CISSP Security Architecture and Design - Domain 6

Question 1

Q

Answer 1

A

Question 2

Security Definitions - Framework

Answer 2

A defined approach to the process used to achieve the goals of an architecture, based on policy, and reflecting the requirements and expectations the various stakeholders.

Question 3

Security Definitions - Blueprint

Answer 3

The functional definition for the integration and development of technology infrastructure into the business process.

Question 4

ISO/IEC 27001

Answer 4

1. General reuirements of the ISMS 2. Managment responsibility 3 Internal ISMS audits 4. Managment review of the ISMS 5. ISMS improvement

Question 5

ISO/IEC 27002

Answer 5

1. Security policy 2. Organization and Information Security 3. Asset management 4 Human Resources Security 5. Physical and Environmental Security 6. Communications and Operations management 7. Access control 8. IS Acquisitions, development and maintenance 9 IS Incident management 10. Business continuity Management 11. Compliance

Question 6

Control Objects for Information and related technology - COBIT

Answer 6

An IT management framework.

Question 7

Dedicated Security Mode

Answer 7

1. Cannot separate compartments or categories. 2. All users have need to know access to all data.

Question 8

Compartmented Security Mode

Answer 8

When all users have the clearance to access all the information processed by the system, but might not have the need to know.

Question 9

Lattice based Access Control

Answer 9

1. Every pair of elements (subject and object) has a partially ordered set with a greatest lower bound and least upper bound of access rights. 2. Bounds can be confidentiality levels (classifications and clearances) or integrity levels.

Question 10

Non-Interference Model for Access Control

Answer 10

1. Based on a theory where th users are separated into different domains. 2. Uses a state machine approach that keeps track of which actions are allowed for which users. 3. Users’ actions in one domain cannot affect or interfere with users in other domains. 4. A subject cannot be influenced by the behavior of other subjects at higher security levels.

Question 11

Information Flow model - Access Control

Answer 11

1. Each input induces a state transition and a specific output. 2. Restricts information from flowing in ways that would go against the security policy.

Question 12

Bell-LaPadula Security Model (Confidentiality)

Answer 12

1. Formal state transition model that divides entities into subjects and objects. 2. The model outlines how to keep a secure state in every transaction by only allowing subjects certain access rights. 3. The clearance of the subject attempting to access an object is compared with that objects classification. 4 The clearance/classification scheme is expressed in terms of a lattice.

Question 13

Biba Security Model - Integrity (read up write down)

Answer 13

1. No subject can depend on a less trusted object 2. Based on a hierarchical lattice of integrity levels

Question 14

Biba Security Model - Rules (read up write down)

Answer 14

1. Subject cannot write data to an object at a higher integrity level 2. Subject cannot read data from an object at a lower integrity level.

Question 15

Clark-Wilson Security Model (Integrity)

Answer 15

1. Well formed transactions: constraints on user to ensure the internal consistency of data is not affected 2. Seperation of duties: ensures the consistency of data 3. This model patrons objects into programs and data. 4. Access Triple: subject must go through a program to access and modify data.

Question 16

Clark-Wilson Security Model - 3 Integrity Goals

Answer 16

1. Prevents unathorized users from making modifications 2. Prevents authorized users from making improper modifications 3 maintains internal and external consistency

Question 17

Brewer and Nash Security Model (Chinese Wall)

Answer 17

1. Mathmatical theory used to implement dynamically changing access permissions 2. Defines a wall and develops a set of rules that ensure that no subject accesses objects on the other side of the wall 3 Individuals are only allowed to access data that is not in conflict with data they accessed previously 4. Way of separating competitors data within same dbase. 5. Tries to ensure that usr do not make fraudulent modifications to objects.

Question 18

Graham-Denning Security Model

Answer 18

Primary concerened with how subjects and objects are created, how subjects are assigned rights and privileges and how ownership of objects is managed. Think MS permissions.

