization options.

Question 34

How can organizations address security concerns with mobile devices?

Answer 34

Upgrading the device or isolating it on a separate VLAN can help mitigate security risks and enforce organizational standards.

Question 35

What are the different methods of provisioning mobile devices in the enterprise?

Answer 35

The different methods are Bring Your Own Device (BYOD), Choose Your Own Device (CYOD), and Corporate Owned, Personally Enabled (COPE).

Question 36

What is the purpose of device partitioning on a mobile device?

Answer 36

Device partitioning creates a logical boundary between personal and corporate data, allowing for centralized management and selective wiping in case of loss or theft.

Question 37

What is the role of a SIM card in a mobile device?

Answer 37

A SIM card authenticates the device to the cellular network and contains subscriber information, such as the data plan and contact information.

Question 38

What is carrier unlock, and how does it relate to SIM cards?

Answer 38

Carrier unlock allows a device to be used with a different cellular provider by using the same SIM card, provided it is supported by both the carrier and the device.

Question 39

How can organizations harden mobile devices and reduce the attack surface?

Answer 39

Organizations can disable unnecessary components, enforce policies through Mobile Device Management (MDM) solutions, prevent side loading, enable strong authentication, and encrypt the device and external storage.

Question 40

What is Mobile Device Management (MDM), and what functions does it provide?

Answer 40

MDM is software that allows centralized management of mobile devices, providing functions such as policy enforcement, remote wiping, firewall configuration, app deployment, and virus updates.

Question 41

What are some recommended security measures for hardening an Android smartphone?

Answer 41

Enabling strong authentication (facial recognition, fingerprint scan), enabling find my phone/mobile, restricting installation of unknown apps, and encrypting external SD cards.

Question 42

What is a hardware security module (HSM) in the context of mobile devices?

Answer 42

A hardware security module is a micro SD card used in high-security environments to store cryptographic secrets and perform cryptographic operations, offloading them from the device’s built-in capabilities.

Question 43

How does physical security relate to cybersecurity?

Answer 43

Physical security is closely related to cybersecurity because physical access to hardware and devices can provide opportunities for malicious actors to compromise data and systems

Question 44

What are some examples of physical security measures?

Answer 44

Physical security measures include controlled access to facilities, visitor logs, reception area security, robot sentries, building security

Question 45

How can hardware key loggers pose a security risk?

Answer 45

Hardware key loggers can be used by malicious actors to capture keystrokes entered on a keyboard, including sensitive information such as passwords and usernames.

Question 46

What is the purpose of access control vestibules or mantraps?

Answer 46

Access control vestibules, also known as mantraps, are security mechanisms that require individuals to pass through two sets of doors. The inner door only opens when the outer door is closed successfully, preventing unauthorized access and preventing tailgating (when someone follows closely behind an authorized person to gain entry).

Question 47

What is the concept of air gapping in cybersecurity?

Answer 47

Air gapping refers to the practice of physically isolating a network from other networks, both wired and wireless. An air-gapped network has no connections to external networks, providing a higher level of security.

Question 48

What does the hardware key logger do?

Answer 48

The hardware key logger captures keystrokes entered on a keyboard.

Question 49

How can an attacker gain access to the captured keystrokes?

Answer 49

The attacker can connect to the key logger’s Wi-Fi network and view the captured keystrokes through a web page.

Question 50

Why is physical security important in protecting digital assets?

Answer 50

Physical security helps prevent unauthorized access to devices and protects against physical compromises, such as the installation of key loggers.

Question 51

What measures can be taken to enhance physical security?

Answer 51

Implementing visitor logs, reception area security, locked equipment racks, and access control measures can enhance physical security.

Question 52

What role does physical security play in conjunction with cybersecurity?

Answer 52

Physical security complements cybersecurity measures to ensure comprehensive protection of digital assets and mitigate potential threats.

Question 53

Why is airflow management important in physical security?

Answer 53

Airflow management is important in physical security because it helps regulate the temperature of equipment in server rooms or data centers, preventing overheating and ensuring optimal performance.

Question 54

How can airflow be controlled in server rooms or data centers?

Answer 54

Airflow can be controlled by keeping incoming cool air separate from warm air being exhausted. This can be achieved through the use of containment panels or curtains, blanking panels, and proper ventilation systems.

Question 55

What are the consequences of inadequate airflow management?

Answer 55

Inadequate airflow management can lead to equipment overheating, CPU throttling, performance degradation, and even system shutdowns, resulting in a loss of availability and potential security risks.

Question 56

How do hot and cold aisles contribute to airflow management?

Answer 56

Hot and cold aisles help maintain airflow separation by ensuring that cool air is directed towards equipment intake fans (cold aisle) and warm air is contained and exhausted away from the equipment (hot aisle).

Question 57

Why is monitoring environmental factors important in physical security?

Answer 57

Monitoring temperature, pressure, humidity, noise, and other environmental factors is crucial to detect potential issues, such as overheating, and take preventive actions before they lead to equipment failure or security breaches.