Domain 3 - Security Architecture and Engineering Flashcards

Question 1

Q

Principle of split knowledge

Answer

A

Split knowledge means that the information or privilege required to perform an operation is divided among multiple users. example: role separation

This ensures that no single person has sufficient privileges to compromise the security of the environment. M of N Control is an example of split knowledge used in key recovery and other sensitive tasks.

key escrow arrangement, M of N Control, a cryptographic key is stored with a third party for safekeeping, requires that a minimum number of agents ( M ) out of the total number of agents ( N ) work together to perform high-security tasks. So, implementing three of eight controls would require three people out of the eight with the assigned work task of key escrow recovery agent to work together to pull a single key out of the key escrow database

Question 2

Q

Asymmetrics vs Symmetric Cryptographic System

Answer

A

Symmetric cryptosystems use a shared secret key available to all users of the cryptosystem.

Weakness: Key distribution is problem, not scalable, keys must be regenerated often, does not implement nonrepudiation

Asymmetric cryptosystems use individual combinations of public and private keys for each user of the system.

Weakness: Slow

Question 3

Q

Types of Ciphers

Answer

A

Stream > Symmetric Key cipher, plaintext combined with pseudorandom digit stream

Block Ciphers > Encrypting text to block of data at once rather than to one bit

Substitution > is a random bit string (a nonce) that same length as block size that is XORed with the message, IVs are used to create unique chipher text every time the same message is encrypted with the same key

Transposition > rearrange the letters forming ciphertext

Initialization Vector (IV)
is random bit string that is the same length as the block size that is XORed with the message.

Caesar, Vigenere, One time pad : similar stream cipher, different is key length
Caesar: 1 key
Vigenere: word or sentence
One time pad: use same length as text

Question 4

Q

One time pad success factors

Answer

A

> Key must be generated randomly without any known pattern
Pads must be protected against physical disclosure
Each pad must be used only one time then discarded

Question 5

Q

What is zero knowledge proof?

Answer

A

is a communication concept, prove knowledge fact to another individual without revealing the fact itself

Question 6

Q

What is work function/factors?

Answer

A

measure the strength of cryptography system by measuring the effort (cost/time).

The time and effort required to break protective measure

Question 7

Q

5 basics operation on DES

Answer

A

DES : Data Encryption Standards is basic methods for encryption data
3DES : use DES 3 times with 2 or more different key

ECB : Electronic Codebook > Simple & Least Secure, processes 64-bit blocks, encrypt block with the chosen key, if same block encountered multiple time, same encrypted block is produces, making it easy to break

CBC : Cipher Block Chaining > Each block of unencrypted text is XORed with the block of ciphertext immediately preceeding, decrypting process simply decrypt ciphertext and reverses the XOR operation

CFB : Cipher Feedback > like CBC but in streaming mode

OFB : Output Feedback > No chaining function, XOR plaintext with seed value

CTR : Counter > uses a incrementing counter instead of seed.

Question 8

Q

XOR Cipher

Answer

A

Exclusive OR, Method for flipping bit

1 1 > 0
1 0 > 1
0 1 > 1
0 0 > 0

Question 9

Q

Key Clustering

Answer

A

A Weakness in cryptography where a plain-text message generates identical ciphertext mesages using same algorithm but using different keys, similar with collision

Question 10

Q

Asymmetric Key Types

Answer

A

Public keys are shared among communicating parties
Private keys are kept secret

> Data
to encrypt using public key
to decrypt using private key

> Digital Signature, provide non-repudiation
to sign a message, use you own private key.
to valid a signature, use senders public key

Question 11

Q

5 Requirements of good hash function

Answer

A

They must allow input of any length
Provide fixed-length output
Easy to compute the hash function for any input
Provide one-way functionality
Must be collision free

Question 12

Q

Cryptographic Salts

Answer

A

to prevent rainbow tables attacks

a salt is random data that used as additional input in one way function.

rainbow tables : precomputed values to identify commonly used password

Question 13

Q

Digital Signature Standard

Answer

A

DSS rely on public key cryptography and uses message digest function, must use SHA-2 hashing function as a standards

Work in conjuction with one of three encryption algorithms

DSA : Digital Signature Algorithm, specified in FIPS 186-4
RSA : Rivest Shamir Adleman Algorithm, specified in ANSI X9.31
ECDSA : Elliptic Curve DSA Algorithm, specified in ANSI X9.62

Question 14

Q

What is Public Key Infrastructure?

