Domain 2 - Asset Management

Question 1

What is data acquisition?

Answer 1

The creation or retrieval of data

Question 2

What are top secret and confidential classifications considered to be when applied to data?

Answer 2

Exceptionally grave damage

Question 3

What arethe secret or private data classifications considered to be?

Answer 3

Serious Damage

Question 4

What are the confidential and sensitive data classifications considered to be?

Answer 4

Damage

Question 5

What are labels assigned to?

Answer 5

Objects

Question 6

What manipulates objects?

Answer 6

Subjects

Question 7

Who are the mission and business owners in data policies?

Answer 7

Senior executives / management

Question 8

Who are the data / information owners in data policies?

Answer 8

Managers. They assign sensitivity labels and backup frequency.

Question 9

Who are the data custodians in data policies?

Answer 9

Technical employess who handle backups, restore data, patch, etc..

Question 10

Who are the system owners in data policies?

Answer 10

Managers and they are the owner of the systems that house the data. Like the infrastructure team.

Question 11

Who are the data controllers and data processors in data policies?

Answer 11

They create and manage sensitive data in the organization. Processors manage data for controllers.

Question 12

What is non-volatile memory?

Answer 12

It retains data in memory even after power loss. Most common use is the BIOS. Also known as ROM (Read only memory).

Question 13

What is Programmable read only memory (PROM)?

Answer 13

Programmable, but usually done at the factory and could not be updated.

Question 14

What is Erasable Programmable read only memory (EPROM)?

Answer 14

erasable read only memory.

Question 15

What is Electronically erasable read only memory (EEPROM)?

Answer 15

Electronically erasable read only memory.

Question 16

Where is L1 cache located?

Answer 16

On the CPU and is the fastest.W

Question 17

What is the definition of Sanitization in data destruction?

Answer 17

It is a process of rendering target data infeasible for a given level of recovery.

Question 18

What is the definition of purge in data destruction?

Answer 18

removing sensitive data from a system or device to a point where data recovery is no longer feasible even in a lab environment.

Question 19

What is degaussing?

Answer 19

It is used for destroying magnetic media. It is useless on SSD.

Question 20

What is Cloud Access Security Broker (CASB)?

Answer 20

Monitors user activity and enforces security policy compliance. Think AWS config.

Question 21

In discretionary access control, who gives subjects ownership of objects.

Answer 21

Users give access to their files.

Question 22

How does access control work when dealing with mandatory access control?

Answer 22

Based on a subjects clearance and an object’s labels.

Question 23

What is RUBAC?

Answer 23

Rule based access control based on IF and THEN statements. Like a firewall.

Question 24

What is the focus of the Bell-Lapadula security model focus?

Answer 24

Confidentiality

Question 25

What type of access control is Bell-Lapadula?

Answer 25

Mandatory Access Control

Question 26

What are the properties of Bell-Lapadula

Answer 26

No write ups
No write down
No read or write up and down.

(Think clearances)

Question 27

What is the focus of the Biba security model?

Answer 27

integrity

Question 28

What are the properties of the Biba?

Answer 28

No read down
No write up
No read or write up

Question 29

What access control type is Biba?

Answer 29

Mandatory Access Control

Question 30

What is Lattice (Label) Based Access Control?

Answer 30

Users have multiple access rights. Very complex.

Question 31

What is the Grahm-Denning Model?

Answer 31

Uses objects, subjects, and rules.. Has 8 rules that a specific subject can execute.

Question 32

What is Harrisonn-Ruzzo-Ullman model?

Answer 32

An OS level security model that dealsw ith the integrity of access rights in the system.

Question 33

What part of the CIA triad does the Clark-Wilson model focus on?

Answer 33

Integrity

Question 34

Describe the key points of the Clark Wilson Model?

Answer 34

Uses Subjects, Programs, and Objects.

Programs are between subjects and objects.

Question 35

What is the Brewer Nash Model?

Answer 35

Designed to mitigate conflict of interest in commercial organizations

Question 36

Describe how the Brewer Nash model works?

