CISSP DOMAIN 1 Flashcards
git r done
1
Q
Security and Risk Management
A
Security terminology and Principles, Protection Control Types, Frameworks, Models, Standards, and best practices, Laws and Crimes, Intellectual Property, Data Breaches, Risk Management, Threat Modeling, Business Continuity, Disaster Recovery, Personnel Security, Security Governance
2
Q
Two Key Concepts
A
Security and Risk
3
Q
AIC Triad
A
Availability
Integrity
Confidentiality
4
Q
Security Objectives
A
Availability
Confidentiality
Integrity
5
Q
Protect Integrity
A
Access Controls
Intrusion Detection
Hashing
6
Q
Availability
A
Reliability and timely access
7
Q
Integrity
A
Assurance of the accuracy and reliability of information systems
8
Q
Confidentiality
A
Necessary level of secrecy
9
Q
Threats to Confidentiality
A
Network monitoring
Shoulder surfing
stealing password files
breaking encryption schemes
social engineering
10
Q
How to maintain Confidentiality
A
Encryption
strict access control
data classification
training personnel
11
Q
Availability Controls
A
RAID Clustering Load Balancing Redundant power and data line Colocation and offsite rollback Fail over
12
Q
Integrity Controls
A
Hashing
Configuration Management
Change Control, Access Control
Software Digital Signing
Transmission cyclic redundancy check (CRC)
13
Q
Confidentiality Controls
A
Encryption for data at rest
Whole Disk Encryption
Encryption for data in transit, (IPSEC, TLS, PPTP, SSH,)
Access Control
14
Q
Encryption for data in transit
A
IPec
TLS
SSH,
15
Q
Types of Access Control
A
Physical and Technical
16
Q
Transmission CRC
A
Cyclic Redundancy Check
17
Q
Vulnerability
A
Weakness in a system that allows a threat to compromise security
18
Q
Threat
A
Potential Danger that can exploit a vulnerability
19
Q
Threat agent
A
Person, Process, or employee
20
Q
Risk definition
A
Likelihood of a threat source exploiting a vulnerability
21
Q
Risk function
A
Ties vulnerability, threat, and likelihood of exploitation
22
Q
Exposure
A
instance of being exposed to losses
23
Q
Control or Countermeasure
A
Mitigates potential risk
24
Q
Control functions
A
Reduce risk an organization faces
25
Control types
Administrative
Technical
Physical
26
Administrative Control Types
Security documentation
risk management
personnel security
training
27
Technical Controls
```
(also called logical controls)
software or hardware components
Firewalls
IDS
encryption
identification
authentication mechanisms
```
28
Physical controls
Security guards
locks
fencing
lighting
29
Controls must
Must map to threats
30
Functionalities of Controls
```
Preventive
detective
corrective
deterrent
recovery
compensating
```
31
Preventive control
Intended to avoid and incident from occurring
32
Detective Control
Helps identify an incident's activity and potentially an intruder
33
Corrective
Fixes components or systems after an incident
34
Deterrent
Intended to discourage a potential attacker
35
Recovery
Intended to bring the environment back to regular operations
36
Compensating controls
Provide alternative measure of control
37
Preventive Administrative controls
```
Policies and procedures
Effective hiring practices
Pre employment background checks
Controlled termination processes
data classification and labeling
Security awareness
```
38
Preventive: Physical controls
```
Badges
swipe cards
Guards
dogs
fences
locks
man traps
```
39
Preventive: Technical
```
Passwords
biometrics
smart cards
encryption
protocols, call-back systems, database views constrained user interfaces
Antimalware software
access control lists
firewalls,
intrusion prevention system,
```
40
A security program is
A framework made up of many entities;
| logical, administrative, and physical
41
ISO/IEC 27000 series
International standards on how to develop and maintain an ISMS. British standard 7799 (BS7799)
42
7799
British standard for ISMS, 27000 series is based on this
43
BS 7799
developing standard to provide guidance on how to design, implement policies,processes and technologies to manage risks
44
BS7799 Part 1
Outlined control objectives and a range of controls to meet those objectives
45
BS 7799 Part 2
Baselines for organizations could be certified against
46
ISO/IEC 27000
Overview and vocabulary
47
ISO/IEC 27001
ISMS requirements
48
ISO/IEC 27002
Code of practice for information security management
49
ISO/IEC 27003
ISMS implementation
50
ISO/IEC 27004
ISMS measurement
51
ISO/IEC 27005
Risk management
52
ISO/IEC 27006
Certification body requirements
53
ISO/IEC 27007
ISMS auditing
54
ISO/IEC 27008
Guidance for auditors
55
ISO/IEC 27011
Telecommunication organizations
56
ISO/IEC 27014
Information Security governance
57
ISO/IEC 27015
Financial Sector
58
ISO/IEC 27031
Business Continuity
59
ISO/IEC 27032
Cybersecurity
60
ISO/IEC 27033
Network Security
61
ISO/IEC 27034
Application Security
62
ISO/IEC 27035
Incident Management
63
ISO/IEC 27037
Digital collection and preservation
64
ISO/IEC 27799
Health organizations
65
Framework
Guideline on how to build an architecture
66
When developing an architecture
stakeholders first, Views next,
67
Security through obscurity
Confusion
68
A security program is
a framework
69
Clinger-Cohen Act
Requires IT organizations to improve their IT expenditures
70
Zachman Architecture Framework 6 elements
Two dimensional model 6 elements;
| What, How, Where, Who, When, Why
71
Zachman goal
look at the same organization from different viewpoints
72
The Open Group Architecture Framework (TOGAF)
```
Understand the enterprise from 4 different views
Business
Data
Application
Technology
Is iterative and cyclic
```
73
Defense Architecture Framework (DoDAF
Focuses on Command, Control, Communications, computers, intelligence, surveillance, reconnaissance, and processes
74
Ministry of Defense Architecture Framework (MODAF)
To get data in the right format to the right people as soon as possible
75
Sherwood Applied Business Security Architecture (SABSA)
```
Layered Framework
What are you trying to do?
Why are you doing it?
How are you trying to do it?
Who is involved?
Where are you doing it?
When are you doing it?
Strategic alignment
```
76
Business Enablement means
The core business processes are integrated into the security operating model
77
Security Effectiveness
```
deals with metrics
meeting Service level agreements
achieving ROI
meeting set baselines
providing management with a dashboard
or balanced scorecard
```
78
Difference between enterprise and system architectures
Enterprise is the structure of the organization.
| System is the structure of the software and computing components
79
Control Objectives for Information and related Technologies (COBIT) key principles
1. Meeting Stakeholder needs
2. Covering the enterprise end to end
3, Applying a single integrated framework
4. Enabling a wholistic approach
5. Separating governance from management
80
Everything in COBIT is linked to
stakeholders through a series of goals.
At any point, we should be able to ask,
"why are we doing this?"
81
NIST 800-53
Security and privacy controls for Federal information systems
82
NIST 800-53 control categories
management
operational
technical
83
COSO Committee on Sponsoring Organizations
Model for corporate governance
84
Sarbane-Oxley Act
Sends executives to jail for reporting fraudulent accounting.
85
ITIL
De facto standard for best practices
86
Six Sigma
Process improvement
87
Capability Maturity Model Integration CMMI
```
Level 0 = Nonexistant
Level 1 = Unpredictable Processes
Level 2 = Repeatable processes
Level 3 = Defined Processes
Level 4 = Managed processes
Level 5 = Optimized processes
```
88
Process Life Cycle
Plan and Organize
Implement
Operate and maintain
Monitor and evaluate
89
Zombies, Bots, Botnets
Compromised system,
Software installed
Multiple systems
90
Botnets can
carry out DDOS attacks,
transfer spam
91
Advanced Persistent Threat
Focused and motivated to penetrate a network
| Custom developed for a target.
92
APT activity
Phishing and zero day attack
Back door
Lateral movement
Data gathering
ex-filtrate
93
Organization for Economic Co-operation and Development (OECD)
Protection of privacy and trans-border flows of personal data.