Answer

A

PKI certificate authorities (CA) generate digital certificates containing the public keys of system users

users then distributes certificates to people with whom they want to communicate

Certificate recipients verify a certificate using the CA’s public key

Question 15

Q

Security Traffic (data in motion)

Answer

A

Email : standards, using S/MIME protocol and PGP (Pretty Good Privacy)

Web : using HTTP over Transport Layer Security (TLS)

Network : using IPSec

IPSec > secure communitcation over IP. 2 secure channel, transport mode or tunnel mode. can be used to establish direct communication between computer or over a VPN connection.

2 protocol: 
Authentication Header (AH) > assurances of message integrity and nonrepudiation
Encapsulating Security Payload (ESP) > provides confidentiality and integrity of packet contents. It provides encryption and limited authentication and prevents replay attacks.

Question 16

Q

Common Cryptographic Attacks

Answer

A

Brute-force attacks - randomly find the correct cryptographic text

Meet in the middle attack, exploits protocol that use 2 rounds of encryption (ex, 2DES)

Man in the middle attack, fools both parties into communicating with the attacker instead of directly with each other

Birthday attack, attempt to find collisions in hash function

Replay attack, attempt to reuse authentication request (need to use mitm to intercept request)

Question 17

Q

Digital Rights Management

Answer

A

Allow content owners to enforce restriction on the use of their content by others

Question 18

Q

3 Major Asymmetric Cryptosystems

Answer

A

RSA > founded by 1977 depends on the difficulty of factoring the product of prime numbers

El Gamal > extension of Diffie-Hellman key exchange algorithm that depends on modular arithmetic (less common than RSA)

Elliptic Curve > more secure, depends on elliptic curve discrete logarithm

Question 19

Q

What is Security Models? and list 7 security model

Answer

A

In information security, models provide a way to formalize security policies.

> Integrity
Biba 
Clark-Wilson
Goguen-Mesguer 
Sutherland

> Confidentiality
Bell-Lapadula
Take Grant
Brewer and Nash

> Secure creation and deletion of both subjects and objects
Graham–Denning Model, uses 8 primary protection
Harrison–Ruzzo–Ullman Model, assignment of object access rights to subjects as well as the resilience of those assigned rights

Question 20

Q

What is Biba model?

Answer

A

focused on integrity, using Mandatory Access Control, Lattice-based model

Properties:
> The Simple Integrity Property states that a subject cannot read an object at a lower integrity level (no read-down).
> The * (star) Integrity Property states that a subject cannot modify an object at a higher integrity level (no write-up).
> Invocation Property : No Read or Write Up (subject can never access or alter data on higher level)

Question 21

Q

What is Bell-Lapadula model?

Answer

A

state machine model enforce confidentiality, uses mandatory access control to enforce the DoD multilevel security policy.

prevents the leaking or transfer of classified information to less secure clearance levels

The Simple Security Property states (no read up) > subject cannot read data at a higher level of classification
The * (star) Security Property (no write down) > subject cannot write info to lower level of classification
Strong * Property > subjects can Only access data on their own level (No Read or Write UP and Down)
The Discretionary Security Property > states that the system uses an access matrix to enforce discretionary access control. restricting access to objects based on the identity of subjects and/or groups to which they belong

Question 22

Q

What is Brewer-Nash Model?

