CISSP Quick Tips Flashcards
1
Q
Vulnerability
A
The absence of a safeguard (in other words, it is a weakness) that can be exploited.
2
Q
Threat
A
the possibility that someone or something would exploit a vulnerability, intentionally or accidentally, and cause harm to an asset.
3
Q
Risk
A
the probability of a threat agent exploiting a vulnerability and the loss potential from that action.
4
Q
What reduces risk?
A
Reducing vulnerabilities and/or threats
5
Q
Exposure
A
An instance of being exposed to losses from a threat.
6
Q
Countermeasure
A
Also called a safeguard, mitigates the risk.
• A countermeasure can be an application, software configuration, hardware, or procedure.
7
Q
Due care
A
If someone is practicing due care, they are acting responsibly and will have a lower probability of being found negligent and liable if a security breach takes place.
8
Q
Why is the importance of Security Management growing?
A
• Security management has become more important over the years because networks have evolved from centralized environments to distributed environments.
9
Q
The objectives of security
A
To provide availability, integrity, and confidentiality protection to data and resources.
10
Q
Planning horizon
A
Strategic planning is long term, tactical planning is midterm, and operational planning is day to day. These make up a planning horizon.
11
Q
ISO/IEC 27002 (formerly ISO 17799 Part 1)
A
A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
12
Q
Security components
A
Can be technical (firewalls, encryption, and access control lists) or nontechnical (security policy, procedures, and compliance enforcement).
13
Q
Asset identification
A
Should include tangible assets (facilities and hardware)
and intangible assets (corporate data and reputation).
14
Q
Project sizing
A
Means to understand and document the scope of the project
Must be done before a risk analysis is performed.
15
Q
Assurance
A
The degree of confidence that a certain security level is being provided.
16
Q
CobiT
A
A framework that defines goals for the controls that should be used to
properly manage IT and to ensure that IT maps to business needs.
17
Q
Four domains of CobiT
A
- Plan and Organize
- Acquire and Implement
- Deliver and Support
- Monitor and Evaluate.
18
Q
ISO/IEC 27001
A
The standard for the establishment, implementation,
control, and improvement of the Information Security Management System.
19
Q
How should security management work?
A
It should work from the top down (from senior management down to the staff).
20
Q
Governance
A
The set of responsibilities and practices exercised by the board
and executive management with the goal of providing strategic direction,
ensuring that objectives are achieved, ascertaining that risks are managed
appropriately, and verifying that the enterprise’s resources are used responsibly.
21
Q
What should determine which security model a company chooses?
A
Should depend on the type of business, its critical missions, and its objectives.
22
Q
The OECD
A
an international organization that helps different governments
come together and tackle the economic, social, and governance challenges of
a globalized economy.
23
Q
How can risk be treated?
A
It can be transferred, avoided, reduced, or accepted.
24
Q
What is an example of risk transference?
A
When a company buys insurance.
25
Ways to reduce risk
Improving security procedures and implementing safeguards.
26
Formula for total risk
Threats × vulnerability × asset value = total risk
27
Formula for residual risk
(Threats × vulnerability × asset value) × controls gap = residual risk
28
Main goals of risk analysis
```
- Identify assets and assign
values to them
- Identify vulnerabilities and threats
- Quantify the impact of
potential threats
- provide an economic balance between the impact of the risk and the cost of the safeguards.
```
29
Information risk management (IRM)
The process of identifying, assessing,
and reducing risk to an acceptable level and implementing the right
mechanisms to maintain that level of risk.
30
Failure Modes and Effect Analysis (FMEA)
A method for determining
functions, identifying functional failures, and assessing the causes of failure
and their failure effects through a structured process.
31
Fault tree analysis
A useful approach to detect failures that can take place within complex environments and systems.
32
Quantitative risk analysis
Attempts to assign monetary values to components within the analysis.
33
Is a purely quantitative risk analysis possible?
No, because qualitative items
| cannot be quantified with precision.
34
Why is capturing the degree of uncertainty when carrying out a risk analysis
important?
because it indicates the level of confidence the team and management should have in the resulting figures.
35
What must be considered when determining the value of information?
- the cost to acquire and develop data
- the cost to maintain and
protect data
- the value of the data to owners, users, and adversaries
- the cost of replacement if the data is lost
- the price others are willing to pay for the
data
- lost opportunities
- the usefulness of the data,
36
Automated risk analysis tools
Reduce the amount of manual work involved in the analysis.
They can be used to estimate future expected losses and calculate
the benefits of different security measures.
37
Single loss expectancy (SLE)
The amount that could be lost if a specific
| threat agent exploited a vulnerability.
38
Formula for Annualized Loss Expectancy (ALE)
Single loss expectancy × frequency per year = annualized loss expectancy
(SLE × ARO = ALE).
39
Qualitative risk analysis
Uses judgment and intuition instead of numbers.
• Involves people with the requisite experience and education evaluating threat scenarios and rating the probability, potential loss, and severity of each threat based on their personal experience.
40
The Delphi technique
A group decision method where each group member can communicate anonymously.
41
What must be considered when choosing the right safeguard to reduce a specific risk?
the cost, functionality, and effectiveness must be evaluated and a cost/benefit analysis performed.
42
A security policy
A statement by management dictating the role security plays in the organization.
43
Procedures
Detailed step-by-step actions that should be followed to achieve a certain task.
44
A standard
Specifies how hardware and software are to be used. Standards are
compulsory.
45
A baseline
A minimum level of security.
46
Guidelines
Recommendations and general approaches that provide advice and flexibility.
47
Job rotation
A control to detect fraud.
48
Mandatory vacations
A control type that can help detect fraudulent activities.
49
Separation of duties
Ensures no single person has total control over an activity or task.
50
Split knowledge and dual control
Two aspects of separation of duties.
51
Why is data classified?
to assign priorities to data and ensure the appropriate level of protection is provided.
• Data owners specify the classification of data.
52
What requirements does security have?
1. Functional requirements, which define the expected behavior from a product or system
2. Assurance requirements, which establish
confidence in the implemented products or systems overall.
53
How should the security program fit into the business plan?
Security program should be integrated with current business objectives and goals.
54
What is management's role in security?
Management must define the scope and purpose of security management,
provide support, appoint a security team, delegate responsibility, and review
the team’s findings.
55
Who should be included in the risk management team?
should include individuals from different
| departments within the organization, not just technical personnel.
56
How would qualitative and quantitative ratings be expressed?
A qualitative rating would be expressed in high, medium, or low, or on a
scale of 1 to 5 or 1 to 10. A quantitative result would be expressed in dollar
amounts and percentages.
57
What should safeguards default to?
They should default to least privilege, and have fail-safe defaults and override capabilities.
58
How should safeguards be imposed?
Uniformly, so everyone has the same
| restrictions and functionality.
59
What is a key element during the initial security planning process?
To define reporting relationships.
60
The data custodian (information custodian) is responsible for _____________?
Maintaining and protecting data.
61
What does a security analyst do?
Works at a strategic level and helps develop policies, standards, and guidelines, and also sets various baselines.
62
Application owners are responsible for _____________.
Dictating who can and cannot access
their applications, as well as the level of protection these applications provide
for the data they process and for the company.
63
Access
A flow of information between a subject and an object.