Answer 36

No information can flow between the subjects and objects in a way that would create a conflict of interest.

Question 37

What is the non-interference model and how does it work?

Answer 37

It ensures that any actions that take place at a higher security level do no affect or interfere with actions at a lower level.

Question 38

What is the take grant protection model and how does it work?

Answer 38

It uses rules that govern the interactions between subjects and objects.

Question 39

What is the Zachman Framework and how does it work?

Answer 39

This is used for enterprise architecture and has six frameworks. The what, how, where, who, when, and why. The frameworks get mapped to rules for planners, owners, designers, builders, programmers, and users.

Question 40

What access control can be used for security modes?

Answer 40

Mandatory Access Control and Discretionary access control.

Question 41

How is the mode determined?

Answer 41

By the types of users, data, and the levels of users.

Question 42

What are the requirements for dedicated security mode?

Answer 42

Signed NDA for all data
Proper Clearance for all data
Formal Access Approval for all data
Valid Need to know for all data

All users can access ALL data.

Question 43

What are the requirements for system high security mode?

Answer 43

Signed NDA for all data
Proper Clearance for all data
Formal Access Approval for all data
A valid need to know for some of the data
All users can access SOME data based on their need to know.

Question 44

What are the requirements for compartmented security mode?

Answer 44

Signed NDA for all data
Proper Clearance for all data
Formal Access Approval for some data
A valid need to know for some of the data
All users can access SOME data based on their need to know.

Question 45

What are the requirements for multilevel security mode?

Answer 45

Signed NDA for all data
Proper Clearance for some data
Formal Access Approval for some data
A valid need to know for some of the data
All users can access SOME data based on their need to know.

Question 46

What is the orange book in the rainbow series?

Answer 46

Earliest book which most security models are based on today. It is called the Trusted Computer System Evaluation Criteria (TCSEC).

Question 47

What is the red book in the rainbow series?

Answer 47

It addresses network systems and described The Trusted Network Interpretation (TNI).

Question 48

What is ITSEC?

Answer 48

It is the European information technology security evaluation Criteria model

Question 49

What is the international common criteria (ISO/IEC 15408)?

Answer 49

Still in use for evaluage.

Question 50

What is the target of evaluation?

Answer 50

It is the product or system that is the subject of evaluation.

Question 51

What is the protection profile?

Answer 51

It is a document which identifies security requirements for a group of devices.W

Question 52

What is a security target?

Answer 52

A document that identifies the security properties of the target of evaluation.

Question 53

What are evaluation assurance levels?

Answer 53

They score compliance against a benchmark of 7 levels. Higher level means higher compliance.

Question 54

What is the PASTA Threat Model?

Answer 54

It is attacker focused.

Gives a dynamic threat identification, enumeration, and scoring process

Stages are:
Definition of objective
definition of the technical scope
Application decomposition and Analysis (ADA)
Threat Analysis
Weakness and vulnerability analysis
Attack modeling and Simulation
Risk analysis and Management

Question 55

What is the STRIDE threat model?

Answer 55

It is developer focused and has six categories

spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Elevation of Privilege

Question 56

What is the TRIKE threat model?

Answer 56

Acceptable Risk Focus

Question 57

What is the DREAD threat model?

Answer 57

categorizes the impact by a score

Question 58

What are the security domains?

Answer 58

A list of objects a subject is allowed to access, groups of objects and subjects with similar requirements.

Question 59

What is kernal mode?

Answer 59

It allows a low-level unrestricted access to memory, cpu, disk, etc.

Question 60

What is user mode?

Answer 60

No direct access to hardware. Access is directed through an API.

Question 61

What are open systems?

Answer 61

They use open standards and can use standard components.

Question 62

What are closed systems?

Answer 62

They use proprietary hardware and software

Question 63

What is the ring model?

Answer 63

It separates trusted from untrusted.

Ring 3 User applications
Ring 2 Device Drivers
Ring 1 Other device drivers

Question 64

What ring does a hypervisor sit on in the ring model?

Answer 64

It sits at -1