Answer

A

Chinese Wall, focused on confidentiality, restrict users access based on activity, prevent conflict of interest (COI). For example, once consultant access data belonging Acme Cola, they may no longer access data belonging Acme Cola competitors.

Question 23

Q

When is fire detected though technology?

Answer

A

Incipient stage During such hey stage air ionization takes place and specialize incipient at fire detection systems can identify the changes early

Question 24

Q

What is Confinement

Answer

A

Technique to ensuring CIA, Software designers use process confinement to restrict the actions of a program. Simply put, process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing

The goal of confinement is to prevent data leakage to unauthorized programs, users, or systems.

Question 25

Q

What is Bounds?

Answer

A

Each process that runs on a system is assigned an authority level, enforce confinement, there may be only two authority levels: user and kernel

Question 26

Q

What is Isolation?

Answer

A

When a process is confined through enforcing access bounds, that process runs in isolation

Question 27

Q

What is Trust and Assurance?

Answer

A

Trust is the presence of a security mechanism, function, or capability, on the other hand Assurance is the degree of confidence in satisfaction of security needs

Question 28

Q

What is Maintenance Hook

Answer

A

When developer give feature to bypass normal security function, if not removed on production environment, this really risky if attacker find a way to use maintenance hook

Question 29

Q

List Industrial Control Systems (ICS)

Answer

A

An industrial control system (ICS) is a form of computer-management device that controls industrial processes and machines, also known as operational technology (OT)

> distributed control systems (DCS) : used to interconnect several PLCs, but within a limited physical range, in order to gain centralized control, management, and oversight through networking
programmable logic controllers (PLC) : used to control a single device in a standalone manner
supervisory control and data acquisition (SCADA) : expanded control to large-scale physical areas to interconnect multiple DCSs and individual PLCs. For example, a PLC can control a single transformer, a DCS can manage a power station, and SCADA can oversee a power grid.

Question 30

Q

Principle of Keep it simple

Answer

A

is the encouragement to avoid overcomplicating the environment, organization, or product design

Question 31

Q

What is Trusted Computing Base?

Answer

A

design principle is the combination of hardware, software, and controls that work together to form a trusted base to enforce your security policy

security perimeter is an imaginary boundary that separates the TCB from the rest of the systems

For the TCB to communicate with the rest of the system, it must create secure channels, also called trusted paths. A trusted path is a channel established with strict standards to allow necessary communication to occur without exposing the TCB to security exploitations. A trusted shell allows a subject to perform command-line operations without risk to the TCB or the subject

reference monitor is the access control enforcer for the TCB.

The collection of components in the TCB that work together to implement reference monitor functions is called the security kernel

Question 32

Q

What is Trusted Platform Module (TPM)?

Answer

A

Trusted Platform Module (TPM) is both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification

A TPM is an example of a hardware security module (HSM). An HSM is a cryptoprocessor used to manage and store digital encryption keys, accelerate crypto operations, support faster digital signatures, and improve authentication.

Question 33

Q

What is A constrained interface?

Answer

A

is implemented within an application to restrict what users can do or see based on their privileges

Question 34

Q

Principle of Zero Trust

Answer

A

Zero trust is a security concept where nothing inside the organization is automatically trusted

Question 35

Q

Principle of Privacy by Design (PbD)

Answer

A

guideline to integrate privacy protections into products during the early design phase rather than attempting to tack it on at the end of development

7 Foundational Principles:

Proactive not reactive; preventive not remedial
Privacy as the default
Privacy embedded into design
Full functionality – positive-sum, not zero-sum
End-to-end security – full lifecycle protection
Visibility and transparency
Respect for user privacy

Question 36

Q

Purpose of Common Criteria?

Answer

A

defines various levels of testing and confirmation of systems’ security capabilities, and the number of the level indicates what kind of testing and confirmation has been performed. a subjective security function evaluation tool that uses protection profiles (PPs) and security targets (STs) and assigns an Evaluation Assurance Level (EAL).