64
A subject
An active entity that requests access to an object, which is a passive entity.
65
A subject
can be a user, program, or process.
66
Confidentiality
The assurance that information is not disclosed to unauthorized subjects.
67
Security mechanisms that provide confidentiality
Encryption, logical and physical access control, transmission protocols, database views, and controlled traffic flow.
68
Identity management solutions
Directories, web access management,
| password management, legacy single sign-on, account management, and profile update.
69
Password synchronization
Reduces the complexity of keeping up with different passwords for different systems.
70
Self-service password reset
Reduces help-desk call volumes by allowing users to reset their own passwords.
71
Assisted password reset
Reduces the resolution process for password issues for the help-desk department.
72
IdM directories
contain all resource information, users’ attributes, authorization profiles, roles, and possibly access control policies so other IdM applications have one centralized resource from which to gather this information.
73
Automated workflow component
Common in account management
| products that provide IdM solutions.
74
User provisioning
Refers to the creation, maintenance, and deactivation of user objects and attributes, as they exist in one or more systems, directories, or applications.
75
HR database
Usually considered the authoritative source for user identities because that is where it is first developed and properly maintained.
76
Three main access control models:
discretionary, mandatory, and
| nondiscretionary.
77
Discretionary access control (DAC)
Enables data owners to dictate what
| subjects have access to the files and resources they own.
78
Mandatory access control (MAC)
Uses a security label system. Users have
clearances, and resources have security labels that contain data classifications.
MAC compares these two attributes to determine access control capabilities.
79
Nondiscretionary access control
uses a role-based method to determine access rights and permissions.
80
Role-based access control
Based on the user’s role and responsibilities within the company.
81
Three main types of restricted interface measurement
menus and shells, database views, and physically constrained interfaces.
82
Access control lists
are bound to objects and indicate what subjects can use them.
83
A capability table
Bound to a subject and lists what objects it can access.
84
Access control can be administered in two main ways:
centralized and decentralized
85
Some examples of centralized administration access control technologies are RADIUS, TACACS+, and Diameter.
A decentralized administration example is a peer-to-peer working group.
86
Examples of administrative controls
A security policy, personnel controls,
| supervisory structure, security-awareness training, and testing.
87
Examples of physical controls
Network segregation, perimeter security,
| computer controls, work area separation, data backups, and cable.
88
Examples of technical controls
System access, network architecture,
| network access, encryption and protocols, and auditing.
89
Access control mechanisms provide one or more of the following
functionalities
Preventive, detective, corrective, deterrent, recovery, or compensative.
90
For a subject to be able to access a resource, it must be ___________.
Identified, authenticated,
| and authorized, and should be held accountable for its actions.
91
Authentication can be accomplished by ___________.
Biometrics, a password, a passphrase,
| a cognitive password, a one-time password, or a token.
92
Type I error in biometrics
means the system rejected an authorized
| individual, and a Type II error means an imposter was authenticated.
93
Difference between a memory care and a smart card
A memory card cannot process information, but a smart card can.
94
Access controls should default to _________.
no access
95
Least-privilege and need-to-know principles
limit users’ rights to only what is
| needed to perform tasks of their job.
96
Single sign-on technology
Requires a user to be authenticated to the network only one time.
97
Single sign-on capabilities can be accomplished through ____________.
Kerberos, SESAME, domains, and thin clients.
98
How does Kerberos authenticate users?
In Kerberos, a user receives a ticket from the KDC so they can authenticate to a
service.
99
What does the Kerberos user receive?
The Kerberos user receives a ticket granting ticket (TGT), which allows him to
request access to resources through the ticket granting service (TGS). The TGS
generates a new ticket with the session keys.
100
Types of access control attacks
- Denial of service
- Spoofing, dictionary
- Brute force
- Wardialing.
101
Audit logs
can track user activities, application events, and system events.
102
Keystroke monitoring
A type of auditing that tracks each keystroke made by a user.
103
Audit logs should be ____________.
protected and reviewed.
104
Object reuse
can unintentionally disclose information.Just removing pointers to files is not always enough protection for proper
object reuse.
105
Information can be obtained via __________.
electrical signals in airwaves. The ways to
| combat this type of intrusion are TEMPEST, white noise, and control zones.
106
User authentication is accomplished by what ___________.
someone knows, is, or has.
107
One-time password-generating token devices can use 2 methods:
synchronous or asynchronous methods.
108
Strong authentication requires
two of the three user authentication attributes (what someone knows, is, or has).
109
Kerberos addresses:
privacy and integrity but not availability.
110
Weaknesses of Kerberos
- the KDC is a single point of failure
- it is susceptible to password guessing
- session and secret keys are locally stored
- KDC needs to always be available
- there must be management of secret keys.
111
IDSs can be:
statistical (monitor behavior) or signature-based (watch for known attacks).
112
Degaussing
A safeguard against disclosure of confidential information because it returns media back to its original state.
113
Phishing
A type of social engineering with the goal of obtaining personal information, credentials, credit card number, or financial data.
114
Do all systems with similar components have the same security level?
Two systems can have the exact same hardware, software components, and
applications, but provide different levels of protection because of the different
security policies and security models the two systems were built upon.
115
Components of a CPU
A CPU contains a control unit, which controls the timing of the execution of
instructions and data, and an ALU, which performs mathematical functions
and logical operations.
116
Protection rings
Most systems use protection rings. The more privileged processes run in the
lower-numbered rings and have access to all or most of the system resources.
Applications run in higher-numbered rings and have access to a smaller amount of resources.
117
What are the modes for operating system processes and applications?
Operating system processes are executed in privileged or supervisor mode, and
applications are executed in user mode, also known as “problem state.”
118
Secondary storage
Nonvolatile and can be a hard drive, CD-ROM drive, floppy drive, tape backup, or a jump drive.
119
Virtual storage
Combines RAM and secondary storage so the system seems to have a larger bank of memory.
120
A deadlock situation
Occurs when two processes are trying to access the same resource at the same time.
121
How complex are security mechanisms?
Security mechanisms can focus on different issues, work at different layers,
and vary in complexity.The more complex a security mechanism is, the less amount of assurance it can usually provide.
122
TCB
Not all system components fall under the trusted computing base (TCB), which includes only those system components that enforce the security policy directly and protect the system. These components are within the security perimeter.
123
Components that make up the TCB
Hardware, software, and firmware that
| provide some type of security protection.
124
Security perimeter
An imaginary boundary that has trusted components within it (those that make up the TCB) and untrusted components outside it.
125
The reference monitor concept
An abstract machine that ensures all subjects have the necessary access rights before accessing objects. Therefore, it mediates all accesses to objects by subjects.
126
The security kernel
The mechanism that actually enforces the rules of the reference monitor concept.
127
Requirements of the security kernel
- must isolate processes carrying out the reference monitor concept
- must be tamperproof
- must be invoked for each access attempt
- must be small enough to be properly tested.
128
Security domain
All the objects available to a subject.
129
Processes need to be isolated. How can this be accomplished?
Can be done through segmented memory
addressing, encapsulation of objects, time multiplexing of shared resources,
naming distinctions, and virtual mapping.
130
The level of security a system provides depends upon ___________.
how well it enforces the security policy.
131
A multilevel security system
processes data at different classifications (security levels), and users with different clearances (security levels) can use the system.
