Domain 1 - Access Controls

Question 1

Three constructs someone implementing an AC system should consider.

Answer 1

AC Policies, Models, and Mechanisms

Question 2

DAC

Answer 2

DISCRETIONARY ACCESS CONTROL

Allows the creator of a file to delegate access to others.

Question 3

Attributes of a subject are referred to as…?

Answer 3

privilege attributes or sensitives

Question 4

Total number of permissions in a Windows OS uses the NTFS file system?

Answer 4

14

Question 5

Number of Standard Permissions in a Windows OS NTFS File System?

Answer 5

5

Question 6

Authorization

Answer 6

Process where requests to access a particular resource should be granted or declined.

Question 7

Authentication

Answer 7

Providing and validating identity.

Question 8

Capability List

Answer 8

DAC matrix that sorts by rows.

Question 9

RSBAC

Answer 9

RULES SET BASED ACCESS CONTROLS

Discretionary controls giving data owners the discretion to determine the rules necessary to faciliate access.

Open Source Framework logic for GFAC by Abrams and LaPadula

Question 10

CUI

Answer 10

CONSTRAINED USER INTERFACE

Methodology that restricts the user’s actions to specific functions by not allowing them to request functions that are outside of their respective level of privilege or role.

Question 11

3 Main Types of CUI

Answer 11

1. Menus and Shells
2. Database Views
3. Physically Constraining a UI

Question 12

Menus and Shells

Answer 12

Users are given the commands they can execute.

Question 13

Database Views

Answer 13

Mechanism used to restrict user access to data contained in databases.

Question 14

Physically Constraining a UI

Answer 14

Provides only certain keys on a keypad or a certain touch button on a screen.

Question 15

VBAC

Answer 15

VIEW-BASED ACCESS CONTROL

Restricts or limits and AC subject’s ability to view or perhaps act on an object on the AC subject’s assigned level of authority.

Question 16

CDAC

Answer 16

CONTENT-DEPENDENT ACCESS CONTROL

Protects databases containing sensitive information. Permits or denies the subjects access to objects based on explicit content within the object.

ex. HIV test.

Question 17

CBAC

Answer 17

CONTEXT-BASED ACCESS CONTROL

Used in FW applications to extend the FW’s decision making process. ex. Stateful Inspection FW.

Question 18

CDAC vs CBAC

Answer 18

CDAC - Makes decisions based on the content within an object

CBAC - Only concerned with context or the sequence of events leading to the object being allowed through the FW.

Question 19

TRBAC

Answer 19

TEMPORAL ROLE-BASED ACCESS CONTROL

Support periodic role enabling and disabling and temporal dependencies among such actions.

Question 20

NDAC

Answer 20

NON-DISCRETIONARY ACCESS CONTROL

Policies that have rules that are not established at the discretion of the user.

Question 21

MAC

Answer 21

MANDATORY ACCESS CONTROL

Used in environments of high levels of security. Decisions are made by a single entity.

Question 22

MAC’s 3 Object Level Classifications

Answer 22

Top Secret
Secret
Confidential

Question 23

*-property

Answer 23

Star Property BLP

A subject can save an object only at the same or higher classification. BIBA - A subject cannot modify an object of a higher integrity level (No write up)

Question 24

Strict *-property

Answer 24

Strict Star Property Requires information can be written at, but not above, the subject’s clearance level.

Question 25

2 Models that use MAC?

Answer 25

Bell-LaPaula Confidentitiaity

Biba Integrity

Question 26

ABAC

Answer 26

ATTRIBUTE-BASED ACCESS CONTROL

Access control method where subject requests to perform operations on objects are granted or denied based on assigned attributes of the subject, assigned attributes of the object, environment conditions, and a set of policies.

Question 27

Separation of Duties is a key element in which Model?

Answer 27

Clark-Wilson formal model

Question 28

Bell-LaPadula Model Components

Answer 28

Components are: Subjects, Objects and an AC Matrix.