94
Organization for Economic Co-operation and Development
OECD principles
```
Collection Limitation Principle
Data Quality Principle
Purpose Specification Principle
User limitation principle
Openness Principle
Individualization Principle
Accountability Principle
```
95
OECD Collection Limitation Principle
Personal data should be limited, obtained lawfully and fair, with the knowledge of the subject
96
OECD Data Quality Principle
Personal data should be kept complete and current
97
OECD Purpose specification Principle
Subjects should be notified of the reason for collection
98
OECD User limitation Principle
Disclosure only by consent of the subject
99
OECD Security Safeguard Principle
Reasonable protection of data
100
OECD Openness Principle
Subjects should be able to easily establish existence and nature of the personal data
101
OECD Accountability Principle
Organizations accountable for complying with other principles
102
European Union Principles on Privacy
Addresses using and transmitting private information
103
EU Data Protection Directive
All states in Europe must abide by prionciples to be in compliance
104
Safe Harbor
Outlines how US based companies can comply with EU principles
105
Wassenaar Arrangement
Export comtrols for conventional arms and dual use goods and technologies
106
Civil Code Law System
```
Used in continental Europe
Different from England's Common law
Rule based not precedent based
Not civil (tort)
Most widespread system in the world
```
107
Common Law System
Developed in England
Based on previous judgments
Reflects community's morals and expectations
Led to creation of lawyers
108
Criminal Law
Based on common law or statutory law
Addresses behavior considered harmful to society
Punishment is loss of freedom or incarceration
Prosecution beyond a reasonable doubt
109
Civil (tort)
offshoot of criminal law
| defendant owes a legal duty to victim
110
Civil law types
```
Intentional
Wrongs against property
Wrongs against a person
Negligence
Nuisance
Dignitary wrongs
Economic wrongs
Strict labiliy
```
111
Administrative Law
Created by administrative agencies.
112
Customary Law system
Deals with personal conduct and patterns of behavior
| Based on rules of the region
113
Religious Law system
Covers all aspects of life
114
Mixed law system
Two or more legal sysstems
115
Trade Secret
Violation of a resource that provides value
| Something that is proprietary and important to survival and profitability
116
Copyright
Protects the right of a creator of original works to control publication and distribution
Covers categories of work
Includes Computer programs and manuals
People are covered for their lifetime plus 70 years
117
Trademark
Used to protect a word, name, symbol sound, shape or color
118
Patent
Given to grant legal ownership to an individual or company to exclude others from using or copying
Good for 20 years from date of approval
Patent is the strongest form of intellectual property protection
119
Software piracy
when intellectual or creative work of an author is used without permission
120
Freeware
Publicly available software available free of charge.
| Can be copied, studied,modified
121
Shareware
User can try out software then buy it
122
Commercial software
Sold commercially
123
academic software
provided at reduced cost
124
Personal Identifiable Information
data that can uniquely identify contact, or locate a single person
125
HIPPA
Framework and guidelines to ensure security, integrity, , and privacy
126
Health Information Technology and Clinical Health Act (HITECH)
Expands HIPPA
127
USA Patriot Act
Reduces restrictions on law enforcement agencies
128
Graham-Leach-Bliley ACT GLBA
Financial Privacy Rule
Safeguards Rule
Pretexting Protection
129
Personal Information Protection and Electronic Documents Act
Canadian law protects personal information
130
Payment Card Industry Data Security Standard PCI-DSS
Credit card industry program
12 requirements
Use firewalls, Do not use vendor defaults, Protect stored cardholder data, Encrypt,
131
Employee privacy
Employee must be aware of monitoring, Monitoring must be work related, Must be explained to employee by policy and constantly reminded, Signed Acceptable Use Policy.
132
Reasonable Expectation of Privacy
Employees must be informed of monitoring or privacy rights will be violated
133
Data Breach
The opposite of privacy
134
Security Policy
Overall general statement by senior management.
| Must be technology independent
135
Regulatory Policy
Detailed and specific industry regulations
136
Standards
Mandatory activities actions or rules
137
Baseline
Comparison for future changes
138
Guidelines
Recommended actions and operational guides
139
Risk Management
Process of identifying and assessing risk, reducing it to an acceptable level, and ensuring it remains at that level
140
Risk categories
Physical, Human interaction, Equipment malfunction, Inside/outside attacks, misuse of data, Loss of data, application error
141
NIST SP 800-39 tiers to risk management
Organizational, Business Process, Information Systems,
142
NIST 800-39 four components of risk management
Frame Risk
Assess Risk
Respond to Risk
Monitor Risk
143
Threat Modeling
Process of describing feasible adverse effects on our assets caused by threat sources
Interested in vulnerabilities in our systems that could lead to compromise
Who would want to exploit this vulnerability and why
Determine whether a given threat source has the means to attack
144
The weakest link in security
People
145
Social Engineering
Process of getting a person to violate a security procedure or policy
146
Attack Tree
Vulnerability-threat-attack triad
147
Risk Assessment
method of identifying vulnerabilities and threats
148
Risk Analysis
Used to ensure that security is cost effective, relevant, timely, and responsive to threats
149
Four goals of Risk Analysis
Identify assets
Identify vulnerabilities and threats
Quantify the probability and business impact of the threat and cost of the countermeasure
150
Risk Analysis provides
a cost/benefit comparison
151
Business and Security objectives must be
Aligned
152
Purpose and scope are determined by
Senior Management
153
Cascading errors
Errors passed on to other processes
154
Loss potential
What would be lost if a threat agent exploited a vulnerability
155
Delayed loss
Secondary in nature like reputation, market share, late penalties, civil suits, delayed collection of funds
156
NIST 800-30
Guide for conducting Risk Assessments
157
NIST 800 30 Risk Assessment steps
Prepare for the assessment
Conduct the assessment
Communicate results
Maintain assessment
158
FRAP
Facilitated risk analysis process.
Qualitative methodology
only focused on systems that really need assessing
Used to analyze one system, application, or business process at a time
159
Operationally Critical Threat, Asset, and vulnerability evaluation (Octave)
Created by Canegie Mellon
Places people who work in the areas in decision making positions
Used to assess all systems
160
AS/NZS 4360
Focused on the health of a company
161
ISO 27005
International Standard for risk management ISMS
162
Failure Mode Effect Analysis (FMEA)
Determines functions, identifies functional failures, and assesses the causes of failure
Frequently used in product development and operational environments
Identifies single point of failure
163
FMEA Steps
Start with a block diagram
Consider what happens if each block fails
Draw a table with failures paired with effect
Correct the design of the system
Have several engineers review
164
CRAMM Central computing and telecom Agency Risk Analysis and Management Method
Works in stages
Define objectives
Assess Risks
identify countermeasures
165
Two approaches to risk analysis
Qualitative and Quantitative
166
Quantitative Risk Analysis
Assign monetary and numeric values to all elements
167
Qualitative Analysis
Assigns subjective ratings to risk as in Red, Yellow, and Green
168
Single Loss Expectancy SLE
Dollar amount assigned to a single event
169
Asset Value x Exposure Factor =
SLE
170
Exposure Factor EF
percentage of loss a realized threat could have on an asset
171
SLE x Annualized Rate of Occurrence =
Annualized Loss Expectancy ALE
172
Qualitative Risk Analysis
Walk through different scenarios of risk possibilitoes and rank the seriousness of the threats
173
Qualitative Risk Analysis includes
judgement, best practices, intuition, and experience
174
To gather qualitative data
Delphi, Brainstorming, story-boarding, focus groups, surveys, questionnaires, checklists, one-on-one meetings, and interviews
175
Value of a safeguard to the company =
(ALE before implementing a safeguard) - (ALE after a safeguard) - (Annual cost of a safeguard)
176
Residual Risk =
threats x vulnerability x asset value = total risk (threats x vulnerability x asset value) x controls gap = residual risk
or
Total Risk - countermeasure = residual risk
177
Risk can be dealt with in 4 ways
Transfer
avoid
reduce
accept
178
Transfer risk
insurance
179
Risk avoidance
Discontinue risk behavior
180
Accepts the Risk
Acknowledge the risk and decides to live with it without countermeasures
181
SAS 70
an internal controls audit carried out by a third party auditing organization
182
NIST RMF (SP 800-37r1)
US government system life-cycle approach to Risk management
183
ISO 31000-2009
Risk management framework
184
ISACA
Working group of academic and corporate risk professionals
185
COSO Enterprise Risk Management
Generic. Not IT centric
186
NIST RMF 800-37 six step process
1. Categorize information system
2. Select Security controls
3 Implement security controls
4 Assess security controls
5 Authorize information system
6 Monitor security controls
187
Goal of disaster recovery
Minimize the effects of a disaster or disruption
188
Continuity planning
provides methods and procedures for dealing with long term outages and disasters
189
NIST 800-34
Continuity Planning Guide for Federal Information Systems
Steps
1. Develop the continuity planning policy statement
2. Conduct the business impact analysis
3, Identify preventive controls
4. Create contingency strategies
5 Develop an information system contingency plan
6 Ensure plan testing, training and exercises
7 Develop plan maintenance
190
SWOT
Strengths
Weaknesses
Opportunities
Threats
191
Due Diligence
Doing everything in one's power to prevent a bad thing from happening by setting appropriate policies researching the threats and incorporating them into a risk management plan
192
Due Care
Taking precautions that a reasonable and competent person would take.