The Common Criteria process is based on two key elements:
> Protection profiles (PPs) specify for a product that is to be evaluated (the TOE) the security requirements and protections, which are considered the security desires, or the “I want,” from a customer.
> Security targets (STs) specify the claims of security from the vendor that are built into a TOE. STs are considered the implemented security measures, or the “I will provide,” from the vendor

Question 37

Q

Kerckhoff’s Principle on Cryptography

Answer

A

All cryptography relies on algorithms, a concept that makes algorithms known and public, allowing anyone to examine and test them

Question 38

Q

What is Clark-Wilson Model?

Answer

A

focused on integrity

Separates end users from the backend data through ‘Well-formed transactions’ and ‘separation of duties’

like Biba but added Invocation Property: prohibits subject at one level of integrity from invoking a subject at higher level of integrity

protect integrity using the access control triplet, three-part relationship of subject/program/object

Separation of duties:
> the certifier of a transaction and the implementer are different entities
> the person making purchase orders should not be paying the invoice

Well-formed transaction: series of operations that transition a system from one consistent state to another consistent state

Question 39

Q

What is Take-Grant Model?

Answer

A

focused on confidentiality, support 4 basic operation take, grant, create, and revoke

example, a subject (X) with the grant right can grant another subject (Y) or another object (Z) any right that subject (X) possesses

Question 40

Q

What is Goguen-Meseguer Model

Answer

A

focused on integrity

foundation of noninterference conceptual theories

When similar users are grouped into their own domain (that is, collective), the members of one subject domain cannot interfere with the members of another subject domain. Thus, subjects are unable to interfere with each other’s activities.

Question 41

Q

What is Sutherland?

Answer

A

focused on integrity

preventing interference in support of integrity.

use to prevent a covert channel from being used to influence the outcome of a process or activity

Question 42

Q

What is Graham-Denning Model?

Answer

A

focused on the secure creation and deletion of both subjects and objects

uses 8 primary protection

securely create an object
securely create an subject
securely delete an object
securely delete an subject
securely provide the read access right
securely provide the grant access right
securely provide the delete access right
securely provide the transfer access right

Question 43

Q

What is Harrison–Ruzzo–Ullman Model?

Answer

A

extension of Graham-Denning Model, but focuses on the assignment of object access rights to subjects as well as the resilience of those assigned rights

6 primitive operation:
> create object
> create subject
> destroy object
> destroy subject
> enter right into access matrix
> delete right into access matrix

Question 44

Q

What is open and closed systems

Answer

A

Open systems are designed using industry standards and are usually easy to integrate with other open systems. Closed systems are generally proprietary hardware and/or software. Their specifications are not normally published, and they are usually harder to integrate with other systems.

Question 45

Q

Principle of secure default

Answer

A

Never assume that the default settings of any product are secure

Question 46

Q

What is Fail Securely?

Answer

A

form of Error handling, programmer codes in mechanisms to anticipate and defend against errors in order to avoid the termination of execution

Question 47

Q

Difference between confinement, bounds, and isolation

Answer

A

Confinement restricts a process to reading from and writing to certain memory locations. Bounds are the limits of memory a process cannot exceed when reading or writing. Isolation is the mode a process runs in when it is confined through the use of memory bounds.

Question 48

Q

What is state machine model, information flow model, and noninterference model?

Answer

A

> The state machine model ensures that all instances of subjects accessing objects are secure.

> The information flow model is based on SMM, designed to prevent unauthorized, insecure, or restricted information flow.

> The noninterference model prevents the actions of one subject from affecting the system state or actions of another subject.

Question 49

Q

What is Authorization to Operate?

Answer

A

Authorization to Operate (ATO) (from the RMF) is a formal approval to operate IT/IS based on an acceptable risk level based on the implementation of an agreed-on set of security and privacy controls.

Question 50

Q

4 Security Mode

Answer

A

can be MAC or DAC,
Signed NDA, Proper clearance, Formal access approval and need to know

> Dedicated Mode
All users can access ALL data.