Objects are classified into a hierarchy of security levels based on sensitivity (low to high)

Subjects assigned security levels called ‘Clearance Levels’.

AC Matrix - Relation between the sensitivity levels of Objects and Subjects. Defines permissions for each clearance level and object classification.

Question 29

Bell-LaPadula Model Tenet

Answer 29

A given subject can read objects at the same or lower sensitivity level.

Question 30

Simple Security Property

Answer 30

When a subject can read objects at the same or lower sensitivity level, but not higher.

Question 31

Limitations of the Bell-LaPadula Model?

Answer 31

1. Concerned only with confidentiality and makes no mention of other properties
2. Does not address important goals such as ‘need to know’ or the ability to restrict access to individual objects based on a subject’s need to access them.

Question 32

Which model was designed for controlling access to sensitive data in government and military applications?

Answer 32

Bell-LaPadula Confidentiality Model

Question 33

Biba Model

Answer 33

Lattice Based.

Integrity model focusing on ensuring that the integrity of information is being maintained by preventing corruption.

Core is a multilevel approach to integrity designed to prevent unauthorized subjects from modifying objects.

Question 34

Biba Model - How is Access Controlled?

Answer 34

To Ensure that objects maintain their current state of integrity as subjects interact with them.

Question 35

Biba Model - How it assigns Integrity?

Answer 35

Assigns levels to subjects and objects depending on how trustworthy they are considered to be.

Question 36

ss-property

Answer 36

BLP - A subject cannot read/access an object of higher classification (No read up).

BIBA - A Subject cannot observe an object of a lower integrity level (no read down)

Question 37

Invocation Property

Answer 37

BLP - Not used.

BIBA - A subject cannot send logical service requests to an object of a higher integrity.

Question 38

Clark-Wilson Components

Answer 38

Authenticated Principals (Users)
Programs Acting on Data (Transaction Processes)
Data Items

Question 39

Clark-Wilson Integrity Policy

Answer 39

Well-formed transactions (that maintain a consistent level of integrity between initial and end state. Also instills the Separation of Duties principals.

Question 40

MLS Systems

Answer 40

Multilevel Security Systems Systems in which information with various sensitivities or integrity requirements can be processed concurrently in a single system by users or actors with multiple levels of clearance or need to know.

Question 41

Brewer-Nash Model

Answer 41

‘Chinese Wall’ Principal is that users should not access the confidential information of both a client organization and one or more of it’s competitors.

Rare because the access control rules change based on subject behavior.

Question 42

Graham-Denning Model

Answer 42

Concerned with how subjects and objects are created, how subjects are assigned rights or privileges, and how ownership of objects is managed. *Primarily concerned with how a model system controls subjects and objects at a very basic level where other models simply assumed such control.

Question 43

Graham-Denning Model 3 Parts

Answer 43

1. Set of Objects
2. Set of Subjects
3. Set of Rights

Question 44

Graham-Denning Subjects

Answer 44

Two Parts:

1. Process
2. Domain - Set of constraints controlling how subjects may access objects.

Question 45

Graham-Denning Model Eight Primitive Protection Rights

Answer 45

Also called Commands that subjects can execute to have an effect on other subjects or objects.

1. Create Object
2. Create Subject
3. Delete Object
4. Delete Subject
5. Read Access Right
6. Grant Access Right
7. Delete Access Right
8. Transfer Access Right

Question 46

Harrison-Ruzzo-Ullman Model

Answer 46

Very similar to Graham-Denning.

Composed of a set of generic rights and a finite set of commands. Also concerned with Situations in which a subject should be restricted from gaining particular privileges.

Question 47

Process Flow involved in the implementation of authentication mechanisms are?

Answer 47

1. Identify - Process used to allow the access control subject to provide information as to their identity.
2. Authenticate - Set of providing and validating identity within the access control system.
3. Authorize - Process where requests to access a particular resource should be granted or denied based on outcome of the authentication process.

Question 48

3 Most Common Methods Used to Provide User Identity in an AC System

Answer 48

1. User ID - Username and Password
2. PIN - Typically a 4 digit numerical combination created by the user.
3. Account Number - Typically an 8-16 unique numerical sequence assigned to an individual.