Prudent man rule
193
Business Impact Analysis
Functional analysis.
194
BIA Risk Assessment =
Threat x Impact x Probability + time`
195
Threats can be
Man made, natural, or technical
196
BIA Steps
1. Select individuals to interview for data gathering
2. Create Data gathering techniques (surveys, questionnaires, qualitative and quantitative approaches
3. Identify company's critical functions
4. Identify the resources these functions depend upon
5. Calculate how long these functions can survive without these resources
6. Identify vulnerabilities and threats to functions
7. Calculate the risk for each different business function
8. Document findings and report to management
197
Maximum Tolerable Downtime (MTD)
Outage time that can be endured
198
MTD estimates for each business function and asset
```
Critical = minutes to hours
Urgent = 24 hours
Important = 72 hours
Normal = 7 days
Nonessential = 30 days
```
199
Separation of Duties
One individual cannot complete a critical task alone.
| Is a preventive administrative control to reduce fraud
200
Collusion
at least 2 people are working together to cause description or fraud
201
Two variations of separation of duties
Split knowledge and dual control
202
Split knowledge
No one has all the details
203
Dual control
Two people work together
204
Rotation of duties
administrative detective control
| Put in place to uncover fraud
205
Mandatory vacations
Someone else discovers fraudulent errors or activities
206
Non Disclosure Agreements
Protect the company and information
207
Security Awareness
What
208
Security Training
How
209
Security Education
Why
210
ISO/IEC 27004
Used to assess the effectiveness of an ISMS and controls
211
ISC2 Code of Ethics
Protect society, the common good, necessary public trust and confidence, and the infrastructure
Act honorably, honestly, justly, responsibly and legallly
Provide diligent and competent service to principals
Advance and protect the profession
212
Internet Architecture Board
Depends on availability and accessibility
213
IAB unethical and unacceptable behavior
```
Purposely seeking unauthorized access to internet resources
Disrupting the intended use of the internet
Wasting resources (people, capacity, and computers)
Destroying the integrity of computer based information
Compromising the privacy of others
Conducting internet wide experiments in a negligent manner
```
214
Asset
Includes people, partners, equipment, facilities,reputation, and information
215
Asset life cycle stages
Acquisition
Use
Archival
Disposal
216
Data Backup
Copy of data currently in use
217
Data Archive
Copy of data no longer in use, but kept
Usually removed from its original location
218
Rationale behind assigning values to data (Classification)
To gauge the amount of funds and resources that should go to protecting the data
219
Purpose of Data Classification
Indicate the level of Confidentiality, Integrity, Availability
220
Commercial Classifications
Public
Sensitive
Private
Confidential
221
Government Classifications
Confidential
Unclassified
Sensitive but unclassified
Secret
Top Secret
222
Public classification
Disclosure not welcome.
No adverse impact if disclosed
223
Sensitive Classification
Requires special precautions.
Higher than normal protection
224
Private Classification
Personal information for company use
225
Government Classifications
```
Confidential
Unclassified
Sensitive but unclassified
Secret
Top Secret
```
226
Always carries the ultimate responsibility for the organization
Senior Management
227
Has day to day management responsibilities of an organization
CEO
228
Responsible for a corporation's accounting and financial activities
CFO
229
Responsible for strategic use and management of information systems
CIO
230
Ensuring that customer, company, and employee data are kept safe
Chief Privacy Officer
231
The amount of control an individual should be able to have and expect
Privacy
232
Mechanisms that can be put into place to provide
Privacy
233
Responsible for understanding the risks the company faces and for mitigating risks to an acceptable level
Chief security officer
234
Member of management who is in charge of a specific business unit. Ultimately responsible for a sub set of information. Decides on data classification.
Data Owner
235
Responsible for maintaining and protecting data
Data Custodian
236
Responsible for systems that may hold data owned by different data systems
System owner
237
Responsible for implementing and maintaining specific network security devices and software in the enterprise. May include creating new accounts implementing new security software and issuing passwords
Security Administrator
238
User Manager responsible for user actions
Supervisor
239
Responsible for approving or rejecting requests to change systems
Change control Analyst
240
Ensures data is stored in a way that makes most sense
Data Analyst
241
Any individual who routinely uses data for work related tasks
User
242
Periodically checks that everyone is doing what they are supposed to be doing
Auditor
243
Data Retention policy should include
What data do we keep
How long do we keep it
Where do we keep the data
244
Taxonomy
Scheme for classifying data
245
Classification
Sensitivity will determine controls
246
Normalization
Tagging schema to keep data searchable
247
Indexing
Makes data searchable
248
Electronic Discovery Reference Model (EDRM) steps
1. Identification of data = data required by the order
2. Preservation
3. Collection
4. Processing
5 Review
6. Analysis
7. Production
8. Presentation
249
Data Processors
Must understand acceptable use.
Key issues are training and auditing
250
Data Remanence 4 approaches
Overwriting
Dequassing
Encryption
Physical Destruction
251
NIST SP 800-88
Guidelines for media sanitation
252
Data at Rest
Resides in external or auxillary devices like
hard drives
SSDs
optical disks
tape
253
Data in motion
moving between computer nodes should be encrypted by TLS 1,1 and later, or IPSEC.
Weaknesses are in backward compatibility,
254
TLS relies on
digital certificates to certify one or both endpoints.
Server uses a certificate. but the client doesn't
255
Man in the middle attack
attacker intercepts one way authentication between server and client
256
Virtual Private Networks
used to provide secure connections between remote users and corporate resources by trusted channels
257
Data in use
data residing in primary storage devices such as volatile memory. Data in memory is not encrypted
258
Side channel attack
information leaked by a cryptosystem.
259
Cryptosystem
Connects 2 channels. A plaintext channel and an encrypted channel
260
Side channel
by product of a plaintext channel connecting with an encrypted channel
261
Heartbleed
2014 demonstrated unchecked boundaries could expose information from one process to other processes running on the same system
262
When media is erased or cleared it is
sanitized
263
Clearing media is acceptable when
media will be used in the same environment for the same purposes
264
Media not susceptible to degassing
Optical media, and overwriting may not be effective when dealing with solid state drives
265
Guiding principle for method and cost of data erasure
Recovery must cost more than the value of the data
266
Media management tasks
Tracking
Effectively implementing access controls
Tracking the number and location of backup versions
Documenting the history of changes to media
Ensuring environmental conditions do not endanger media
Ensuring media integrity
Inventory the media on a scheduled basis
Carrying out secure disposal activities
Internal and external labeling
267
Internal and external labeling includes
```
Date created
Retention period
Classification level
Who created it
Date to be destroyed
Name and version
```
268
Most common cause of breach
Negligence. Lack of awareness and discipline among employees
269
Data loss
do not know where data is
270
Data leak
Confidentiality has been comprised
271
Risk at data life cycles
When data moves from one stage to another
272
Misuse cases describe
threat actors and tasks they want to perform on a system
273
Use cases
used by system analysts to document tasks that authorized actors perform on a system
274
Resiliency
ability to deal with challenges
275
Network DLP
applies to protection policies to data in motion
276
Drawback of Network DLP
will not protect data on devices not on the network.