Question 19

Evaluation of Security Products

Answer 19

1. Helps vendors develop a product to meet the markets demand 2. Third party verifying the security mechanisms and acclaimed protection in products 3. Provide a common metric to understand and talk about protection provided in products. 4 A “grading” system

Question 20

Security Product evaluations

Answer 20

Degree of independence of the eval team is crucial 2. Evaluation criteria needs to reflect security features 3. Accreditation is environment and system specific 4. Balance of risk and benefits

Question 21

Security evaluations - Evaluation standards

Answer 21

1. Trusted Computer System Evaluation Criteria (TCSEC) 2. Information Technology Security Evaluation (ITSEC) 3. ISO.IEC 15408 Common Criteria

Question 22

TCSEC

Answer 22

1. Devloped by National Computer Security Center for DOD 2. Based on the Bell-LaPadula model 3. Rainbow series

Question 23

Rainbow Series (TCSEC)

Answer 23

1. Orange book rated operations systems - standalone 2. Red book - Trusted Network Interpretation of the TCSEC

Question 24

TCSEC Breadkdowns

Answer 24

1. Addresses confidentiality only 2. Functionality and assurance of the security mechanisms are not evaluated separately but combined and rated as a whole system 3. Grded classification of systems that is divided into hierarchal divisions of security levels: A greater than B to B3 (MAC) which is greater than C (DAC) which greater than D which is minimal protection. Each higher level is inclusive of all the levels below.

Question 25

TCSEC Levels C1- Discretionary Security Protection

Answer 25

1. Seperation of users and data 2. Cooperating users processing data at the same sensitivity

Question 26

TCSEC Levels C2 - Controlled Access Protection

Answer 26

1. Object reuse 2. Protect Audit trail

Question 27

TCSEC Levels B1 - Labeled security protection

Answer 27

1. Labels and MAC 2. Process isolation in system architecture 3. Design Specifications and verification 4. Device Labels

Question 28

TCSEC Levels B2 - Structured Protection

Answer 28

1. Device Labeland subject sensitivity labels 2. Trusted path 3. Seperation of Operator and administrator functions 4. Covert channel analysis

Question 29

TCSEC Level B3 - Security Domains

Answer 29

1. Security Administrator role defined 2. Trusted recovery 3. Monitor events and notify security personnel

Question 30

TCSEC Level A1 - Verified Design

Answer 30

Formal Methods

Question 31

ITSEC

Answer 31

1. DEvelop in Europe to establish one standard for evaluating the security of systems 2. Evaluates functionality and assurance separately 3. F1-F10 rates of functionality 4. E0-E6 rates for assurance - assurance is a measurement of correctness and a judgement of its effectiveness of security functionality and provides confidence

Question 32

Common Criteria

Answer 32

1. ISO/IEC 15408 2. Rainbow series was too rigid and did not take many things into account 3. ITSEC provided more flexibility, but added more complexity with its attempts 4. Made up from - TCSEC ITSEC Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) Federal Criteria

Question 33

Common Criteria Components

Answer 33

1. Protection profile - description of needed security solution 2. Target of Eval nation - product proposed to provide needed security solution 3. Security target - written by vendor explain security functionality and assurance mechanisms that meet the needed security solution 4 Packages - Evaluation Assurance Levels (EAL) security requirements are bundled into package for reuse and describes what must be met to achieve specific EAL ratings

Question 34

EAL 1

Answer 34

Functionally Tested

Question 35

EAL 2

Answer 35

Structurally Tested

Question 36

EAL 3

Answer 36

Methodically tested and checked

Question 37

EAL 4 - most often used

Answer 37

Methodically designed, tested and reviewed

Question 38

EAL 5

Answer 38

Semi-formally designed and tested

Question 39

EAL 6

Answer 39

Semi-formally verified designed and tested

Question 40

EAL 7

Answer 40

Formally verified designed and tested

Question 41

EAL numonic

Answer 41

FSMMDSSVF Fun Stress Method Medical Doctor Seems Somewhat Verifiably Foolish

Question 42

Certification and Accreditation

Answer 42

1. Certification is the technical evaluation 2. Accreditation is the formal acceptance by management of the residual risk.

Question 43

C&A - Relationship to enterprise

Answer 43

1. technical reference Model 2. Standards profile

Question 44

C&A - Communication and Validation of security requirements

Answer 44

1. Categorize 2. Control 3. Consistent

Question 45

C&A - Consistent Taxonomy

Answer 45

1 Rules of behavior 2. System Controls 3. Risk Management

Question 46

Certification Characteristics

Answer 46

1. Formal process for testing systems against a set of security requirements 2. Normally performed by an independent reviewer instead of someone who was involved with building the system 3. Less formal security testing can be performed for lower-risk systems

Question 47

Accreditation Characteristics

Answer 47

1. the decision given by a senior agency official to authorize operation of an information system: a. in a particular security mode b. using a prescribed set of controls c. against a defined threat d. at an acceptable level of risk e. for a specific period of time 2. The official explicitly accepts the risk to agency assets based on the implementation of these security conditions.