Question 49

Automated Provisioning

Answer 49

Solutions that provide a framework for managing AC Policies by role, interconnection with IT systems, workflows to sign-off

Question 50

3 Common Factors in Authentication

Answer 50

1. Something you know
2. Something you have
3. Something you are

Question 51

ISO 7816

Answer 51

Standard for landing contact readers (Smart Cards)

Question 52

Dynamic Passwords

Answer 52

One time passwords. Could be from a token or hard word.

Question 53

2 Types of Tokens

Answer 53

1. Synchronous - Time is synchronized between the token device and the authentication server. (RSA Token)
2. Asynchronous - Provides a new, one-time password with each use of the token. (SafeWord eToken PASS)

Question 54

Process for Asynchronous Subject to gain access to object

Answer 54

5 Step Process.

1. Authentication server presents a challenge request to subject
2. Subject enters the challenge into token device
3. Token calculates a correct response
4. Subject enters response to the challenge along with a password or PIN
5. Response & Password (or PIN) is verified by the authentication server.

Question 55

RFID

Answer 55

Radio Frequency Identification

Wireless, non-contact use of radio electromagnetic fields to transfer data for the purposes of automatically identifying and tracking tags attached to objects.

Question 56

Main Issue with RFID

Answer 56

Crossing Signals. When two or more readers overlap, the tag is unable to respond to simultaneous queries.

Question 57

Anti-Collision Protocol

Answer 57

Enable RFID tags to take turns in transmitting to a reader.

Question 58

Biometrics

Answer 58

Technology that measure and analyze human body characteristics (DNA, fingerprints, voice patterns, facial pattern, hand movements)

Question 59

Key Issue with Biometrics

Answer 59

Since Biometric data cannot be changed, data such as a user’s facial characteristics and fingerprints are in the public domain and can be captured without consent or knowledge.

Solution? Protocols should be in place to rely on proof of freshness of biometric data and cannot rely on its secrecy.

Question 60

Two steps in Biometric Authentication Solution

Answer 60

1. Enrollment

2. Verification

Question 61

On-Card Matching vs Off-Card Matching?

Answer 61

Think in terms of Biometrics

1. On-Card Matching: User verification carried out via smart card
2. Off-Card Matching: User verification carried out via the system.

Question 62

How many classifications within Biometrics?

Answer 62

Two

1. Behavioral
2. Physiological

Question 63

Behavior Biometrics

Answer 63

signature analysis, voice pattern recognition, and keystroke dynamics

Question 64

Signature Analysis

Answer 64

3D analysis of a signature, using both the pressure and form of the signature.

Also analyzes the series of movements such as acceleration, rhythm, pressure, and flow.

Question 65

Voice Pattern Recognition

Answer 65

Creates a database of unique characteristics of the AC Subject’s voice.

Subject speaks into a microphone and an AC device compares the current voice pattern with the one in the database.

• Inexpensive Methodology to implement, but because of high error rate, it is best if used to complement another more accurate technology (Iris Scanning)

Question 66

Issues with Voice Pattern Recognition?

Answer 66

-> Biology. As the subject ages, the characteristics of the voice naturally change. Same is true is subject is under stress (during an emergency)

-> Inflection - Possible through
altering of inflection during given phrase.

Question 67

Keystroke Dynamics

Answer 67

AC Subject’s Keystrokes as in the Username and Password. Characteristics include but aren’t limited to: - Length of time each key is held down

Length of time between keystrokes

Typing Speed

Tendencies to switch between a numeric keypad and keyboard numbers

Keystroke tendencies involved in capitalization *Lowest cost authentication mechanism. Cannot be used reliably in a single-factor or two-factor (using passphrase). Needs to be used with two-factor (Iris Scanning)
**Provides continuous authentication

Question 68

Issues with Keystroke Dynamics?