277
Endpoint DLP
Applies policies to data at rest and data in use
278
Main drawback of EDLP
complexity
279
Hybrid DLP
deploy both NDLP and EDLP
280
A subject is
The active element in a security relationship such as users, programs and computer
281
A subject acts upon or against
an object
282
Access control is
Management of the relationship between subjects and objects
283
Attacks on confidentiality
```
Capturing network traffic
stealing password files
social engineering
port scanning
shoulder surfing
eavesdropping
sniffing
escalation of privileges
```
284
Results of human error
```
oversite
ineptitude
failing to properly encrypt
failing to fully authenticate a remote system
accessing malicious sites
misrouted faxes
documents left on printers
```
285
Countermeasures to ensure confidentiality against threats
```
encryption
network traffic padding
strict access control
rigorous authentication procedures
data classification
extensive personnel training
```
286
Aspects of confidentiality
```
Sensitivity
Discretion
Criticality
Concealment
Secrecy
Privacy
Seclusion
Isolation
Integrity
```
287
Confidentiality depends on
Integrity
288
Integrity is
protecting the reliability and correctness of data
289
Integrity protection
prevents unauthorized alteration of data
290
Attacks on integrity
```
viruses
logic bombs
unauthorized access
errors in coding and applications
malicious modification
intentional replacement
system back doors
```
291
Countermeasures to ensure integrity against possible threats
```
strict access control
rigorous authentication procedures
intrusion detection systems
object/data encryption
hash total verifications
interface restrictions
input function checks
extensive personnel training
```
292
Nonrepudiation
subject who caused an event cannot deny the event occurred
293
Nonrepudiation can be established using
Digital certificates
session identifiers
transaction logs
transactional and access control mechanisms
294
Threats to availability
```
device failure
software errors
environmental issues
DOS attacks
object destruction
communication disruptions
```
295
Countermeasures to ensure availability
Designing systems properly
Effective access control
Monitoring performance and network traffic
Using firewalls and routers to prevent DOS attacks
Redundancy for critical systems
Maintaining and testing backup systems
Eliminate single points of failure
296
Availability depends on
Both Confidentiality and Integrity
297
Aspects of availability include
Usability
Accessibility
Timeliness
298
AAA services
Authentication
Authorization
Accountability or Auditing
299
Identification
Claiming to be an identity when accessing a secured area or system
300
Authentication
Proving you are an identity
301
Authorization
Defining permissions
302
Auditing
Recording a log of events to check for compliance
303
Most common form of authentication
password
304
Types of Authentication
Something you know
Something you have
Something you are
305
Access control matrix
Compares the subject, the object,
and the intended activity
306
Authorization models of access control
Discretionary Access Control
Mandatory Access Control
Role Based Access Control
307
Auditing
Programmatic means by which a subject's actions are tracked and recorded to hold a subject accountable
308
Accountability
Security policy can be enforced only if accountability is maintained.
Relies on the capability to prove a subject's identity and track their activities
309
Layering
Defense in depth.
Multiple controls in a series
310
Abstraction
Used for efficiency
Similar elements are put in groups, classes, or roles that are assigned security controls, restrictions or permissions as a collective.
311
Abstraction simplifies security
by enabling you to assign security controls to a group of objects collected by type or function
312
Data Hiding
Preventing data from being discovered or accessed by a subject by positioning data in a logical storage compartment that is not seen by the subect
313
Security governance
Collection of practices related to supporting, defining, and directing security efforts demonstrate a business
314
Business Case
Demonstrate a business specific need to alter an existing process or business task
315
Security plans are useless without
Senior Management
316
3 types of security plans
Strategic
Tactical
Operational
317
Strategic Plan
Long term plan that is stable.
Defines the organization's purpose
Helps to understand security functions and align with the organization's objectives
Useful for about 5 years
318
Tactical plan
Mid Term plan
More details on the Strategic Plan
Useful for about a year
Prescribes and schedules tasks necessary to accomplish goals
319
Operational plans
Short term, highly detailed plan based on strategic and tactical plans
Updated often monthly or quarterly
320
Acquisition and merger risks
Inappropriate information disclosure
data loss
downtime
failure to achieve sufficient return on investment
321
Divestiture risks
Assets need to be sanitized to prevent data leakage
Storage media removed and destroyed
Employees released should be debriefed
322
Change control/management involves
```
planning
testing
logging
auditing
monitoring
```
323
Goal of change management
ensure any change does not lead to reduced or compromised security
324
Change management is responsible for
Making it possible to roll back
325
Change management requirements`
Implement changes in a monitored and orderly manner
Formalized testing
Changed can be reversed
Users are informed
Effects of change are systematically analyzed
Negative impact minimized
Changes reviewed
326
Data Classification
Determines how much effort, money, and resources are allocated to protect the data and control access to it
327
Declassification
Required once an asset no longer warrants or needs the protection necessary
328
Five levels of government/military classification
```
Top Secret
Secret
Confidential
Sensitive but unclassified
Unclassified
```
329
Top Secret
unauthorized disclosure of top secret data will have drastic effects and cause grave damage to national security. Top secret data is compartmentalized on a need to know basis
330
Secret
Data of a restrictive nature. Unauthorized disclosure will have significant effects and cause critical damage to national security
331
Confidential (government)
Used for data of a sensitive, proprietary, or highly valuable nature
Disclosure would have noticeable effects and cause serious damage to national security
332
Sensitive but unclassified
For internal use only. Used to protect information that could violate the privacy of individuals
333
Unclassified
Neither sensitive nor classified
334
Classified
Used without specifying Sensitive, Confidential, Secret, or top secret.
335
Commercial Classifications
Confidential
Private
Sensitive
Public
336
Confidential (commercial)
Highest level of classification
| May be called Proprietary
337
Private
Commercial data private or personal nature
338
Sensitive
A negative impact could occur if disclosed
339
Public
All data that does not fit other classifications
340
Ownership
Formal assignment of responsibility to an individual or group
341
Security professional
Not decision makers
342
Data Owner
Responsible for classifying information for placement and protection within the security solution
Delegates to custodian
343
Data Custodian
Tasked with implementing protection defined by security policy and senior management
344
Fuzz testing
Provides many different types of inputs to software to stress its limits
345
STRIDE
```
Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Elevation of privilege
```
346
PASTA
Process for Attack Simulation and Threat Analysis
347
Seven Steps of PASTA
Stage 1 Definition of Objectives (DO) for the analysis of risk
Stage 2 Definition of technical scope (DTS)
Stage 3 Application Decomposition and Analysis (ADA)
Stage 4 Threat Analysis (TA)
Stage 5 Weakness and Vulnerability Analysis (WVA)
Stage 6 Attack Modeling and Simulation (AMS)
Stage 7 Risk Analysis and Management (RAM)
348
DREAD rating system
```
Damage potential
Reproducibility
Exploitability
Affected Users
Discoverability
```
349
SOC 1
focuses on a description of security machanisms to assess suitability
350
SOC 2
audit focuses on implemented security controls in relation to Availability, security, integrity, and confidentiality
351
NIST 800-122
Guide to protecting Personally Identifiable Information
352
Health information means any information tha
(A) is created or received by a provider, health authority, employer, life insurer, school or university
(B) Relates to past, present, or future medical or mental health or condition
353
Proprietary data
Any data that helps an organization maintain a competitive edge
354
Data classification identifies
The value of the data to the organization
355
Confidential or proprietory commercial
refers to the highest level of classified data
356
Goal of managing sensitive data
prevent data breaches
357
If media classification is to be downgraded,
it must be sanitized
358
Handling sensitive data starts with
Labeling systems and media
359
NIST SP 800-88
Guidelines for media sanitation
360
Best method of sanitizing SSDs
Destruction
361
Clearing is also known as
Overwriting
362
Purging
Prepares media for reuse in less secure environments
363
Media labeled top secret
Will remain top secret until destroyed
364
Deguassing does not effect
Optical CDs, DVDs, or SSDs
365
Encryption converts
cleartext data into scrambled ciphertext
366
Advanced Encryption Standard (AES)
Most popular symmetric algorithym
| NIST selected to replace DES
367
AES supports key sizes of
128, 192, and 256
368
Triple DES
Developed as possible replacement for DES
First implemented with 56 bit keys
Newer implementations uses 112 bit or 168 bit keys
369
Triple DES is used by
Master Card, Visa, and Europay standard
These are smart cards that include a chip and require users to enter a pin
370
Blowfish
Bruce Schneier developed as an alternative to DES
| Key sizes 32 to 448 bits
371
Bcrypt
Used by Linux
Based on blowfish
adds 128 bits as a salt to protect against
rainbow table attacks
372
Transport encryption methods encrypt
data before it is transmitted
373
Primary risk of sending data over a network is
a sniffing attack
374
Almost all HTTPS transmissions use
(TLS ) Transport Layer Security 1.1 as the underlying protocol
Port 443
375
Secure Sockets Layer (SSL)
was the precurser to TLS
Netscape created SSL
376
SSL is susceptible to
POODLE attack (Padding Oracle On Downgraded Legacy Encryption.
