CISSP Flash Cards - Generic
Bell-LaPadula
- No read up and No Write down
- To protect Confidentiality
Biba
- No read down and No write up
- To protect integrity
Lipner
- Can use Bell-LaPadula alone to protect confidentiality
- Or combine Bell-LaPadula and Biba to protect both confidentiality and integrity
Brewer Nash or The Chinese Wall Security Model
- Designed to mitigate conflict of interest that arise from hiring third parties (ex. consultants)
Graham-Denning model
- Uses an access control matrix (ACM) to map subjects and objects to a series of eight rules
Graham-Denning model
- Uses an access control matrix (ACM) to map subjects and objects to a series of eight rules. Each row represents a subject and each column represents either an object or another subject. The point where a row and a column meet contains the rights that the subject row has for accessing the column subject or object
Digital Forensics Steps
1- Identification of evidence
2- Acquisition of evidence
3- Analysis of evidence
4- Reporting
Incident Response Phases
1- Detection
2- Response
3- Mitigation
4- Reporting
5- Recovery
6- Remediation
7- Lessons Learned
Enticing
occurs when an individual who was already planning to commit a crime is eventually lured into doing so at the urging of law enforcement representatives
Entrapment
Occurs when an individual who otherwise had no intention of committing a crime is lured into doing so at the urging of law enforcement representatives
Rainbow table
can be used to obtain the plaintext of a hashed password. Reversing the hash is accomplished by causing a collision between hash values; a collision occurs when identical inputs are used, which generates an identical hash value. Thus, if an attacker can generate a collision, they might be able to determine the plaintext value of the input
Passphrase
password type that is typically longest and contains the fewest random characters
Hashing
Used to create digital signatures and to verify the integrity of data
Pharming Attacks
are DNS cache poisoning attacks that attempt to modify a DNS cache by providing invalid information to a DNS server. DNSSEC is a set of security extensions intended to make DNS more secure by adding special records to a zone that include digital signatures for the other records in the zone and using those signatures to verify responses to queries of the zone
Teardrop Attacks
are Denial of Service (DoS) attacks where an attacker sends several large overlapping IP fragments to the victim system which tries to reassemble these packets, sometimes causing the system to crash
ARP
used to resolve IP addresses to MAC addresses