Answer 68

Accuracy can be affected by hand injuries, fatigue, arthritis, and even temperature

Question 69

Physiological Biometrics Examples

Answer 69

Fingerprint, Hand, Vascular, Eye, Facial Recognition Technology

Question 70

Fingerprint Verification Technology

Answer 70

Typically requires 7 characteristics or matching points. Human finger contains some 30-40 characteristics or matching points.

Question 71

Issue with Biometric Technology and Possible Solution?

Answer 71

Biggest Challenge facing biometric technology, and fingerprint verification in particular, is the ability to carry out performance evaluations unambiguously and reliable.

Solution FVC-onGoing, a web based automated evaluation system for fingerprint recognition algorithms.

Question 72

FVC-onGoing

Answer 72

Web-Based evaluation system, used mainly for fingerprint recognition algorithms. Test are carried out on a set of sequestered datasets, and results are reported online by using well-known performance indicators and metrics.

FVC = Fingerprint Verification Competitions

Question 73

Hand Geometry Technology

Answer 73

Verification based on key points in Subject’s hand. Hand Geometry measures dimensions on hands and fingers.

Pros - Provides a proven reliable verification even with difficult environments, simple to operate

Cons - Less accurate and requires large and expensive equipment.

Question 74

Vascular Patterns

Answer 74

‘Ultimate Palm Reader’

A picture of the veins in a person’s hand or finger, including, thickness and location, which are determined to be unique for each Subject.

Question 75

Claims for Vascular Pattern Technology

Answer 75

1. Difficult to Forge - Veins are inside hand, and veins are only registered is blood is flowing through them.
2. Contactless
3. Many and Varied Users - Used for ATMs, hospitals, and Universities in Japan.
4. Capable of 1:1 and 1:many matches

Question 76

Retina Scan

Answer 76

Oldest and most accurate biometric authentication methodologies. There is no known technology that can forge a retina scan. And retina scans on a dead subject will not create the same signature as that of a live one.

Question 77

Iris Scan

Answer 77

Based on scanning the granulatrity of the richly detailed color bands around the pupil. Bands are well defined at birth and change litte over the subject’s lifetime. Maps nearly 247 variables.

Question 78

Iris Scan vs Retina Scan

Answer 78

Iris Scan maps the color bands on the Iris

Retina Scan - Maps the blood vessels in the back of the eye.

Question 79

Issues with Iris Scanning

Answer 79

1. Has proven to fall victim to scanned images

2. Alcohol New ISO standard requires two images to be compared with an Iris scan.

Question 80

Facial Recognition

Answer 80

Uses landmarks on the face, such as cheekbone, tip of nose, and eye socket orientation.

Approx 80 separate characteristics, but systems usually measure 14-22.

Question 81

Rates used in Biometric Accuracy

Answer 81

FAR & FRR

Question 82

FRR

Answer 82

FALSE REJECTION RATE

Failure to recognize a legitimate user.

Type 1 Error

Question 83

FAR

Answer 83

FALSE ACCEPTANCE RATE

Erroneous Recognition.

Type 2 Error

Question 84

In terms of FAR and FRR, what will adjusting the threshold do?

Answer 84

Adjust the failure rates. However, decreasing one will increase the other.

Question 85

CER

Answer 85

CROSSOVER ERROR RATE

The point where the accuracy rate equals the error rate of the other.

Question 86

Crossover Accuracy: Retinal Scan

Answer 86

1:100,000,000

Question 87

Crossover Accuracy: Iris Scan

Answer 87

1:131,000

Question 88

Crossover Accuracy: Fingerprint

Answer 88

1:500

Question 89

Crossover Accuracy: Hand Geometry

Answer 89

1:500

Question 90

Crossover Accuracy: Signature Dynamics

Answer 90

1:50

Question 91

Crossover Accuracy: Voice Dynamics

Answer 91

1:50

Question 92

ANSI INCITS 395-2005

Answer 92

Specifies a format for the representation of a digitized sign or signature data.

Question 93

How many types of Tokens are there?