377
POODLE
Padding Oracle On Downgraded Oracle Legacy Encryption
| Organizations no longer use SSL because of POODLE
378
VPNs use encryption such as
TLS and IPSEC
379
IPSEC is often combined with
Layer 2 Tunneling Protocol (L2TP) for VPNs
L2TP transmits in clear text
L2TP/IPSEC encrypts data and sends in tunnel mode
380
IPSEC includes AH
Authentication Header
| Provides Authentication and Integrity
381
IPSEC includes ESP
Encapsulating Security Payload to provide Confidentiality
382
IPSEC and Secure Shell (SSH)
Used to protect data in transit on internal networks
383
SSH, Secure Shell is used by
```
other protocols
Secure Copy (SCP) and Secure File Transfer Protocol (SFTP) to transfer encrypted files over a network
```
384
SSH is used by administrators to
Administer remote servers
| SSH encrypts all traffic, including passwords
385
NIST 800-18 Responsibilities for information data owner
Establish rules for appropriate use and protection of data/information
(rules of behavior) =Acceptable use policy
Provides input to information systems owners regarding the security requirements and security controls where the data resides
Decides who has access to the information system and with what types of privileges or access rights
Assists in the identification and assessment of the common security controls where the data resides
386
Asset owners
person who owns the asset or system that processes sensitive data
1. Develops a system security plan in coordination with information owners, system administrator, and functional end users
2. Maintains the sytem security plan and ensures the system is deployed and operated according yo agreed upon requirements
3. Ensures that system users and support personel receive training and instruction on rules of behavior (AUP)
4. Updates system security plan whenever a change occurs
5. Assists in the identification, implementation, and assessment of common security controls
387
Safe harbor replaced by
EU US privacy shield
388
Privacy shield principles
Notice: must inform individuals about the purpose of retained data
Choice: An organization must offer individuals opportunity to opt out
Accountabiity for onward transfer
Security
Data Integrity and purpose limitation
Access: individuals must have access to the ino
Recourse, Enforcemement, and liability
389
Pseudonymization
Alias. Replacing data with artificial identifiers
390
Tokenization
Like pseudonymization
391
Anonymization
Removes all identifiable information
392
Data masking
replaces data
393
Administrators
Responsible for granting rights
394
Custodian
protect security and integrity of data
395
Baselines
Establish a minimum
396
GDPR
General Data Protection Regulation
397
Architecture
tool used to conceptually understand the structure and behavior of a complex entity through different views
398
Architecture description
formal description and representation of a system
399
System architecture
describes the major components of the system and how they interact with each other, the users, and other systems
400
Development
refers to the entire life cycle of a system.
| Including planning, analysis, design, building, testing, deployment, maintenance, and retirement phases.
401
System
Can be an individual computer, application, a set of sub systems, a set of computers, or a set of networks
402
ISO/IEC/IEEE 42010
System and software engineering--Architecture description
Goal is to internationally standardize how system architecture takes place so developers aren't just winging it.
403
42010 shared vocabulary
Architecture is fundamental organization of a system
Architecture description documents to formalize architecture
Stakeholder is an individual or team with interests in, or concerns related to, a system
View is representation of a whole system from the perspective of concerns
Viewpoint is template from which to develop views
404
Stakeholder
Individual, team, or organization with interests or concerns in a system
405
View
Representation of a whole system from the perspective of a related set of concerns
406
Central Processing unit
the brain of the computer
fetches instructions from memory and executes them,
contains millions of transisters
contains registers that point to memory locations
407
Register
is a temporary storage location
408
execution of instructions is done by the
Arithmetic logic unit (ALU)
409
Arithmetic logic unit is
the brain of the CPU and the cpu is the brain of the computer
410
Control unit
Manages and synchronizes the system
Control unit is the component that fetches code, interprets code, and oversees the execution of different instruction sets
Control unit does not actually process data
It directs
411
Multitasking in reality
is executing instructions serially, one at a time
412
General registers are used
to hold variables and temporary results as the ALU works through its execution steps
General registers are the ALUs scratch pad
413
Program counter register
contains the memory address of the next instruction to be fetched
414
Program Status Word (PSW)
hold different condition bits
one bit indicates whether the CPU should be working in user mode (problem state) or privileged mode (also called kernal or supervisor mode
415
Symmetric mode
work is handed to processors as needed
| load balancing
416
Assynchronous mode
when a processor is dedicated
417
Dynamic RAM
Must be continuously refreshed
418
DRAM is ___________ than static RAM
Slower
419
Static RAM does not require
continuous refreshing
420
rical to system performance
Memory type and amount
Memory addressing
Bus speeds
421
Synchronous DRAM (SDRAM)
Synchronizes itself with the system's CPU
Coordinates activities with the CPU clock
Increases speed of transmitting and executing data.
422
Extended Data Out DRAM (EDO DRAM)
Faster than DRAM because DRAM can only access Cone block of data at a time.
It is a "look ahead" feature that speeds the process
423
Burst EDO DRAM (BEDO DRAM)
Can send more data at once
424
Double Data Rate SDRAM (DDR SDRAM)
Caries out read operations on the rising and falling of clock pulse
425
Hardware segmentation
Systems of a high trust level may need to segment memory physically instead of just logically
426
Read only Memory
Nonvolatile memory
When power is turned off, data is still held within memory chips.
Data cannot be altered
Software stored in ROM is firmware
427
Erasable Programmable Read Only Memory (EPROM)
Can be erased, modified, and upgraded.
Holds data that can be electrically erased or written to
UV light device requires to erase
428
Electrically Erasible Programmable Read Only Memory
EEPROM
Can be erased electronically
429
Flash memory
used in digital cameras, bios chips, memory cards, and video game consoles.
430
Cache Memory
Used for high-speed writing and reading activities.
Can be accessed more quickly than data in other types
431
Types of cache
L1 is fastest.. L2 is slower, L3 is slowest
432
CPU accesses memory
Dire
has physical wires connected to memory chips within the computer
Uses physical addresses instead of pointers (logical addresses)
433
Physical Addresses
Used by CPU
Not by software
434
Software addressing is
Logical pointed to memory addresses
Accessing memory indirectly provides an access control layer
435
When a program attempts to access memory
its access rights are verified
436
Absolute Addresses
The physical memory addresses used by the CPU
437
Logical Addresses
used by software
438
Relative addresses are
based on a known address with an offset value applied
439
Buffer oveflow
takes place when too much data is accepted as input to a specific process
440
Buffer
a small bucket.