132
Why should processes be assigned least privilege?
so they have just enough system
| privileges to fulfill their tasks and no more.
133
Layering
Some systems provide security at different layers of their architectures, which
is called layering. This separates the processes and provides more protection
for them individually.
134
Data hiding
occurs when processes work at different layers and have layers of access control between them. Processes need to know how to communicate only with each other’s interfaces.
135
A security model
maps the abstract goals of a security policy to computer system terms and concepts. It gives the security policy structure and provides a framework for the system.
136
A closed system
Often proprietary to the manufacturer or vendor, whereas the open system allows for more interoperability.
137
The Bell-LaPadula model
Deals only with confidentiality
Has a simple security rule, which means a subject cannot read data from a higher level (no read up).
The *-property rule means a subject cannot write to an object at a lower level (no write down).
The strong star property rule dictates that a subject can read and write to objects at
its own security level.
used mainly in military systems.
138
A state machine model
deals with the different states a system can enter. If a system starts in a secure state, all state transitions take place securely, and the system shuts down and fails securely, the system will never end up in an insecure state.
139
A lattice model
provides an upper bound and a lower bound of authorized access for subjects.
140
Information flow security model
does not permit data to flow to an object
| in an insecure manner.
141
dedicated security mode
only deals with one level of data classification, and all users must have this level of clearance to be able to use the system.
142
Biba model
- Deals only with integrity
- does not let subjects write to objects at a higher integrity level (no write up), and it does not let subjects read data at a lower integrity level (no read down).
- used in the commercial sector
143
Clark-Wilson model
- Deals only with integrity
- dictates that subjects can only access objects through applications. This model also illustrates how to provide functionality for separation of duties and requires auditing tasks within software.
- used in the commercial sector.
144
Compartmented and multilevel security modes
enable the system to process
| data classified at different classification levels.
145
Trust
means that a system uses all of its protection mechanisms properly to process sensitive data for many types of users.
146
Assurance
the level of confidence you have in this trust and that the protection mechanisms behave properly in all circumstances predictably.
147
The Orange Book
also called Trusted Computer System Evaluation Criteria (TCSEC), was developed to evaluate systems built to be used mainly by the military. Its use was expanded to evaluate other types of products.
148
Orange Book, D classification
means a system provides minimal
protection and is used for systems that were evaluated but failed to meet
the criteria of higher divisions.
149
Orange Book, the C division
deals with discretionary protection
150
Orange Book, B division
deals with mandatory protection (security labels).
151
Orange Book, A classification
means the system’s design and level of
| protection are verifiable and provide the highest level of assurance and trust.
152
Orange Book, C2
Requires object reuse protection and auditing.
153
Orange Book, B1
first rating that requires security labels.
154
Orange Book, B2
requires security labels for all subjects and devices, the existence of a trusted path, routine covert channel analysis, and the provision of separate administrator functionality.
155
ITSEC
evaluates the assurance and functionality of a system’s protection mechanisms separately, whereas TCSEC combines the two into one rating.
156
Common Criteria
Developed to provide globally recognized
evaluation criteria and is in use today. It combines sections of TCSEC,
ITSEC, CTCPEC, and the Federal Criteria.
157
Common Criteria uses protection profiles and ratings from ___________.
EAL1 to EAL7.
158
Certification
the technical evaluation of a system or product and its security components. Accreditation is management’s formal approval and acceptance of the security provided by a system.
159
A covert channel
An unintended communication path that transfers data in a way that violates the security policy.
160
Two types of covert channels
timing and storage covert channels
161
Covert timing channel
enables a process to relay information to another process by modulating its use of system resources.
162
What does a covert storage channel enable?
a process to write data to a storage medium
| so another process can read it.
163
A maintenance hook
Developed to let a programmer into the application quickly for maintenance. This should be removed before the application goes into production or it can cause a serious security risk.
164
An execution domain
Where instructions are executed by the CPU. The operating system’s instructions are executed in a privileged mode, and
applications’ instructions are executed in user mode.
165
Process isolation
ensures that multiple processes can run concurrently and the processes will not interfere with each other or affect each other’s memory segments.
166
The only processes that need complete system privileges are located where?
in the system’s kernel.
167
TOC/TOU
stands for time-of-check/time-of-use. This is a class of asynchronous attacks.
168
What goal of integrity does the Biba model addresses?
the first goal of integrity, which is to prevent unauthorized users from making modifications.
169
What goal of integrity does the Clark-Wilson model address?
all three integrity goals: prevent unauthorized users from making modifications, prevent authorized users from making improper modifications, and maintain internal and external consistency.
170
How can users access and manipulate objects in the Clark-Wilson model?
users can only access and manipulate objects through programs. It uses access triple, which is subject-program-object.
171
What is usually the first line of defense against environmental risks
and unpredictable human behavior?
Physical security
172
Crime Prevention Through Environmental Design (CPTED)
combines the physical environment and sociology issues that surround it to reduce crime rates and the fear of crime.
173
How to determine if security controls are cost-effective?
The value of property within the facility and the value of the facility itself need to be ascertained to determine the proper budget for physical security
174
Automated environmental controls
help minimize the resulting damage and
| speed the recovery process. Manual controls can be time-consuming and errorprone, and require constant attention.
175
What need to be evaluated for
| their protective characteristics, their utility, and their costs and benefits?
Construction materials and structure composition
176
When looking at locations for a facility, consider ___________.
local crime, natural disaster possibilities, and distance to hospitals, police and fire stations, airports, and railroads.
177
Characteristics of a good HVAC system
should maintain the appropriate temperature and humidity levels and provide closed-loop recirculating air-conditioning and positive pressurization and ventilation.
178
High humidity can cause ________
corrosion
179
low humidity can cause ________
static electricity.
180
Administrative controls
drills and exercises of emergency procedures, simulation testing, documentation, inspections and reports, prescreening of employees, post-employment procedures, delegation of responsibility and rotation of duties, and security-awareness training.
181
Proximity identification devices can be __________
User-activated (action needs to be
| taken by a user) or system sensing (no action needs to be taken by the user).
182
A transponder
is a proximity identification device that does not require action by the user. The reader transmits signals to the device, and the device responds with an access code.
183
Problem with interior partitions
If interior partitions do not go all the way up to the true ceiling, an intruder
can remove a ceiling tile and climb over the partition into a critical portion of
the facility.
184
Intrusion detection devices
Include motion detectors, CCTVs, vibration
| sensors, and electromechanical devices.
185
Drawbacks of Intrusion detection devices
can be penetrated, are expensive to install and monitor, require human response, and are subject to false alarms.
186
Benefit of CCTV
enables one person to monitor a large area, but should be coupled with alerting functions to ensure proper response.
187
A cipher lock
uses a keypad and is programmable.
188
Media should be protected from _________
destruction, modification, theft,
| unauthorized copying, and disclosure.
189
Security concerns with floors, ceilings, and walls
need to be able to hold the necessary load and provide the required fire rating.
190
Water, steam, and gas lines need to have _________
shutoff valves and positive drains
| substance flows out instead of in
191
The threats to physical security
interruption of services, theft, physical
| damage, unauthorized disclosure, and loss of system integrity.
192
The primary power source
is what is used in day-to-day operations, and the alternate power source is a backup in case the primary source fails.