Answer 93

Four

1. Static Password
2. Synchronous Dynamic Password
3. Asynchronous Password
4. Challenge Response

Question 94

Static Password Token

Answer 94

Device contains a password that is physically hidden (not visible to processor) but that is transmitted for each authentication. Vulnerable to replay attacks

Question 95

Synchronous Dynamic Password Token

Answer 95

A timer is used to rotate through various combinations produced by a cryptographic algorithm. Token and authentication server MUST have synchronized clocks.

Question 96

Asynchronous Password Token

Answer 96

A one-time password is generated without the use of a clock.

Question 97

Challenge Response Token

Answer 97

Using public key cryptography, it is possible to prove possession of a private key without revealing that key.

The Authentication server encrypts a challenge with a public key; the device proves it possesses a copy of the matching private key by providing the decrypted challenge.

Question 98

Smart Cards (Types?)

Answer 98

Typically a type of chip card.

Fobs, SIMS used in GSM mobile phones, USB-based tokens are forms of these.

Two types: Contact and Contactless

Contact must be inserted into a reader.
Contactless only requires proximity.

Question 99

Dual-Interface Cards vs Hybrid Cards

Answer 99

Two less known types of Smart Cards Dual-Interface

Single Chip with both contact and non-contact interfaces. Possible to access the same chip using either interface with a high level of security.

Hybrid - Has two chips, one with a contact interface, another with a contactless interface.

Question 100

Common Techniques for authentication in your AC System

Answer 100

1. Knowledge based
2. Token based
3. Characteristic based

Question 101

Dual Control

Answer 101

aka ‘Split Knowledge’

Built on the principal that ONE person should have access to information that would allow the person to determine the encryption key used to encrypt protected information more quickly than a brute-force attack.

Collusion would require two people.

Question 102

Periodic Authentication After authentication

Answer 102

Periodically issues the challenge/response authentication queries with the user’s token to determine if the user has physically left the area. Reduces risk that a user would walk away from a device before plugging out.

Question 103

Reverse Authentication

Answer 103

“Way to authenticate the website/page to the user. BoA adopted this early using PassMark. Example: ““Chose the pictures with the cars in it”””

Question 104

Reference Monitor

Answer 104

The service or program where AC information is stored and where access control decisions are made. Once granted, what a user can do is controlled by the authorization matrix/table.

Question 105

Authorization Table

Answer 105

Matrix of AC objects, subjects, and their respective rights. Used in some DAC systems to provide a simple and intuitive UI for the definition of AC rules.

Question 106

LDAP

Answer 106

Lightweight Directory Access Protocol Application protocol used for querying and modifying directory services over TCP/IP.

Question 107

LDAP Directory

Answer 107

Lightweight Directory Access Protocol Directory Is a logically and heirarchically organized gropu of objects and their respective attributes using LDAP Directory Tree.

Question 108

LDAP Tree

Answer 108

Lightweight Directory Access Protocol [Directory] Tree Starts with the domain names at the top of the hierarchy followed by organizational boundaries, then groups followed by users and data, such as groups of documents.

Question 109

DN

Answer 109

Distinguished Name

Part of the Directory Entry Formed by combining it’s Relative Distinguished Name (RDN), one or more attributes of the entity itself, and the RDN of the superior entries reaching all the way up tot eh root of the DIT.

Question 110

ADDS

Answer 110

(NT Directory Services)

Micrsoft Active Directory Domain Services

Stores data and information within a central database. Provides things like LDAP, authentication, DNS based naming. Used for assignment of policies because of its many attributes, it is commonly used by separate services to facilitate software distribution with a network.

Question 111

SSO

Answer 111

Single Sign On Primary Purpose is convenience of the user.

Question 112

What are the two Significant risks with SSO?

Answer 112

1. Single point of failure

2. Single point of access

Question 113

Kerberos

Answer 113

Developed at MIT Popular network authentication protocol for indirect (3rd party) authentication services. Provides strong authentication using secret-key cryptography.