When the bucket overflows, data goes into other bucke
441
Buffer overflow causes
Not validating user's input
make a function call
We use an insecure function (strcopy)
442
Data Execution Prevention
Implemented via hardware or software (operating system)
| Helps ensure that executable code does not function in dangerous memory segments
443
Two countermeasures against memory leaks
1 Developing better code
2 Garbage collector used to identify unused committed memory
444
Address Space Layout Randomization
Memory segmentation
| Changes memory addresses constantly
445
Multoprogramming
More than one program, or process, can be loaded into memory
Only means that more than one application can be loaded into memory at one time
Multiprogramming was replaced by multitasking
Multiprogramming is a legacy term
446
Multitasking
More than one application can be in memory at th same time. Operating systems can deal with different applications simultaneously
447
Operating systems started out
cooperative and then evolved into preemptive multitasking
448
Cooperative multitasking and preemptive multitasking
Cooperative used by Windows 3.1. Preemptive used by Win 95
449
Process States
Running state CPU executing instruction and data
Ready state Waiting to send application data to the CPU
Blocked state waiting for user input
450
Process table
Kept by operating system which has one entry for each processes stat, stack pointer, memory allocation,program counter, and status of open files
451
How a process knows it can communicate with the CPU
Interupts
452
Categories of interupts
maskable interupt is not important
unmaskable can never be over ridden
453
Software deadlock
2 processes in the same interupt
454
Process Isolation methods
Encapsulation of objects
Time multiplexing of shared resources
Naming distinctions
Virtual memory mapping
455
When a process is encapsulated
no other process understands or interacts with its code
456
Encapsulation provides
data hiding
457
Time multiplexing
Resource sharing
458
Goals of memory management
1. Provide abstraction level for programmers
2. Maximize performance with limited amount of memory available
3. Protect the operating system and applications loaded into memory
459
Abstraction means
the details of something are hidden
460
Memory hierarchy
Small amounts of memory very fast and expensive (registers and cache)
Larger amounts of memory are slower and less expensive (RAM, hard drive)
461
Memory Manager responsibilities
```
Relocation
Swap contents from RAM to the hard drive as needed
Provide pointers for applications
Protection
Sharing
Logical organization
Physical organization
```
462
Virtual memory
When RAM and secondary storage are combined
463
Monolithic architecture
all of the operating systems work in kernal mode
464
Layered Operating system architecture
separates system functionality into hierarchical layers
465
trusted shell
someone working in a shell cannot bust out of it
466
Security Perimeter
a boundary that divides the trusted from the untrusted
467
Reference Monitor
An abstract machine that mediates all access subjects have to objects
468
Security Kernal
Made up of software, hardware, and firmware that fall within the TCB and implements and enforces the reference monitor
469
A security policy
outlines goals without regard to how they will be accomplished
470
A security model
is a framework that gives the policy form and solves security access problems for particular situations
471
Bell Lapadula Model
enforces confidentiality aspects of access control
was the first mathematical model of a multilevel security policy
called a multilevel security system because users with difference clearances use the system, and the systems processes data at different classification levels
472
Bell LaPadula model was developed to make sure
secrets stay secret
Provides and addresses confidentiality only
473
Bell LaPadula Simple Security rule
subject at a given security level cannot read data that resides at a higher security level
No read up
474
Bell LaPadula * property rule states that a
subject in a given security level cannot write information to a lower level.of the data within the system
No write down
475
Biba Model
addresses the integrity
Not concerned with security levels and confidentiality
Prevents data at any integrity level from flowing to a higher integrity level
476
Biba star integrity axiom
Subject cannot write data to a higher integrity level
No write up
477
Biba Simple integrity axiom
Subject cannot read data from a lower integrity level
No read down
478
Biba Invocation property
Subject cannot request service (invoke) at a higher integrity level
479
Information flow models are most concerned about
data flows
480
In Bell LaPadula and Biba simple means
Reading
481
In Bell LaPadula and Biba Star is about
Writing
482
Clark Wilson Model
developed after Biba
Protects the integrity of information
483
Elements of Clark Wilson
Users: Active agents
Transformational Procedures (TPs) Programmed abstract operations, such as read, write and modify
Constrained data items (CDIs) Con be manipulated only by TPs
Unconstrained data items (UDIs) Can be manipulated by users via primitive read and write operations
Integrity verification procedures (IVPs) Check the consistency of CDIs with external reality
484
Distinctive features of Clark Wilson focuses on
Well formed transactions and separation of duties
485
Clark Wilson well formed transactions
series of operations that transform a data item from one consistent state to another
486
Clark Wilson model Contrained data item
separates data into one subset that requires a high level of protection and one level that does not require a high level of protection
The unconstrained data item. UDI
Users cannot directly modify CDI
487
Non interference model
Multi level security model
488
Covert channel
a way for an entity to receive information in an unauthorized manner.
489
2 types of covert channels
storage and timing
490
Covert storage channel
processes are able to communicate through some type of storage space on the system
491
Covert timing channel
one process related information to another by modulating system resources
492
Brewer and Nash model
also called the Chinese wall
subject can write to an object if, and only if, the subject cannot read another object that is in a different dataset.
access controls can change dynamically depending on previous actions
493
Goal of Brewer Nash Chinese Wall model
protect against conflicts of interest
494
Graham=Deming Model
defines a set of basic rights in terms of commands that a specific a subject can execute on and object
495
Graham Deming functionalities
How to securely create an object
How to securely create a subject
How to securely delete a subject
How to securely provide read access rights
How to securely provide the grant access rights
How to securely provide transfer access rights
496
Harrison-Ruzzo-Ullman Model
Shows how a finite set of procedures can b e available to edit the access rights of a subject
497
Common Criteria
A framework where users specify their security requirements and vendors make claims about how they satisfy those requirements and independent labs can verify those claims
498
Common Criteria 7 assurance levels
EAL 1 Functionally tested
EAL 2 Structurally tested
EAL 3 Methodically tested and checked
EAL 4 Methodically designed, tested, and reviewed
EAL 5 Semi formally verified design and tested
EAL 6 Semiformally verified design and tested
EAL 7 Formally verified design and tested
499
ISO/IEC 15408
is the international standard that is used as the basis for the evaluation of security properties of products
ISO/IEC 15408 1 Introduction and general model
2 Security functional requirements
3 Security assurance components
500
Certification
technical evaluation of the security components and compliance for the purpose of accreditation
Purpose is to ensure a system, product, or network is right for customer's purpose
501
Accreditation
formal acceptance of the adequacy of a systems overall security and functionality by management
Certification information is presented to management for review and decisions.
Certification is technical review
Accreditation is management review
502
Open vs closed systems
developed to integrate easily with other systems = open
Closed is proprietary
503
Distributed system
is one in which multiple computers work together to do something.