> System High Mode
All users can access SOME data, based on their need to know.

> Compartmented Mode
All users can access SOME data, based on their need to know and formal access approval.

> Multilevel Mode
All users can access SOME data, based on their need to know, clearance and formal access approval

Question 51

Q

What is Reference Monitor and Security Kernel?

Answer

A

Reference Monitor : enforce access control, logical part of TCB that confirm whether a subject has the right to use a resource prior to granting access

Security Kernel : Implement Access Control, collection of TCB component that implement the functionality of reference monitor

Question 52

Q

What is TCSEC and ITSEC?

Answer

A

predecessor of Common Criteria,

TCSEC (trusted computer system evaluation criteria) : set of criteria for evaluating computer security

ITSEC (Information Technology Security Evaluation Criteria) : initial attempt to create security evaluation criteria in Europe

Question 53

Q

What is covert channel?

Answer

A

a method that is used to pass information over path that is not normally used for communication

> may not be protected by system’s normal security control

Covert Timing : conveys information by altering the performance of a system component or modifying a resource’s timing in a predictable manner

> Blinking a light visible outside the building so that if a reading is taken every two seconds when the light is on count it as a 1 and when the light is off count it as a 0. With an external camera linked to a recording system, a slow transmission of binary data can occur.

Covert Storage : conveys information by writing data to a common storage area where another process can read it. When assessing the security of software, be diligent for any process that writes to any area of memory that another process can read.

> Writing data directly into a bad sector of an HDD or a bad block on an SSD

Question 54

Q

What is mandatory access control?

Answer

A

Enforces an access policy that is determined by the system, not the object owner, relies on classification tables

> every object and every subject has one or more labels, these labels is predefined and system determines access based on assigned labels

Requirement rule

Hierarchical environment
various classification labels are assigned in an ordered structure from low security to medium security to high security

Compartmentalized environment
requires specific security clearances over compartments or domains instead of object

Hybrid environemnt
Contains levels with compartments that are isolated from the rest of the security domain. Combines both hierarchical and compatrtmentalized environment so that security levels have subcompartments

Question 55

Q

What is Layering?

Answer

A

creates different realms of security within process and limits communication between them

Question 56

Q

What is Discretionary Access Control?

Answer

A

permits the owner or creator of an object to control and define its accessibility, because the owner has full control by default

Question 57

Q

What is non-discretionary Access Control?

Answer

A

enables the enforcement of system-wide restriction that override object-specific access control

Question 58

Q

What is rule-based access control?

Answer

A

Defines specific function for access to requested objects, commonly found in firewall systems

Question 59

Q

What is role-based access control?

Answer

A

uses well defined collection of named job roles, to endow each one with specific permission

Question 60

Q

What is Certification, Verification, Validation and Accreditation

Answer

A

Certification: Technical Evaluation of each part of computer system to access its agreement and alignment with security standards

Accreditation: The process of formal acceptance of certified configuration from designated authority

Verification - checking to make sure a system meets the stated requirements (did we build the thing right?)

Validation - checking to make sure the system (or whatever is being validated, security control, etc.) meets the original needs that it was intended to meet. (Did we build the right thing).

Question 61

Q

Multitasking, multithreading, multiprocessing, and multiprogramming

Answer

A

Multitasking : simultaneous execution of more than one application on a computer and is managed by the operating system
Multithreading : permits multiple concurrent tasks to be performed within single process
Multiprocessing : the use of more than one process to increase computing power
Multiprogramming : multitasking for mainframe, requires specific programming

Question 62

Q

Singlestate and multistate

Answer

A

single-state processor are capable of operating at only one security level at a time, whereas multistate can simultaneously operate at multiple security levels

Question 63

Q

2 type processor operating mode

Answer

A

user mode : applications operate in a limited instruction set enviroment known as user mode

privileged : controlled operations are performed in privileged mode, also known as system mode, kernel mode, and supervisory mode

Question 64

Q

List Memory Types

Answer

A

> ROM : Read-only, contents burned at factory

> RAM : Static Ram (SRAM) uses flip-flops and Dynamic Ram (DRAM), DRAM uses capacitors

> PROM : Programmable chip, similar to ROM but not burned on factory

> EPROM/UVEPROM, : Have a small window that, when illuminated with special ultraviolet light, erases content of chip

> EEPROM : uses electric voltages delivered to the pins of the chip to force erasure.