193
Power companies usually plan and implement brownouts when ____________
they are experiencing high demand.
194
Power noise
A disturbance of power and can be caused by electromagnetic interference (EMI) or radio frequency interference (RFI).
195
EMI can be caused by ____________
lightning, motors, and the current difference between wires.
196
RFI can be caused by ___________
electrical system mechanisms, fluorescent lighting, and electrical cables.
197
Power transient noise
disturbance imposed on a power line that causes electrical interference.
198
Power regulators
condition the line to keep voltage steady and clean.
199
UPS factors that should be reviewed
the size of the electrical load the UPS
can support, the speed with which it can assume the load when the primary
source fails, and the amount of time it can support the load.
200
Shielded lines
protect from electrical and magnetic induction, which causes interference to the power voltage.
201
Perimeter protection
used to deter trespassing and to enable people to enter a facility through a few controlled entrances.
202
Smoke detectors should be located ________
on and above suspended ceilings, below
| raised floors, and in air ducts to provide maximum fire detection.
203
What interferes with the
| chemical reaction of a fire?
Gases, like Halon, FM-200, and other Halon substitutes
204
The HVAC system should be turned off ___________
before activation of a fire suppressant
to ensure it stays in the needed area and that smoke is not distributed to
different areas of the facility.
205
Portable fire extinguishers should be located ___________
within 50 feet of electrical
| equipment and should be inspected quarterly.
206
Is Halon still available?
No, because it depletes the ozone. FM-200 or other similar substances are used instead of halon.
207
Drawbacks of Proximity systems
require human response, can cause false alarms, and
depend on a constant power supply, so these protection systems should be
backed up by other types of security systems.
208
Dry pipe systems
reduce the accidental discharge of water because the water does not enter the pipes until an automatic fire sensor indicates there is an actual fire.
In locations with freezing temperatures where broken pipes cause problems, dry pipes should be used.
209
preaction pipe
delays water release
210
When can Dual-homed firewalls be compromised
if the operating system does not
| have packet forwarding or routing disabled.
211
protocol
A set of rules that dictates how computers communicate over networks.
212
The application layer, layer 7
has services and protocols required by the user’s applications for networking functionality.
213
The presentation layer, layer 6
formats data into a standardized format and deals with the syntax of the data, not the meaning.
214
Routers work at ______
the network layer, layer 3.
215
The session layer, layer 5
sets up, maintains, and breaks down the dialog (session) between two applications. It controls the dialog organization and
synchronization.
216
The transport layer, layer 4
provides end-to-end transmissions
217
The network layer, layer 3
provides routing, addressing, and fragmentation of packets. This layer can determine alternative routes to avoid network congestion.
218
The data link layer, layer 2
prepares data for the network medium by framing it. This is where the different LAN and WAN technologies live.
219
The physical layer, layer 1
provides physical connections for transmission and performs the electrical encoding of data. This layer transforms bits to electrical signals.
220
TCP/IP
A suite of protocols that is the de facto standard for transmitting data
across the Internet. TCP is a reliable, connection-oriented protocol, while IP is
an unreliable, connectionless protocol.
221
The data link layer
defines how the physical layer transmits the network layer packets. ARP and RARP are two protocols at this layer.
222
Two main protocols at the transport layer
TCP and UDP
223
UDP
a connectionless protocol that does not send or receive acknowledgments when a datagram is received. It does not ensure data arrives at its destination. It provides “best-effort” delivery.
224
TCP
A connection-oriented protocol that sends and receives acknowledgments. It ensures data arrives at its destination.
225
ARP
translates the IP address into a MAC address (physical Ethernet address),
while RARP translates a MAC address into an IP address.
226
ICMP
works at the network layer and informs hosts, routers, and devices of
network or computer problems. It is the major component of the ping utility
227
DNS
resolves hostnames into IP addresses and has distributed databases all
over the Internet to provide name resolution.
228
Altering an ARP table so an IP address is mapped to a different MAC address
is called ARP poisoning and can redirect traffic to an attacker’s computer or an
unattended system
229
Packet filtering (screening routers)
accomplished by ACLs and is a first generation firewall. Traffic can be filtered by addresses, ports, and protocol types.
230
Tunneling protocols
move frames from one network to another by placing them inside of routable encapsulated frames.
231
Packet filtering provides ________
application independence, high performance, and
| scalability, but it provides low security and no protection above the network layer.
232
Firewalls that use proxies transfer _________
transfer an isolated copy of each approved packet from one network to another network.
233
An application proxy
requires a proxy for each approved service and can understand and make access decisions on the protocols used and the
commands within those protocols.
234
Do Circuit-level firewalls use proxies?
Yes, but at a lower layer. Circuit-level
| firewalls do not look as deep within the packet as application proxies do.
235
A proxy firewall
is the middleman in communication. It does not allow anyone to connect directly to a protected host within the internal network.
Proxy firewalls are second-generation firewalls.
236
Application proxy firewalls provide ________
good security and have full applicationlayer
awareness, but they have poor performance, limited application support,
and poor scalability.
237
Stateful inspection
keeps track of each communication session. It must maintain a state table that contains data about each connection. It is a third generation firewall.
238
VPN
uses tunneling protocols and encryption to provide a secure network link
between two networks or hosts. A private and secure connection can be made
across an unsecure network.
239
VPN can use what as a tunneling protocol.
PPTP, L2TP, or IPSec
240
PPTP works at the _____ layer.
data link
241
IPSec works at the _______ layer
network
| can handle multiple tunnels at the same time
242
Dedicated links
usually the most expensive type of WAN connectivity method because the fee is based on the distance between the two destinations rather than on the amount of bandwidth used. T1 and T3 are examples of dedicated links.
243
Frame relay and X.25
packet-switched WAN technologies that use virtual circuits instead of dedicated ones.
244
A hub (concentrator) in star topologies
serves as the central meeting place for
| all cables from computers and devices.
245
A bridge
divides networks into more controllable segments to ensure more efficient use of bandwidth
246
Bridges work at the ______ layer
data link
| understand MAC addresses, not IP addresses.
247
A switch
A device with combined repeater and bridge technology.
248
A switch works at the layer
data link
| understands MAC addresses
249
Routers
link two or more network segments, where each segment can function as an independent network
250
A router works at the ____ layer
network
| works with IP addresses, and has more network knowledge than bridges, switches, or repeaters.
251
A bridge filters by _________
by MAC addresses and forwards broadcast traffic.
252
A router filters by __________
IP addresses and does not forward broadcast traffic.
253
Layer 3 switching combines ___________
switching and routing technology
254
Attenuation
the loss of signal strength when a cable exceeds its maximum length.
255
STP and UTP
are twisted-pair cabling types that are the most popular, cheapest, and easiest to work with
256
Drawbacks to STP and UTP
they are the easiest to tap into, have
| crosstalk issues, and are vulnerable to electromagnetic interference (EMI).
257
Coaxial cable
is more expensive than UTP and STP, is more resistant to EMI, and can carry baseband and broadband technologies.
258
Fiber-optic cabling
carries data as light waves, is expensive, can transmit data at high speeds, is difficult to tap into, and is resistant to EMI. If security is extremely important, fiber cabling should be used.
259
ATM
transfers data in fixed cells, is a WAN technology, and transmits data at
very high rates. It supports voice, data, and video applications.