504
Cloud computing
the user of shared, remote computing devices for the purpose of providing improved efficiencies
505
Software As A Service
user is allowed to use a specific application that executes in the provider's environment
506
Platform as a service
user gets access to a computing platform that is typically built on a server operating system
Service provider is normally responsible for configuring and securing the platform
507
Infrastructure as a service
full, unfettered access and responsibility
Service provider has no responsibility
508
Parrallel Computing is
simultaneous use of multiple computers to solve a specific task by dividing it among the available computers
509
Aggregation
act of combining information from separate sources
510
Inference
the intended result of aggregation
511
Content dependent access control
based on the sensitivity of data. The smaller the subset of individuals who can gain access
512
Context dependent access control
software understands what actions should be allowed
513
Common attempts to prevent inference
cell suppression
partitioning the database
noise
perturbation
514
Cell suppression
hide specific cells
515
Partitioning
dividing the database into different parts
516
Noise and perturbation
technique of inserting bogus information
517
Industrial Control Systems (ICS)
information technology that is specifically designed to control physical devices in industrial processes
Maintaining efficiency is key
518
Programmable Logic Controllers (PLC)
designed to control electro mechanical processes such
| as assembly lines, elevators, roller coasters, and nuclear centrifuges
519
Distributed Control System (DCS)
network of control devices within fairly close proximity
520
Supervisory Control and Data Acquisition (SCADA)
Developed to control large scale physical processing involving nodes separated by significant distances
521
Maintenance hooks
back door
522
Time of Check/ time of user TOC
deals with the sequence of steps a systems uses to complete a task
Known as an asynchronous attack
523
Race condition
When processes get out of sequence
524
Substitution cipher
each character is replaced with another character
525
polyalphabetic substitution cipher
uses multiple alphabets
526
Cipher is another term for
algorithm
527
Scytale cipher
Spartans encrypted using a sheet of papyrus wrapped around a staff
528
Vgenere table or algorithm
27 shift alphabets
529
Plaintext and ciphertext
Plaintext is readable encrypted text is ciphertext
530
Enigma machine
German box with rotors
531
Lucifer
developed by IBM
| introduced complex mathematical equations and functions to establish DES
532
Cryptoanalysis
science of studying and breaking the secrecy of encryption processes, compromising authentication schemes, and reverse engineering algorithms and keys
533
Cryptosystem
system or product that provides encryption
534
A cryptosystem is made up of
Software
Protocols
Algorithms
Keys
535
Kerchkhoffs Principle
Only secret in a cryptographic system would be the key
536
Strength of encryption comes from
```
the algorithm
the secrecy of the key
length of the key
initialization vectors
and how the all work together
```
537
Strength of an encryption method correlates
with the amount of necessary processing power, resources, and time required to break it
538
Goal in designing an encryption method
is to make compromising it too expensive or time consuming. aka work factor
539
Services of cryptosystems
```
Confidentiality
Integrity
Authentication
Authorization
Nonrepudiation
```
540
One time pad
perfect encryption scheme
by Gilbert Vernam = the Vernam cipher
Uses exclusive OR
541
XOR
If both values are the same the result is 0
| If different, XOR is 1
542
One time pad requirements
Pad must be used only one time
Pad must be as long as the message
pad much be securely distributed and protected at its distribution
Pad must be made up of truly random values
543
A number generator is used to create random values
by seeding an initial value Initialization vector
544
Running key cipher
non electronic algorithm.
could be a set of books
545
Concealment cipher
a message within a cipher
null cipher steganography
546
Steganography
method of hiding data in another media type
547
Transposition Ciphers
values are scrambled
548
Symmetric Cryptography
two instances of the same key for encryption and decryption
also called secret keys
549
Symmetric equation
N(N-1) /2
550
Symmetric strengths
Much faster than asymmetric systems
Hard to break if using a large key size
551
Symmetric weaknesses
Requires a secure mechani
Each pair of users needs a unique key
552
Symmetric Encryption provides
Confidentiality but not authenticity or non-repudiation
553
List of symmetric algorithms
```
Data Encryption Standard (DES)
Triple DES (3 DES)
Blowfish
International Data Encryption Algorithm
RC4, RC5, RC6
```
554
Secure Message format
If confidentiality is the most important to a sender, encrypt with receiver's public key
555
Open Message Format
If authentication is the most important security for the sender, use sender's private key
556
As symmetric encryption provides
authentication and non-repudiation
557
Public Key Cryptography is
Public Key Cryptography
558
Strengths of Public Key Asymmetric
Better key distribution than symmetric systems
Better scalability than symmetric systems
Can provide authentication and non-repudiation
559
Weaknesses of Public Key Asymmetric Cryptography
Works much more slowly than symmetric systems
| Mathematically intensive tasks
560
Examples of Asymmetric Algorithms
```
Rivest- Shamir-Adleman (RSA)
Elliptic Curve Cryptosystem (ECC)
Diffie Hellman
El Gamal
Digital Signature Algorithm (DSA)
```
561
Strong ciphers attributes
Confusion and diffusion
Confusion is substitution
Diffusion is transposition
562
Strong ciphers attributes
Confusion and diffusion
Confusion is substitution
Diffusion is transposition
563
Diffusion takes place
when bits of a block are scrambled
564
Avalanche Effect
A small change completely changes the cipher
565
Block Algorithms use 4 bit blocks called
S Boxes with lookup tables
566
S Boxes
Used in symmetric algorithms to scramble and substitute plaintext into ciphers
567
Stream ciphers
treats the message as a stream of bits and performs mathematical functions on each bit
568
Stream ciphers use
keystream generators that produce a stream of bits that are XORed with plaintext to make a cipher
569
Stream Ciphers vs one time pads
provide same protection
570
Initialization vectors
Random values to prohibit patterns in encryption
571
Hybrid Encryption
Asymmetric key is used to encypt symmetric key that encrypts the message
572
Sesion key is
a single use symmetric key
573
Data Encryption Standard
Key size of 64 bits with 8 bits of parity so 56 bit
574
DEA is the algorithm
that fulfills DES
575
DES Modes
```
Electronic Code Book (ECB)
Cipher Block Chaining ((CBC)
Cipher FeedBack (CFB)
Output Feedback (OF)
Counter (CTR)
```
576
DES Electronic Codebook (ECB)
64 bit data block with a key and a block of ciphertext
ECB incorporates padding
Code book provides substitutions and permutations
577
DES Cipher Block Chaining (CBC)
A block of plain text and a key will always give the same cipher text
Does not reveal patterns because each block is based on the previous
578
DES CipherFeedback Mode (CF)
Shorter streams
579
DES Output feedback Mode (OFM)
Block cipher that emulates a stream
580
DES Counter Mode (CTR)
Nothing is chained
581
Triple DES
Quick fix for DES
| 48 rounds in its computation
582
Advanced Encryption Standard
Symmetric block cipher key sizes of 128, 192, 256
583
Finalists to replace DES
```
MARS By IBM team that created lucifer
RC6 Developed by RSA Laboratories
Serpent
Two Fish
Rijndael
```
584
Rijndael supports
128, 192, 256 keys
585
International Data Encryption Algorithm
64 bit block divided into 16 smaller blocks
586
Blowfish
Block cipher
| key size from 32 up to 448 bits and 16 rounds of functions
587
RC 4
Most commonly implemented stream ciphers
| Used in SSL
588
Asymmetric Diffie Hellman
Secure key transfer
| Uses digital signatures
589
RSA is an asymmetric
Most popular public key algorithm
Factors large numbers by using prime numbers
One way function
590
El Gamal
public key algorithm can be used for digital signatures
591
Elliptic curve Cryptosystems
Like RSA digital signatures, secure key distribution, and encryption
Very efficient. Used in devices with limited processing capacity, storage, power supply, and bandwidth.
592
Knapsack
Developed by Merkle-Helman
| Discovered to be insecure
593
Zero Knowledge Proof
Only the owner of a private key can prove possession
594
One Way Hash
Takes a variable length string and produces a fixed length value
Hash is not secret.
Takes place without the use of keys
595
Message Authenticaiton Code
authentication scheme derived by applying a secret key to a message in some f
596
3 types of Message Authentication Code (MAC))
```
Hash MAC (HMAC)
CBC-MAC, and CMACA
```
597
Hash MAC
Symmetric key is concatenated with the message
598
CBC MAC
Cipher Block Chaining Message Authentication Code
Message is encrypted with symmetric block cipher
Weakest form of authentication because it is not bound to a user, just to a computer or device
599
SHA
used with the Digital Signature Standard
| SHA produces a 160 bit hash value or Message Digest
600
Birthday Attack
against a one-way hash
601
Collision
When 2 different messages produce the same hash.
