CISSP Flash Cards - Generic
Bell-LaPadula
- No read up and No Write down
- To protect Confidentiality
Biba
- No read down and No write up
- To protect integrity
Lipner
- Can use Bell-LaPadula alone to protect confidentiality
- Or combine Bell-LaPadula and Biba to protect both confidentiality and integrity
Brewer Nash or The Chinese Wall Security Model
- Designed to mitigate conflict of interest that arise from hiring third parties (ex. consultants)
Graham-Denning model
- Uses an access control matrix (ACM) to map subjects and objects to a series of eight rules
Graham-Denning model
- Uses an access control matrix (ACM) to map subjects and objects to a series of eight rules. Each row represents a subject and each column represents either an object or another subject. The point where a row and a column meet contains the rights that the subject row has for accessing the column subject or object
Digital Forensics Steps
1- Identification of evidence
2- Acquisition of evidence
3- Analysis of evidence
4- Reporting
Incident Response Phases
1- Detection
2- Response
3- Mitigation
4- Reporting
5- Recovery
6- Remediation
7- Lessons Learned
Enticing
occurs when an individual who was already planning to commit a crime is eventually lured into doing so at the urging of law enforcement representatives
Entrapment
Occurs when an individual who otherwise had no intention of committing a crime is lured into doing so at the urging of law enforcement representatives
Rainbow table
can be used to obtain the plaintext of a hashed password. Reversing the hash is accomplished by causing a collision between hash values; a collision occurs when identical inputs are used, which generates an identical hash value. Thus, if an attacker can generate a collision, they might be able to determine the plaintext value of the input
Passphrase
password type that is typically longest and contains the fewest random characters
Hashing
Used to create digital signatures and to verify the integrity of data
Pharming Attacks
are DNS cache poisoning attacks that attempt to modify a DNS cache by providing invalid information to a DNS server. DNSSEC is a set of security extensions intended to make DNS more secure by adding special records to a zone that include digital signatures for the other records in the zone and using those signatures to verify responses to queries of the zone
Teardrop Attacks
are Denial of Service (DoS) attacks where an attacker sends several large overlapping IP fragments to the victim system which tries to reassemble these packets, sometimes causing the system to crash
ARP
used to resolve IP addresses to MAC addresses
NIST SP 800-30
Used to assess risk
ITIL
created by the UK Government to improve IT service management processes
COBIT
ISACA framework that established 34 processes and 214 control objectives to assist in developing an IT security management plan
ISO 27000
established a framework for developing security management standards
NIST SP 800-37
Risk Management Framework - is a security compliance framework fir government entities
IAB (Internet Activities Board)
establishes standards for unethical behavior on the internet
Computer Ethics Institute (CEI)
created the ten commandments of computer ethcs
Copyrights
protect art, music, or source code from being used by third party without a license or explicit permission from the owner
Trademarks
protect branding such as slogan, logo, or other means of creating a distinction between a product among competitors
Patnets
protect the patent holder’s exclusive right to use, create, or sell an invention for a specific period of time
NDAs
used to dissuade an individual from revealing trade secrets or other confidential information to third parties
Incremental Backup
- only backs up files that have been modified since the last full or incremental backup.
- it clears the archive attribute at the completion of the backup process
- Provide the shortest backup creation time of all backup types but the longer restoration process (requires the full backup and each incremental backup created since the last full backup)
Deferential Backup
- includes only the files that have the archive attribute turned on, which indicates they have been modified or created since the last backup
- They do not clear the archive attribute so each successive deferential backup will typically be larger than the previous one
- Restoring data requires the full backup and the most current differential backup
Forced Browsing Attack
attack used an attacker is searching for unlinked content on a web server. It’s considered a brute-force attack and be used to access the URL in a browser’s location bar might be able to access the email inbox of the user if appropriate security measures are not in place
Double encoding attack
used in attempt to bypass a web application’s existing directory traversal security check.
Fuzz testing
involves entering random malformed data as input to discover how the application responds to garbage data
Regression testing
performed to ensure that a change has not broken existing functionality or introduced new problems
Combinatorial testing
a type of black-box testing where the tester is provided no information about the application being tested
Pairwise testin
a form of combinatorial testing involving testing more than one component at a time
AH and ESP (Encapsulating Security Payload)
AH (Authentication Header) is typically used in transport ESP mode. ESP provides confidentiality for IPSEC VPN tunnels. AH provides integrity and authentication for IPSEC VPN tunnels. IPSEC operates in transport mode or tunnel mode. In transport mode, ESP encrypts only the packet data leaving the IP headers unencrypted
Object reuse
is the process if reusing data or authentication credentials that an application or process has shared in memory or cached to disk
US Privacy Act
- Created in 1974 to provide citizens with access to private information that is being collected and maintained by the government
OECD Guidlines
privacy policy created in 1980 to provide a framework for how information traverses international borders
EU-US Safe Harbor
created in 1998 by the US dept of Commerce for companies in the US to share personal information with EU member nations
Piracy
Intellectual property attack that focuses on infringement of copyright