> Flash Memory : Derivative concept from EEPROM, non-volatile, can be electronically erased and rewritten

Answer 65

A

Primary memory is the RAM that a computer uses to keep necessary information readily available to the CPU while the computer is running. Secondary memory (or secondary storage) includes all the familiar long-term storage devices that you use every day. Secondary storage consists of magnetic and optical media such as HDDs, SSDs, flash drives, magnetic tapes, CDs, DVDs, and flash memory cards.

Answer 66

A

Random: allow an OS to read (and sometimes write) immediately from any point within the device by using some type of addressing system. Almost all primary storage devices are random access devices.

Sequential: do not provide this flexibility. They require that you read (or speed past) all the data physically stored prior to the desired location. Example, magnetic tape drive.

Answer 67

A

Removable media can be used to steal data
Access controls and encryption must be applied to protect data
Data can remain on the media even after file deletion or media formatting

Answer 68

A

eavesdroping and tapping, used to smuggle data out of an organization, create insecure points of entry into organization systems and networks

Answer 69

A

software stored on ROM chip, contains basic instruction needed to start a computer and peripheral devices

Answer 70

A

Ring 0: OS Kernel/Memory

Ring 1: other OS component

Ring 2: Drivers, protocol, etc

Ring 3: user-level application/programs

0-2 runs in supervisory and privileged mode
3 runs in user mode

Answer 71

A

Process isolation requires that the OS provide separate memory spaces for each process’s instructions and data. It also requires that the OS enforce those boundaries, preventing one process from reading or writing data that belongs to another process. example, virtual machine

prevent unauthorized access, provide integrity

> Hardware segmentation, similar to process isolation but the uses physical hardware controls

Answer 72

A

creates black box interfaces for programmers to use without requiring knowledge of an algorithm or device inner working, example, object-oriented programming

Answer 73

A

prevents information from being read from a different security level. Hardware segmentation enforces process isolation with physical control

Answer 74

A

to inform and guide the design, development, implementation, testing, and maintenance of some particular system

Answer 75

A

the concept of computing where processing and storage are performed elsewhere over a network connection rather than locally, example, azure, gcp, aws

sensitive & confidential data can be at risk IF the cloud provider and their personnel might not adhere to the same security standards as your organization

Answer 76

A

virtual machine monitor (VMM), is the component of virtualization that creates, manages, and operates the virtual machine (VMs)

Type I hypervisor
A native or bare-metal hypervisor. In this configuration, there is no host OS; instead; the hypervisor installs directly onto the hardware where the host OS would normally reside (vmware vsphere, esxi, microsoft hyper-v) Type 1 hypervisors are often used to support server virtualization

Type II hypervisor
A hosted hypervisor. In this configuration, a standard regular OS is present on the hardware, and the hypervisor is then installed as another software application

Answer 77

A

CASB, is a security policy enforcement solution that may be installed on-permises or in the cloud

Answer 78

A

a cloud provider concept in which security is provided to an organization through or by an online entity

Answer 79

A

A class of devices connected to the internet in order to provide automation, remote control, or AI processing in a home or business setting.