Question 48

C&A Phases - Initiation Phase

Answer 48

1. Preparation 2. Notification and resource Identification 3. System Security Plan analysis Update and Acceptance

Question 49

C&A Phases - Security Cerification Phase

Answer 49

1. Security Control Assessment 2. Security Certification Documentation

Question 50

C&A Phases - Security Accreditation Phase

Answer 50

1. Security Accreditation Decision 2. Security Accreditation Documentation

Question 51

C&A Phases - Continuous Monitoring Phase

Answer 51

1. Configuration Mangment and Control 2. Security Control Monitoring 3. Status Reporting and Documentation

Question 52

Trusted Computing Base

Answer 52

1. Defined as the total combination of protection mechanisms within a computer system 2. Elements of the TCB enforce the security policy of the system and do not violate it (the hardware software and firmware that carry out the systems security policy)

Question 53

Computer Components

Answer 53

1. Processor 2. Memory 3 Storage 4. Buses 5. Networking components 6 OS (functionality and security of the system depends upon the interaction of these components

Question 54

Central Processing Unit (CPU) - Control Unit

Answer 54

Manages Synchronization of data being processed

Question 55

Central Processing Unit (CPU) - Arithmetic Logic Unit (ALU)

Answer 55

Performs mathmatical and logical functions on data

Question 56

CPU States - Supervisor

Answer 56

1. Kernel Protected Priviledged mode 2. Ring Zero (highest level) 3. Program can access entire system 4. Both privileged and non-privileged instructions

Question 57

CPU States - Problem

Answer 57

1. User/Program Mode 2. Ring three (lowest level of 4 rings) 3. inly non-privileged instructions are executed 4. intended for application programs

Question 58

Computer Components - Storage - Primary

Answer 58

1. Memory directly addressable by the CPU used to store an applications data for processing 2 distinguished from virtual memory

Question 59

Computer Components - Storage - Secondary

Answer 59

1. Slower access, non-volatile 2. Hard disk, tape, ZIP, optical, thumb drives

Question 60

Computer Components - Storage - volatile memory

Answer 60

1. Random Access Memory (RAM) 2. Loses data when powered off

Question 61

Computer Components - Storage - nonvolatile storage

Answer 61

1. Does not loose data when powered off 2. Read only memory (ROM, EPROM)

Question 62

Computer Components - Storage - cache

Answer 62

1. Part of RAM used for high-speed writing and reading activities 2. Cache logic attempts to predict what instructions will be most needed and stores those for overall increase in system performance

Question 63

Computer Components - Storage - Virtual

Answer 63

1. Secondary storage plus RAM, extends systems overall memory 2. Applications access through virtual address

Question 64

Memory Mapping

Answer 64

Only trusted processes can access RAM directly; everything else must be mapped

Question 65

Accessing Files - Sequential Storage

Answer 65

1 Media that holds data that must be searched from beginning to end instead of going directly to the are where requested data is held 2 Magnetic tape

Question 66

Accessing Files - Direct or Random Access

Answer 66

1. Files can be accessed in different sequences 2. Divide memory into tracks and sectors 3. Accessing memory

Question 67

Process vs thread

Answer 67

1. The context for a program 2. Has its own virtual memory space 3. A process can contain several threads of code 4. Thread is the basic entity that can be scheduled 5. Each thread has a kernel and user mode stack

Question 68

Process States

Answer 68

1. Stopped 2. Ready 3. Waiting 4 Running

Question 69

System Functionality - Multithread

Answer 69

1. The OS can process several lines of code simultaneously 2. Concurrent processing of several tasks inside same program

Question 70

System Functionality - Multitask

Answer 70

Simultaneous execution of two or more programs

Question 71

System Functionality - Multi-programming

Answer 71

1. INterleaved execution of two or moreprograms by CPU 2. Running more than one application but not necessarily multithreading