260
FDDI
LAN and MAN technology, usually used for backbones, that uses token-passing technology and has redundant rings in case the primary ring goes down.
261
Ethernet
802.3, the most commonly used LAN implementation today and can operate at 10 to 1,000 Mbps.
262
Token Ring
802.5 is an older LAN implementation that uses a token-passing technology.
263
CSMA/CD
all computers compete for the shared network cable, listen to learn when they can transmit data, and are susceptible
to data collisions.
264
Circuit-switching technologies
set up a circuit that will be used during a data transmission session. Packet-switching technologies do not set up circuits— instead, packets can travel along many different routes to arrive at the same
destination.
265
A permanent virtual circuit (PVC)
is programmed into WAN devices, whereas
a switched virtual circuit (SVC) is temporary. SVCs are set up and then torn
down quickly when no longer needed.
266
CSU/DSU
used when a LAN device needs to communicate with WAN devices. It ensures the necessary electrical signaling and format are used. It interfaces between a DTE and a DCE.
267
ISDN has 2 rates
a BRI rate that uses two B channels and one D channel, and a PRI rate that uses up to 23 B channels. They support voice, data, and video.
268
Frame relay
a WAN protocol that works at the data link layer and performs packet switching. It is an economical choice because the fee is based on bandwidth usage.
269
PPP
an encapsulation protocol for telecommunication connections. It replaced
SLIP and is ideal for connecting different types of devices over serial lines.
270
DSL
transmits high-speed bandwidth over existing phone lines.
271
Remote access servers can be configured to call back remote users, but ___________
this can be compromised by enabling call forwarding.
272
How do PAP and CHAP send credentials?
PAP sends credentials in cleartext, and CHAP authenticates using a challenge/
response mechanism and therefore does not send passwords over the network
273
SOCKS
is a proxy-based firewall solution. It is a circuit-based proxy firewall and does not use application-based proxies
274
IPSec tunnel mode
protects the payload and header information of a packet
275
IPSec transport mode
protects only the payload
276
A screened-host firewall lies __________
between the perimeter router and the LAN.
277
A screened subnet
is a DMZ created by two physical firewalls.
278
NAT is used
when companies do not want systems to know internal hosts’ addresses, and it enables companies to use private, nonroutable IP addresses.
279
The 802.11 standard
WLAN technology and has several variations—
| 802.11a, 802.11b, 802.11f, 802.11g, and 802.11i.
280
The 802.15 standard
outlines wireless personal area network (WPAN) technologies
281
802.16
addresses wireless MAN technologies.
282
WAP
A protocol stack used instead of TCP/IP on wireless devices
283
Environments can be segmented into different WLANs by using _______
different SSIDs
284
The 802.11b standard
works in the 2.4GHz range at 11 Mbps
285
802.11a
works in the 5GHz range at 54 Mbps.
286
IPv4 uses _____ bits for its addresses, whereas IPv6 uses _____ bits
32, 128; thus, IPv6
| provides more possible addresses with which to work.
287
Subnetting
allows large IP ranges to be divided into smaller, logical and easier to maintain network segments
288
SIP (Session Initiation Protocol)
is a signaling protocol widely used for VoIP
| communications sessions
289
SPIT
A new variant to the traditional e-mail spam has emerged on VoIP networks (Spam over Internet Telephony).
290
Open relay
is a SMTP server that is configured in such a way that it can transmit e-mail messages from any source to any destination.
291
Cryptography
the science of protecting information by encoding it into an unreadable format.
292
The most famous rotor encryption machine
the Enigma used by the Germans in WWII.
293
plaintext
A readable message
294
ciphertext
an encrypted message
295
Cryptographic algorithms
the mathematical rules that dictate the functions of enciphering and deciphering.
296
Cryptanalysis
the study of breaking cryptosystems.
297
Nonrepudiation
a service that ensures the sender cannot later falsely deny sending a message.
298
Key clustering
an instance in which two different keys generate the same ciphertext from the same plaintext.
299
Keyspace
The range of possible keys.
A larger keyspace and the full use of the keyspace allow for more random keys to be created. This provides more protection.
300
The two basic types of encryption mechanisms used in symmetric ciphers
substitution and transposition
301
Substitution ciphers
change a character (or bit) out for another
302
Transposition ciphers
scramble the characters (or bits).
303
A polyalphabetic cipher
uses more than one alphabet to defeat frequency analysis.
304
Steganography
a method of hiding data within another media type, such as a graphic, WAV file, or document. This method is used to hide the existence of the data.
305
A key
a random string of bits inserted into an encryption algorithm. The result determines what encryption functions will be carried out on a message and in what order.
306
Symmetric key algorithms
the sender and receiver use the same key for encryption and decryption purposes.
307
Asymmetric key algorithms
the sender and receiver use different keys for encryption and decryption purposes.
308
Symmetric key processes
provide barriers of secure key distribution and scalability. However, symmetric key algorithms perform much faster than
asymmetric key algorithms.
309
Symmetric key algorithms can provide which services?
Confidentiality, but not authentication
| or nonrepudiation.
310
Examples of symmetric key algorithms
DES, 3DES, Blowfish, IDEA,
| RC4, RC5, RC6, and AES.
311
Asymmetric algorithms
used to encrypt keys, and symmetric algorithms are used to encrypt bulk data.
312
Asymmetric key algorithms
are much slower than symmetric key algorithms, but can provide authentication and nonrepudiation services.
313
Examples of asymmetric key algorithms
RSA, ECC, Diffie-Hellman,
| El Gamal, Knapsack, and DSA.
314
Two main types of symmetric algorithms
stream and block ciphers.
315
Stream ciphers
use a keystream generator and encrypt a message one bit at a time.
316
A block cipher
divides the message into groups of bits and encrypts them.
317
Where are block ciphers and stream ciphers used?
Block ciphers are usually implemented in software, and stream ciphers are usually implemented in hardware.
318
Data Encryption Standard (DES)
is a block cipher that divides a message into 64-bit blocks and employs S-box-type functions on them.
319
Triple-DES (3DES)
uses 48 rounds of computation and up to three different keys.
320
International Data Encryption Algorithm (IDEA)
is a symmetric block cipher with a key of 128 bits.
321
RSA
an asymmetric algorithm developed by Rivest, Shamir, and Adleman and is the de facto standard for digital signatures.
322
Elliptic curve cryptosystems (ECCs)
used as asymmetric algorithms and can provide digital signature, secure key distribution, and encryption functionality. They use much less resources, which makes them better for wireless device and cell phone encryption use.
323
hybrid system.
When symmetric and asymmetric key algorithms are used together. The asymmetric algorithm encrypts the symmetric key,
and the symmetric key encrypts the data
324
A session key
A symmetric key used by the sender and receiver of messages for encryption and decryption purposes. The session key is only good while that communication session is active and then it is destroyed
325
A public key infrastructure (PKI)
A framework of programs, procedures,
communication protocols, and public key cryptography that enables a diverse
group of individuals to communicate securely.
326
A certificate authority (CA)
a trusted third party that generates and
| maintains user certificates, which hold their public keys.
327
The CA uses a certification revocation list (CRL) to ___________
to keep track of revoked
| certificates.
328
A certificate
the mechanism the CA uses to associate a public key to a person’s identity.
