CISSP Flashcards
RMM mnemonic
[After People Die I’m Out] (Adhoc, Preliminary, Defined, Integrated, Optimized)
ISC2 Code of Ethics Preamble
The safety and welfare of society and the common good, duty to our principals, and to each other, requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior.
Therefore, strict adherence to this Code is a condition of certification.
ISC2 Code of Ethics Canons
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.
Bell-LaPadula
Confidentiality (MAC)
Simple Security Property - No Read Up
* Security Property - No Write Down
Strong * Property - No Read or Write UP and Down
BIBA
Integrity (MAC)
Simple Integrity Axiom - No Read Down
* Integrity Axiom - No Write Up
Invocation - NRU,NWU
Lattice Based, who, when, type of access control, concerned with restricting…, based on the interaction between… , diagram
(Denning 1976) (MAC)
restrict information flow,
based on the interaction between any combination of objects (such as resources, computers, and applications) and subjects (such as individuals, groups or organizations)
TS1,2
TS1 TS2
S1,2
S1 S2
TS
S
Graham Denning, based on what other model?, what type of systems?, what does it show mainly?, what else does it address, functions
EDSA
(Extended LBAC)
Distributed Systems
Shows how subjects and objects should be securely created and deleted.
It also addresses how to Assign specific access rights.
Graham and GA are associated
1 TA
2 GA
3 DA
4 RO
5 CO
6 DO
7 CS
8 DS
Harrison Ruzzo Ullman, extended from what other model?, access control type, used for…, functions
Extended GD
DAC
Operating System level Subjects = Objects
1 CO
2 CS
3 DS
4 DO
5 ERAM (enter right into access matrix)
6 DRAM (delete right from access matrix)
Clark Wilson, description, used to ensure data… and … using … to ensure the system maintains … …, provides (2)
CW (consistent state / well formed transactions)
Integrity - Separates Users Well Formed Transactions
Subjects / Programs / Objects
Consistent State -> Consistent State
Provides: Separation of Duties and Data Integrity
Brewer Nash / Chinese Wall / Information Barriers, constructed to provide information … … controls that can … …
Info Flow
N conflict of interest
constructed to provide information security access controls that can change dynamically
Non-Interference definition
actions at higher sec levels don’t affect lower levels subject knowledge of system state
Take Grant, used in the field of computer security to … or … the … of a given … … that follows … rules, diagram
used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules.
S1
t
S2 g S3
c/r
O
Zachman Framework, used for, by establishing 6 frameworks for whom (6)
provides a means of classifying an organization’s architecture
6 Frameworks (What, How, Where, Who, When, Why)
mapped to rules for Planner, Owner, Designer, Builder, Programmer, User
Cybersecurity Evaluation Methods, Certification, Accreditation
Historical and current (4 items total)
1980’s DoD Orange Book - Trusted Computer Systems (retired)
1980’s Dod Red Book - Trusted Networks (retired)
ITSEC (Europe) 1st International, references Orange Book (retired)
ISO / IEC 15408 (International Common Criteria)
International Common Criteria
EAL’s
Mnemonic
[Footbal Seams Mostly Mean Says Silly Fools]
1F Functionally Tested
2S Structurally Tested
3M Methodically Tested
4M Methodically Designed and Tested
5S Semi-formally Tested
6S Semi-formally Designed and Tested
7F Formally Designed and Tested
Need to know
employes who don’t need to know shouldn’t access (even if they can access)
While” need to know” indicates the user has a legitimate reason to access something, least privilege is the enforcement method that limits access to that something, and what the user can do with that something.
need to know predicates invocation of least privilege
Secure / Security Design Principles detail on usage (4), one has 7 characteristics
Trust but Verify (security perimeter, outside perimter not trusted, once inside trusted)
Zero Trust (no security perimeter, always verify - best for clouds)
Privacy by design (proactive, default, embedded, full functionality, end to end, visibility / transparency, respect for privacy) PED FEVR
Share responsibility (shared with cloud provider)
Security Domains (Modes) for Hardware access (5)
Kernel mode / Supervisor mode - unrestricted access to hardware
User mode / problem mode - no direct access to hardware only access via API
Open systems - components built with open standards (tested but open to common vulnerabilities)
Closed systems - proprietary hardware and software (not tested but not open to common vulnerabilities)
Ring Model from -1 (hypervisor), 0 (kernel), 1, 2 (drivers), 3 (applications)
TPM, what does it mean,
what is it,
functions provided (5),
ties … … to … to prevent …,
can also be used to … the … … to prevent …,
2 keys in persistent memory,
3 keys in versatile memory,
what is each key used for
Trusted Platform Module
international standard for a secure cryptoprocessor -
functions:
RNG (random number gen),
encryption,
hashing,
secure key storage,
boot integrity
ties hard drive to system to prevent tampering
can also be used to “seal” the system configuration in order to prevent tampering
keys: EaSy / P A Ss
2 keys in persistent memory:
EK - endorsement key ensures the authenticity of the TPM
SRK - storage root key, master key to secure other keys stored in TPM
3 keys in versatile memory:
PCR - used to store hashes for sealing
AIK - Attestation Identity Keys - used for attestation of TPM chip, AIK ensures integrity of EK
Storage Keys - used to encrypt storage
monolithic kernel
one static executable run in supervisor mode
DCS
distributed control systems, computerized control system with distributed, autonomous controllers 1000’s+
XOR
add key to plain text to create cipher text
always done in binary 0’s and 1’s
result If both are the same, it’s 0, if not it’s 1
Substitution, how it’s done and what does it provide
replaces characters in plain text with cipher text, provides confusion
Permutation
provides diffusion by rearranging characters in plain text into the cipher text