Question 114

Kerberos Operations

Answer 114

It is an operational implementation of key distribution technology and affords a key distribution center, authentication service, and ticket granting service. Hosts, applications, and servers all have to be ‘kerberized’ to be able to communicate with the user and the ticket granting services

Question 115

Kerberos Supports?

Answer 115

1. Authentication
2. Authorization
3. Confidentiality
4. Integrity
5. Nonrepudiation

Question 116

Nonrepudiation

Answer 116

Determines exactly who sent or received a message.

Question 117

Kerberos Port Number(s)

Answer 117

UDP: 53/88

TCP: 53/88

Question 118

Four types of trust architectures

Answer 118

1. Internet
2. Intranet
3. extranet
4. DMZ

Question 119

DMZ

Answer 119

Demilitarized Zone Computer host or small network inserted in a ‘neutral zone’ between a companies private network and the outside public network. Prevents outside threats from having direct access to company data.

Question 120

Intranet vs Extranet

Answer 120

Intranet - Network based on TCP/IP and belonging to an organization, accessible only by the organization’s members, employees, or other with authorization. Extranet - Network that allows controlled access from outside for specific business or educational purposes.

Question 121

Trust Path

Answer 121

Series of trust relationships that authentication requests must follow between domains.

Question 122

One-Way Trust

Answer 122

Unidirectional authentication path that is created between two domains. A trust B, so A can get to B, but B cannot get to A

Question 123

Two-Way Trust

Answer 123

Authentication requests between two domains in both directions. A trust B, and B trust A.

Question 124

Trust Transitivity (And Types)

Answer 124

Determines whether a trust can be extended outside the two domains between which the trust was formed.

Transitive Trust - Extend Trust Relationship

Non-Transitive Trust - Deny Trust Relationships with other domains.

Question 125

Name areas that make up the Identity Management Lifecycle

Answer 125

1. Authorization - Determines whether a user is permiteed to access desired resource.
2. Proofing - Verify’s peoples identity before enterprise issues them accounts and credentials.
3. Provisioning - Automation of all procedures and tools to manage the lifecycle of an identity.
4. Maintenance - User management, password management, role/group management
5. Entitlement - Set of rules, defined by resource owner, for managing access to a resource, and for what purpose.

Question 126

GFAC

Answer 126

Generalized Framework AC by Adams and LaPadula RSBAC is based on this.

Question 127

iSCSI

Answer 127

Internet Small Computer Systems Interface Transport Layer Protocol that works on top of TCP.

Question 128

What are the Authentication methods supported with iSCSI

Answer 128

Kerberos
SRP
SPKM1/2
CHAP

Question 129

SRP

Answer 129

SECURE REMOTE PASSWORD

Secure password-based authentication and key-exchange protocol.

Question 130

SPKM1/2

Answer 130

Simple Public-Key Mechanism Provides authentication, key establishment, data integrity, and dta confidentiality in an online distributed application enviroment using a public-key infastructure.

Question 131

CHAP

Answer 131

Challenge Handshake Authentication Protocol Used to periodically verify the identity of the peer using a three-way handshake.

Question 132

Biba Formal Model - 3 Primary Rules

Answer 132

1. AC Subject cannot request services from an AC Object that has a higher integrity level
2. AC Subject cannot modify an AC Object that has a higher integrity level
3. AC Subject cannot access an AC Object that has a lower integrity level

Question 133

Singulation Protocol

Answer 133

Anti-collision protocols for RFID tags to take turns in transmitting to a reader.

Question 134

Behavior traits in a biometric device

Answer 134

Voice pattern
Keystroke dynamics
Signature dynamics

Question 135

type 1 error

Answer 135

FRR - Fales Reject Rate

Question 136

type 2 error

Answer 136

FAR - False Acceptance Rate

Question 137

Voice Pattern vs Speech Recognition

Answer 137

VP - Identifies and Records a number of Data Points based on patterns.

SR - Identifies Word sounds and matches the sounds to a prerecorded profile.

Question 138

IAM Programs?

Answer 138

Control Physical and logical access to information, systems, devices, and facilities.