329
A registration authority (RA)
validates the user’s identity and then sends the request for a certificate to the CA. The RA cannot generate certificates.
330
A one-way function
a mathematical function that is easier to compute in one direction than in the opposite direction.
331
RSA
based on a one-way function that factors large numbers into prime numbers. Only the private key knows how to use the trapdoor and how to decrypt messages that were encrypted with the corresponding public key.
332
Hashing algorithms
provide data integrity only.
333
message digest
Produced when a hash algorithm is applied to a message, and this value is signed with a private key to produce a digital signature.
334
Some examples of hashing algorithms
SHA-1, MD2, MD4, MD5, and HAVAL.
335
HAVAL
produces a variable-length hash value, whereas the other hashing algorithms mentioned produce a fixed-length value.
336
SHA-1
produces a 160-bit hash value and is used in DSS.
337
A birthday attack
An attack on hashing functions through brute force. The attacker tries to create two messages with the same hashing value.
338
A one-time pad
uses a pad with random values that are XORed against the message to produce ciphertext. The pad is at least as long as the message itself and is used once and then discarded.
339
A digital signature
is the result of a user signing a hash value with a private key. The act of signing is the actual encryption of the value with the private key.
340
What does a digital signature provide?
It provides authentication, data integrity, and nonrepudiation.
341
Examples of algorithms used for digital signatures
RSA, El Gamal, ECDSA, and DSA.
342
Key management
one of the most challenging pieces of cryptography. It pertains to creating, maintaining, distributing, and destroying cryptographic keys.
343
Diffie-Hellman protocol
is a key agreement protocol and does not
| provide encryption for data and cannot be used in digital signatures.
344
TLS
The “next version” of SSL and is an open-community protocol, which allows for expansion and interoperability with other technologies.
345
Link encryption
encrypts the entire packet, including headers and trailers, and has to be decrypted at each hop.
346
End-to-end encryption
does not encrypt the headers and trailers, and therefore does not need to be decrypted at each hop.
347
Privacy-Enhanced Mail (PEM)
is an Internet standard that provides secure
e-mail over the Internet by using encryption, digital signatures, and key
management.
348
Message Security Protocol (MSP)
is the military’s PEM.
349
Pretty Good Privacy (PGP)
is an e-mail security program that uses public key encryption. It employs a web of trust instead of the hierarchical structure used in PKI.
350
S-HTTP
provides protection for each message sent between two computers, but not the actual link.
351
HTTPS
protects the communication channel. HTTPS is HTTP that uses SSL for security purposes.
352
Secure Electronic Transaction (SET)
is a proposed electronic commerce
| technology that provides a safer method for customers and merchants to perform transactions over the Internet.
353
IPSec
AH provides integrity and authentication, and ESP provides those
plus confidentiality.
354
IPSec protocols can work in which modes?
transport mode (the data payload is protected) or tunnel mode (the payload and headers are protected).
355
IPSec uses _____ as its key exchange protocol.
IKE is the de facto standard and
| is a combination of ISAKMP and OAKLEY.
356
_______ is the algorithm used for the DES standard.
DEA
357
A business continuity plan (BCP)
contains strategy documents that provide
detailed procedures that ensure critical business functions are maintained and
that help minimize losses of life, operations, and systems.
358
_____ provides procedures for emergency responses, extended backup
operations, and post-disaster recovery.
A BCP
359
A BCP should reach __________
enterprisewide, with individual organizational units each having their own detailed continuity and contingency plans.
360
A BCP needs to prioritize ____________
critical applications and provide a sequence for efficient recovery.
361
A BCP requires _________
senior executive management support for initiating the plan and final approval
362
BCPs can quickly become outdated due to ______
personnel turnover, reorganizations, and undocumented changes.
363
Executives may be held liable if __________
proper BCPs are not developed and used.
364
Three types of threats
natural, manmade, or technical.
365
The steps of recovery planning include
initiating the project; performing
business impact analyses; developing a recovery strategy; developing a recovery
plan; and implementing, testing, and maintaining the plan.
366
The project initiation phase involves _______
getting management support, developing
| the scope of the plan, and securing funding and resources.
367
The business impact analysis
is one of the most important first steps in
the planning development. Qualitative and quantitative data needs to be gathered, analyzed, interpreted, and presented to management.
368
the most critical elements in developing the BCP.
Executive commitment and support
369
A business case
must be presented to gain executive support. This is done by explaining regulatory and legal requirements, exposing vulnerabilities, and providing solutions.
370
Plans
should be prepared by the people who will actually carry them out.
371
The planning group
should comprise representatives from all departments or organizational units.
372
The BCP team
should identify the individuals who will interact with external entities such as the press, shareholders, customers, and civic officials. Response to the disaster should be done quickly and honestly, and should be consistent with any other employee response.
373
The loss criteria for disasters include much more than direct dollar loss. They
may include ___________
added operational costs, loss in reputation and public confidence, loss of competitive advantage, violation of regulatory or legal requirements, loss in productivity, delayed income, interest costs, and loss in revenue.
374
The plan’s scope can be determined by ____________
geographical, organizational, or
| functional means.
375
A reciprocal agreement
is one in which a company promises another company it can move in and share space if it experiences a disaster and vice versa.
Reciprocal agreements are very tricky to implement and are unenforceable.
However, they are cheap and sometimes the only choice.
376
A hot site
is fully configured with hardware, software, and environmental needs. It can usually be up and running in a matter of hours. It is the most expensive option, but some companies cannot be out of business longer than a day without detrimental results.
377
A warm site
does not have computers, but it does have some peripheral devices such as disk drives, controllers, and tape drives. This option is less expensive than a hot site, but takes more effort and time to get operational.
378
A cold site
is just a building with power, raised floors, and utilities. No devices are available. This is the cheapest of the three options, but can take weeks to get up and operational.
379
When returning to the original site, the ______
| should go back first.
least critical organizational units
380
Before tests are performed, there should be ___________
a clear indication of what is being
tested, how success will be determined, and how mistakes should be expected
and dealt with.
381
A checklist test
is one in which copies of the plan are handed out to each functional area to ensure the plan properly deals with the area’s needs and vulnerabilities.
382
A structured walk-through test
one in which representatives from each
| functional area or department get together and walk through the plan from beginning to end.
383
A simulation test
one in which a practice execution of the plan takes place. A specific scenario is established, and the simulation continues up to the point of actual relocation to the alternate site.
384
A parallel test
is one in which some systems are actually run at the alternate site.
385
A full-interruption test
one in which regular operations are stopped and where processing is moved to the alternate site.
386
Remote journaling
involves transmitting the journal or transaction log offsite to a backup facility
387
Dumpster diving
refers to going through someone’s trash to find confidential or useful information. It is legal, unless it involves trespassing, but in all cases it is considered unethical.
388
Wiretapping
is a passive attack that eavesdrops on communications. It is only legal with prior consent or a warrant.
389
Social engineering
is the act of tricking or deceiving a person into giving confidential or sensitive information that could then be used against him or his company.
390
Civil Law System
Uses prewritten rules and is not based on precedence
| Is different from civil (tort) laws, which work under a common law system
391
Common Law System
Made up of criminal, civil, and administrative laws
392
Customary Law System
Addresses mainly personal conduct, and uses regional traditions and customs as the foundations of the laws
Is usually mixed with another type of listed legal system rather than being
the sole legal system used in a region
393
Religious Law System
Laws are derived from religious beliefs and address an individual’s religious
responsibilities; commonly used in Muslim countries or regions.