Question 72

System Functionality - Multi-processing

Answer 72

More than one CPU and they can process requests in parallel

Question 73

System Functionality - Multicore

Answer 73

A processer composed of two or more independant cores

Question 74

Processing Instructions

Answer 74

The type of programming language used determines the necessary steps of decoding and encoding before the instructions reach

Question 75

System Self-protection - Memory segmentation

Answer 75

1. Process isolation 2. security domains 3. virtual machines

Question 76

System Self-protection - Layering and data hiding

Answer 76

1. Levels of acces to resources 2. Protection rings

Question 77

System Self-protection - Techniques

Answer 77

Protection techniques are performed by elements of the trusted computing base

Question 78

Security Definitions - Subject

Answer 78

1. Active entity that requests acces to an object or data within an object 2. Examples: user, process, machine instructions

Question 79

Security Definitions - Object

Answer 79

1. Passive entity that contains information 2. Examples: file, record, memory location

Question 80

Security Definitions - Access

Answer 80

1. Ability of subject to performa task 2. Flow of information between a subject and an object

Question 81

Process Isolation - What and how

Answer 81

1. preserves objects integrity and subjects adherence to access controls 2. prevents objets from interacting with each other and their resources 3. Actionsof one object should not affect the state of other objects

Question 82

Process Isolation - Techniques

Answer 82

1. Virtual mapping 2. Encapsualtion of objects 3. Naming distinctions 4 Time multiplexing (VENT)

Question 83

System Protectin Mechanisms - Layering

Answer 83

Code operating at one layer can only communicate with other layers through interfaces

Question 84

System Protectin Mechanisms - Data Hiding

Answer 84

Data in one layer cannot be accessed by code in a different layer

Question 85

System Protectin Mechanisms - Abstraction

Answer 85

Regarding only required information- the big picture

Question 86

Protection Rings

Answer 86

Ring ) OS Ring 3 Applications

Question 87

Security Domain of a Process

Answer 87

All of the resources that a given process can access AKA protection domain

Question 88

Virtual Machines (VM)

Answer 88

1. An operating system provides an application with a working environment 2. Virtual machines mimic the architecture of the actual system 3 On multilevel systems, they can run at different security levels

Question 89

Reference Monitor (Police)

Answer 89

Abstract machine that controls the access subjects have to objects

Question 90

Security Kernel (Law)

Answer 90

Components in system that enforce the rules of the reference monitor

Question 91

Security Kernel and reference Monitor Requirements

Answer 91

1. The security kernel must provide isolation for the processes carrying out the reference monitor concept and it must be tamperproof 2. The reference monitor must be invoked for every access attempt and must be impossible to circumvent 3. The reference monitor must be small enough to be tested and verified in a complete and comprehensive manner

Question 92

Covert Channels

Answer 92

1. Covert timing channel - a process relayes information to another by modulating its use of system resources 2. Covert storage channel - a process writes data to a storage location and process of lower clearance reads it.

Question 93

Emanations

Answer 93

Capturing screen from long distances

Question 94

Back Doors

Answer 94

1. Accessing a system by bypassing the access controls 2. Allows attacker to enter the computer at any time 3. Maintenance hook trapdoor rootkits 4 can be inserted by a trojan

Question 95

Asynchronous Attacks - Timing Attacks

Answer 95

1. TOC/TOU attack takes place after the system checks a specific file of the system and before the system actually uses the file 2. Race conditions two processes rae to carry out conflicting actions at the same time

Question 96

Data Validation

Answer 96

1. Validation is the process of reviewing data against a pre-established set of criteria 2. Security checks on data long with validity checks to ensure it is in the proper format

Question 97

Code Injection

Answer 97

1. Input must be validated for range/type/length 2. injecting code like SQL statements into input buffers

Question 98

Inference

Answer 98

The act or process of deriving logical conclusions from premises known or assumed to be true. The conclusion drawn is called an idiomatic.

Question 99

Buffer Overflow

Answer 99

1 If an application does not verify the amount of information being input the data can overwrite other memory segments 2. An attack might cause code to execute in a privileged mode

Question 100

Aggregation

Answer 100

A massing together or clustering of independent but similar units, such as data elements

Question 101

Defense in Depth

Answer 101

1. People 2. technology 3 Operations