602
Digital Signature
is a hash value with a private key,
603
Security Services of Cryptology
A message encrypted provides confidentiality
A message hashed provides integrity
A message digitally signed provides Authentication, nonrepudiation and integrity
A message encrypted and digitally signed provides confidentiality with authentication, nonrepudiation, and integrity
604
Certificate Authority
Used in digital signatures
605
CRL Certificate Revocation List
Mechanism for the CA to check on a certificate
606
Online certificate status protocol OCSP
Replaces the CRL
607
Key Management
most challenging part of cryptography
608
Passive attacks
Eavesdropping and sniffing data as it passes over a network
| Because it does not affect the protocol, algorithm, key, or message
609
Active attacks
Altering messages, modifying system files, and masquerading as another individual or acts.
610
Common attack vectors in cryptography
```
Key
Algorithm
implementation
data
People
```
611
Ciphertext Only Attacks
Attacker has 2 ciphertext messages
Each has been encrypted with same algorithm
Attacker gets the key to one
612
Known plaintext Attacks
Attacker has plaintext message and ciphertext
| Goal is to discover the key
613
Chosen Plain Text attacks
attacker has plaintext and cipher text. Can choose plaintext and compare ciphertext.
614
Chosen cipher text attacks
attacker can choose ciphertext and has access to the resulting decrypted plaintext. Goal is to figure out the key
Attacker may need control of the system
615
Differential cryptanaysis
Takes 2 messages of plaintext and follows the changes as blocks go thought the different S boxes
616
Private vs Public algorithms
Public is better
| government uses private
617
Linear Cryptoanalysis
functions to identify the highest probability of a specific key
618
Side channel attacks
Reverse engineering to uncover a key or data
619
Replay attacks
Captures data and resubmits it.
Timestamps and sequence numbers are 2 countermeasures
620
Algebraic Attacks
Analyze vulnerabilities in math used in an algorithm
621
Analytic attacks
identify algorithm structural weaknesses or flaws
622
Statistical Attacks
identify statistical weaknesses in algorithm design
623
Social Engineering Attacks
Trick people into providing cryptographic key or divulging sensitive information
624
Meet in the middle attacks
break a math problem from both ends
625
Physical threats
```
Natural environmental threats
Supply system threats
Manmade threats
Politically motivated threats
Protecting human life is always first
```
626
Layered defense models
Physical controls should work together in a tiered architecture
627
Vulnerability is
a weakness
628
Threat is
the potential someone will identify the weakness and use it
629
Threat agent
person or mechanism that exploits the vulnerability
630
Steps before a physical security program can be rolled out
1 Identify a team
2 Define the scope
3 Carry out risk analysis to identify vulnerabilities and threats
4 Identify legal and regulatory requirements
5 Work with management to define an acceptable risk level
6. Derive required performance baselines
7. create countermeasure and performance metrics
develop criteria
8 Develop criteria from results
9 identify and implement countermeasures
10 Continuously evaluate countermeasures
631
Categories of physical security
```
Deterrence
Delaying
Detection
Assessment
Response
```
632
(CPTED)
| Crime prevention through Environmental Design
Design of a physical environment to reduce crime by affecting human behavior
633
Target hardening
focuses on denying access
634
Natural Access Control
Bollards, lights,
635
Online or standby USP
Active vs backup
636
A fire needs
Fuel
Oxygen
high temperatures
637
Fire classes
A common combustibles Wood paper, laminents water foam
B Liquid Petroleum and coolants
Gas Co2, foam, dry powders
C Electrical Electrical and wires
Gas, Co2, powders
D combustible metals
Magnesium, sodium, potassium Dry powder
638
Montreal Protocol
Banned Halon in 1987
639
Most effective replacement for halon
FM 200
640
Plenum areas
open space in ceilings, walls and floors
641
Sprinkler types
Wet pipe
Dry pipe
Preaction
Deluge
642
Caesar Cipher
uses a shift of the alphabet
643
Caesar Cipher is vulnerable to
Frequency analysis
644
4 cryptographic goals
Confidentiality
Integrity
Authentication
nonrepudiation
645
Keyspace
Range of values that are valid for use as a key for a specific algorithm
646
Keyspace is defined by
bit size
647
Kerckhoff's principle
Cryptography system should be secure if everything about the system is known but the key
648
Nonce
Initialization Vector
649
Work funciton
How to measure the strength of a cryptography system
Work factor should exceed the value of the data
Cryptography should be cost effective
650
Code vs ciphers
code is communication
Ciphers should not
651
Transposition ciphers
Rearranges letters of a plaintext message
652
Substitution Ciphers
Algorithm to replace each character or bit of a plaintext message
653
Polyalphabetic substitution ciphers
Use multiple alphabets in the same message
Vigenere Cipher
654
Vigener Cipher
Uses a single encryption/decryption chart
655
One Time pads
uses a different substitution cipher for each letter of the plaintext message
Also known as Vernam ciphers
They are an unbreakable encryption scheme
One time pad is as long as the message itself
Pad must be used only once
656
Vernam ciphers
One time pads
657
Running Key Ciphers
Often chosen from a book
658
Block Ciphers
operate on chunks or blocks
Transposition ciphers are examples
659
Stream Ciphers
operate one character bit at a time
Ceaser Cipher is an example
One time pad is a stream cipher
660
two basic operations to obscure plaintext messages in Cryptpgraphy
Confusion and Diffusion
661
Confusion in Cryptography
Relationship between plaintext and key is so complicated that cryptoanalysis won't work
662
Diffusion in Cryptography
change in plaintext results in multiple changes throughout the cipher text
663
Shared Secret key
Symmetric encryption
aka secret key or private key
664
Symmetric key weaknesses
Key distribution problem
Symmetric key does not cover non repudiation
Not scalable
Keys must be regenerated often
665
Symmetric encryption strength
very fast
666
Asymmetric key algorithms
aka public key algorithms
Each user has 2 keys Public and private
Provide support for digital signatures
667
Hashing algorithms
digital signature capability when used with a message digest
668
Message digest
summaries of a message's content
669
Hashing collisions
2 messages create the same hash
670
Common Symmetric cryptosystems
Data Encryption Standard DES
Triple DES
International Data Encryption Algorithm IDEA
Blowfish
Skipjack
Advanced Encryption Standard AES
671
Data Encryption Standard DES
No longer secure
Superceded by AES
64 bit block
DES key is 56 bits long
672
DES 5 modes
Electronic Code Book ECB
Cipher Block Chaining CBC
Cipher Feedback CF
output feedback OFB
Counter CTR
673
Triple DES
Uses the same DES algorithm 3 times
Effective key length of 168 bits for DES EDE3
DES EEE2 uses 112 bits
DES EDE2 uses 112 bits
674
International Data Encryption algorithm IDEA
```
64 bit blocks
begins operation on the 128 bit key
52 16 bit keys
Uses same 5 modes used by DES
ECB
CBC
CFB
OFB
CT
```
675
Blowfish
Bruce Schneiers alternate DES and IDEA
64 blocks of text
Variable length keys ranging from 32 bits to 448 bits
676
Skipjack
Approved for use by US government in FIPS
64 bit blocks
80 bit key
Supports key escrow
677
Rivest Cipher 5 RC 5
Symmetric algorithm patented by Rivest Shamir Adelman RSA
Variable block sizes of 32 64, 128
Subject to brute force cracking attempts
678
AES Advanced Encryption Standard
Rijndael block cipher chosen to replace DES
In 2001 NIST FIPS mandated AES for all sensitive but unclassified data
679
AES Key strengths
128
192
256
allows processing of 128 bit blocks
680
Two Fish
Developed by Bruce Schneier was a finalist
Prewhitening and postwhitening
681
Diffie Hellman
Message is encrypted with symmeric for speed
Key is encrypted with asymmetric
682
2 approaches to key escrow
Fair cryptosystems keys are divided in 2 or more pieces
Escrowed Encryption Standard provides government with a means to decrypt.
Basis of skipjack
683
Temporal Isolation
Restrict access to specific time periods
684
Incident Response Team should include
```
Senior Manager
Network Admin
Security
Programmer
Public Relations
```
685
MAU
Multi Station Access Unit
| Central hub in a token ring