394
Mixed Law System
Using two or more legal systems
395
Data diddling
is the act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production.
396
Excessive privileges
means an employee has more rights than necessary to complete her tasks.
397
Criminal law
deals with an individual’s conduct that violates government laws developed to protect the public.
398
Civil law deals with ___________
wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time as a
punishment, but usually requires financial restitution.
399
Administrative, or regulatory, law
covers standards of performance or conduct expected by government agencies from companies, industries, and certain
officials.
400
A patent
grants ownership and enables that owner to legally enforce his rights to exclude others from using the invention covered by the patent.
401
Copyright
protects the expression of ideas rather than the ideas themselves.
402
Trademarks
protect words, names, product shapes, symbols, colors, or a combination of these used to identify products or a company. These items are used to distinguish products from the competitors’ products.
403
Trade secrets
are deemed proprietary to a company and often include information that provides a competitive edge. The information is protected as long as the owner takes the necessary protective actions.
404
Crime over the Internet has brought about __________
jurisdiction problems for law enforcement and the courts.
405
Privacy laws
dictate that data collected by government agencies must be collected fairly and lawfully, must be used only for the purpose for which they were collected, must only be held for a reasonable amount of time, and must be accurate and timely.
406
If companies are going to use any type of monitoring, they need to make sure ________
it is legal in their business sector and must inform all employees that they may be subjected to monitoring.
407
Logon banners
should be used to inform users of what could happen if they do not follow the rules pertaining to using company resources. This provides legal protection for the company.
408
The three main types of harm addressed in computer crime laws pertain to __________
unauthorized intrusion, unauthorized alteration or destruction, and using
malicious code.
409
Law enforcement and the courts have a hard time with computer crimes
because of ____________
the newness of the types of crimes, the complexity involved, jurisdictional issues, and evidence collection. New laws are being written to properly deal with cybercrime.
410
If a company does not practice due care in its efforts to protect itself from
computer crime ____________
it can be found to be negligent and legally liable for damages.
411
Elements of negligence include __________
not fulfilling a legally recognized obligation,
| failure to conform to a standard of care that results in injury or damage, and proximate causation.
412
Most computer crimes are not reported because __________
the victims are not aware of the crime or are too embarrassed to let anyone else know.
413
Assets are now also viewed
| as __________
intangible objects that can also be stolen or disclosed via technological means.
414
The primary reason for the chain of custody of evidence
to ensure that it will be admissible in court by showing it was properly controlled and handled before being presented in court.
415
Companies should develop their own incident response team, which is made
up of people from _____________
management, IT, legal, human resources, public relations, security, and other key areas of the organization.
416
Hearsay evidence
is secondhand and usually not admissible in court.
417
To be admissible in court, business records have to be ____________
made and collected in the normal course of business, not specially generated for a case in court.
Business records can easily be hearsay if there is no firsthand proof of their
accuracy and reliability.
418
The life cycle of evidence includes ________
the identification and collection of the
evidence, and its storage, preservation, transportation, presentation in court,
and return to the owner.
419
When looking for suspects, it is important to consider _________
the motive, opportunity, and means (MOM).
420
For evidence to be admissible in court, it needs to be ___________
relevant, sufficient, and reliable.
421
Evidence must be legally permissible, meaning ________
it was seized legally and the chain of custody was not broken.
422
Fourth Amendment
In many jurisdictions, law enforcement agencies must obtain a warrant to
search and seize an individual’s property, as stated in the Fourth Amendment.
Private citizens are not required to protect the Fourth Amendment rights of
others unless acting as a police agent.
423
Enticement
is the act of luring an intruder and is legal.
424
Entrapment
induces a crime, tricks a person, and is illegal.
425
The salami attack
is executed by carrying out smaller crimes with the hope that the larger crime will not be noticed. The common salami attack is the act of skimming off a small amount of money.
426
After a computer system is seized, the investigators should __________ before doing anything else.
make a bit mirror
| image copy of the storage media
427
If an application fails for any reason, it should ________
go directly to a secure state.
428
A database management system (DBMS)
the software that controls the access restrictions, data integrity, redundancy, and the different types of manipulation available for a database.
429
tuple.
In relational database terminology, a database row
430
A database primary key
how a specific row is located from other parts of the database.
431
A view
is an access control mechanism used in databases to ensure that only authorized subjects can access sensitive information.
432
A relational database
uses two-dimensional tables with rows (tuples) and columns (attributes).
433
A hierarchical database
uses a tree-like structure to define relationships between data elements, using a parent/child relationship.
434
Most databases have __________
a data definition language (DDL), a data manipulation language (DML), a query language (QL), and a report generator.
435
A data dictionary
a central repository that describes the data elements within a database and their relationships. A data dictionary contains data about a database, which is called metadata.
436
Database integrity
provided by concurrency mechanisms. One concurrency control is locking, which prevents users from accessing and modifying data being used by someone else.
437
Entity integrity
makes sure that a row, or tuple, is uniquely identified by a primary key, and referential integrity ensures that every foreign key refers to an existing primary key.
438
A rollback
cancels changes and returns the database to its previous state. This
takes place if there is a problem during a transaction.
439
A commit statement
terminates a transaction and saves all changes to the database.
440
A checkpoint
is used if there is a system failure or problem during a transaction. The user is then returned to the state of the last checkpoint.
441
Aggregation
can happen if a user does not have access to a group of elements, but has access to some of the individual elements within the group.
Aggregation happens if the user combines the information of these individual
elements and figures out the information of the group of data elements, which
is at a higher sensitivity level.
442
Inference
is the capability to derive information that is not explicitly available.
443
Common attempts to prevent inference attacks are
partitioning the database, cell suppression, and adding noise to the database.
444
Polyinstantiation
The process of allowing a table to have multiple rows with the same primary key. The different instances can be distinguished by their security levels or classifications.
445
Polymorphism
is when different objects are given the same input and react differently.
446
The two largest security problems associated with database security
inference and aggregation.
447
Data warehousing
combines data from multiple databases and data sources.
448
Data mining
is the process of massaging data held within a data warehouse to provide more useful information to users.
449
Data-mining tools produce ___________
metadata, which can contain previously unseen relationships and patterns.
450
Security should be addressed in each phase of system development. It should
not be addressed only at the end of development, because of ______________
the added cost, time, and effort and the lack of functionality.
451
Systems and applications can use different development models that utilize
different life cycles, but all models contain ___________
1. project initiation
2. functional design
3. analysis and planning
4. system design specifications
5. software development
6. installation
7. operations and maintenance
8. disposal in some form or fashion
452
Risk management and assessments should start _________
at the beginning of a project
| and continue throughout the lifetime of the product.
453
Should a programmer have direct access to code in production?
No. A programmer should not have direct access to code in production. This is an
example of separation of duties.
454
Certification
deals with testing and assessing the security mechanism in a system, while accreditation pertains to management formally accepting the system and its associated risk.
455
Change control
needs to be put in place at the beginning of a project and must be enforced through each phase.
456
Changes must be ____________
authorized, tested, and recorded. The changes must not affect the security level of the system or its capability to enforce the security policy.
457
Iterative development
a software development method that follows a cyclic approach to software development.
458
Waterfall development
a software development method that is a classical method using discrete phases of development that require formal reviews and documentation before moving into the next phase of the project.
459
Spiral development
a software development method that is a method that builds upon the waterfall method with an emphasis on risk analysis, prototypes, and simulations at different phases of the development cycle. This method periodically revisits previous stages to update and verify design requirements.
460
Security testing
a comprehensive analysis technique that tests programs under artificially created attack scenarios.
461
High-level programming languages
are translated into machine languages for
| the system and its processor to understand.
462
Source code
is translated into machine code, or object code, by compilers, assemblers, and interpreters.
463
Object-oriented programming provides _____________
modularity, reusability, and more granular control within the programs themselves.
464
Objects
members, or instances, of classes. The classes dictate the objects’ data types, structure, and acceptable actions.
465
Objects communicate with each other through __________
communicate with each other through messages.
466
A method
functionality that an object can carry out.
467
Data and operations internal to objects
are hidden from other objects, which
| is referred to as data hiding. Each object encapsulates its data and processes.
468
Objects can communicate properly because _________
they use standard interfaces.
469
Object-oriented design
represents a real-world problem and modularizes the problem into cooperating objects that work together to solve the problem.
470
low coupling
an object does not require much interaction with other modules
471
The best programming design
enables objects to be as independent and
| modular as possible; therefore, the higher the cohesion and the lower the coupling, the better.
472
An object request broker (ORB)
manages communications between objects
| and enables them to interact in a heterogeneous and distributed environment.
473
Common Object Request Broker Architecture (CORBA)
provides a standardized way for objects within different applications, platforms, and
environments to communicate. It accomplishes this by providing standards
for interfaces between objects.
474
Component Object Model (COM)
provides an architecture for components to
| interact on a local system.
475
Distributed COM (DCOM)
uses the same interfaces as COM, but enables components to interact over a distributed, or networked, environment.
476
Open Database Connectivity (ODBC)
enables several different applications to
communicate with several different types of databases by calling the required
driver and passing data through that driver.
477
Object linking and embedding (OLE)
enables a program to call another program (linking) and permits a piece of data to be inserted inside another program or document (embedding).
478
Dynamic Data Exchange (DDE)
enables applications to work in a client/server model by providing the interprocess communication (IPC) mechanism.
479
Distributed Computing Environment (DCE)
provides much of the same functionality as DCOM, which enables different objects to communicate in a networked environment.
480
DCE uses universal unique identifiers (UUIDs) to ___________
keep track of different subjects, objects, and resources.
481
An expert system
uses a knowledge base full of facts, rules of thumb, and expert advice. It also has an inference machine that matches facts against patterns and determines which rules are to be applied.
482
Expert systems are used to ___________
mimic human reasoning and replace human experts.
483
Expert systems use ___________
inference engine processing, automatic logical processing, and general methods of searching for problem solutions.
484
Artificial neural networks (ANNs)
attempt to mimic a brain by using units
that react like neurons
ANNs can learn from experiences and can match patterns that regular programs and systems cannot.
485
Java security employs a _________
sandbox so the applet is restricted from accessing the user’s hard drive or system resources. Programmers have figured out how to write applets that escape the sandbox.
486
ActiveX
uses a security scheme that includes digital signatures. The browser
security settings determine how ActiveX controls are dealt with.
487
SOAP
allows programs created with different programming languages and running on different operating systems to interact without compatibility issues.
488
A virus
an application that requires a host application for replication.
489
Macro viruses are common because __________
languages used to develop macros are
| easy to use and they infect Office products, which are everywhere.
490
A boot sector virus
overwrites data in the boot sector and can contain the rest of the virus in a sector it marks as “bad.”
491
A stealth virus
hides its tracks and its actions.
492
A polymorphic virus
tries to escape detection by making copies of itself and modifying the code and attributes of those copies.
493
Multipart viruses
can have one part of the virus in the boot sector and another part of the virus on the hard drive.
494
A self-garbling virus
tries to escape detection by changing, or garbling, its own code.
495
A worm
does not require a host application to replicate.
496
A logic bomb
executes a program when a predefined event takes place, or a date and time are met.
497
A Trojan horse
is a program that performs useful functionality and malicious functionally without the user knowing it.
498
Two examples of DoS attacks that take advantage of protocol flaws and use amplifying networks.
Smurf and Fraggle
499
Facilities that house systems that process sensitive information should have ________
physical access controls to limit access to authorized personnel only.
500
Quality assurance
involves the verification that supporting documentation requirements are met.
501
Quality control
ensures that an asset is operating within accepted standards.
502
System and audit logs should be _________
monitored and protected from unauthorized
| modification.
503
Repetitive errors can indicate __________
lack of training or issues resulting from a poorly designed system.
504
Users should have the necessary security level to access data and resources, but
must also have _____________
a need to know.
505
Clipping levels
should be implemented to establish a baseline of user activity and acceptable errors.
506
Separation of responsibilities and duties
should be in place so that if fraud
| takes place, it requires collusion.
507
Contract and temporary staff members should have ____________
more restrictive controls put upon their accounts.
508
Access to resources, applications, and services ____________
should be limited to authorized personnel, should be audited for compliance to stated policies
509
Change control and configuration management
should be put in place so changes are approved, documented, tested, and properly implemented.
510
Activities that involve change management include _________
requesting a change, approving a change, documenting a change, testing a change, implementing a change, and reporting to management.
511
Bootup Sequences
Systems should not allow their bootup sequences to be altered in a way that
could bypass operating system security mechanisms.
512
Potential employees should have __________
background investigations, references,
| experience, and education claims checked out.
513
Antivirus and IDS signatures
should be updated on a continual basis.
514
Media holding sensitive data must be properly purged, which can be
accomplished through __________
zeroization, degaussing, or media destruction.
515
Life-cycle assurance
involves protecting a system from inception to development to operation to removal.
516
The key aspects of operations security include
resource protection, change control, hardware and software controls, trusted system recovery, separation of duties, and least privilege.
517
Least privilege
ensures that users, administrators, and others accessing a system have access only to the objects they absolutely require to complete their job.
518
Vulnerability assessments
should be done on a regular basis to identify new vulnerabilities.
519
The operations department is responsible for _____________
any unusual or unexplained occurrences, unscheduled initial program loads, and deviations from standards.
520
Standards need to be established that indicate ______________
the proper startup and shutdown sequence, error handling, and restoration procedures.
521
A teardrop attack
involves sending malformed fragmented packets to a vulnerable system.
522
Improper mail relay configurations
allow for mail servers to be used to forward spam messages.
523
Phishing
involves an attacker sending false messages to a victim in the hopes that the victim will provide personal information that can be used to steal their identity.
524
A browsing attack
occurs when an attacker looks for sensitive information without knowing what format it is in.
525
A fax encryptor
encrypts all fax data leaving a fax server.
526
A system can fail in one of the following manners:
system reboot, emergency system restart, and system cold start.
527
The main goal of operations security
is to protect resources.
528
Operational threats include
disclosure, theft, corruption, interruption, and destruction.
529
Operations security
involves balancing the necessary level of security with ease of use, compliance, and cost constraints.