Answer 80

A

> Full device encryption
> remote wiping
> Lockout
> Screen locks
> GPS tracking
> Application Control

Mobile Device Management : software solution to the challenging task of managing the myriad mobile devices that employees use to access company resources, The goals of MDM are to improve security, provide monitoring, enable remote management, and support troubleshooting

> using VDI or VMI

Answer 81

A

Bring your own device policy allows employees to use their own personal mobile devices to work to access business information and resources, improve employee morale but increase security risks

Answer 82

A

is typically designed around a limited set of specific function in relation to the larger product of which it’s a component

Static environment : are applications, OSs, hardware sets, or network that are configured for specific need, capability, or function, and then set to remain unaltered

Ensuring security:
> network segmentation
> manual updates
> application firewalls
> security layers

Answer 83

A

increases the granularity of secure operation, example, role separation

principle of least privilege : ensure that only a minimum number of processes are authorized to run in supervisory mode

Accountability : ensure audit trails exists to trace operations back to their source

Answer 84

A

occurs when the programmer fails to check the size of input data prior to writing the data into a specific memory location

countermeasure: parameter checking, use stack protector

Answer 85

A

file-based race condition, that occurs when a resource is checked for a particular value (time of check), such as whether a file exists or not, and that value then changes before the resource is used(time of use), invalidating the results of the check. example, replay attack: no check, only use

Answer 86

A

Deterrence: Security controls should be deployed so that initial attempts to access physical assets are deterred (boundary restrictions accomplish this).
Denial : If deterrence fails, then direct access to physical assets should be denied (for example, locked vault doors)
Detection: If denial fails, your system needs to detect intrusion (for example, using motion sensors)
Delay: If the breach is successful, then the intruder should be delayed sufficiently in their access attempts to enable authorities to respond (for example, a cable lock on the asset)
Determine: Security staff or legal authorities should determine the cause of the incident or assess the situation to understand what is occurring
Decide: based on that assessment, they should decide on the response to implement, such as apprehending the intruder or collecting evidence for further investigation.

Answer 87

A

> Administrative (Management Control), implement policies and procedures, example, site management, personnel controls, awareness training, emergency response and procedures

> Logical (Technical Control), implemented using technology, such as access control, intrusion detection, alarms, cctv, HVAC, fire detection

> Physical, use physical means to protect object, fencing, lighting, locks, construction materials, mantraps, turnstile, dogs, guards

> > Fence.
3-4 ft : deter casual trespasser
6-7 ft : too hard to climb easily
8 (w/ barbed wire) - will deter intruder

Answer 88

A

Humidity: 40%-60% ideal, 20 and 80 percent. Too much humidity can cause corrosion. Too little humidity causes static electricity, low humidity can generate 20k volt static discharge.

Temperature: Rooms containing primarily computers should be kept at 59 to 89.6 degrees Fahrenheit (15 to 32 degrees Celsius)

Answer 89

A

is based on the idea to structure the physical environment and surroundings to influence individual decisions that potential offenders make before committing any criminal acts.

> Keep planters under 2.5 feet tall—this prevents them from being used to hide behind or as a step to reach a window.
Keep decorative elements small or far away from the building.
Locate the data center at the core of the building.
Provide benches and tables to encourage people to sit and look around; they provide a type of automatic surveillance.
Mount cameras in full view to act as a deterrent.
Keep entrances open and clear (i.e., without obstacles like trees or columns) so that visibility can be maintained.
Keep the number of entrances to a minimum and close off doorways during evenings or weekends when fewer workers are present.
Provide parking for visitors near the entrance.
Make delivery access driveways and entrances less visible or noticeable to the public—for example, by positioning them on the back of the building and requiring the use of an alternate road.

Answer 90

A

Key performance indicators (KPIs) of physical security should be determined, monitored, recorded, and evaluated. KPIs are metrics or measurements of the operation of or the failure of various aspects of physical security.

> Number of successful intrusions
> Number of successful crimes
> Number of successful incidents
> Number of successful disruptions
> Number of unsuccessful intrusions
> Number of unsuccessful crimes
> Number of unsuccessful incidents
> Number of unsuccessful disruptions
> Time to detect incidents
> Time to assess incidents
> Time to respond to incidents
> Time to recover from incidents
> Time to restore normal conditions after incident
> Level of organizational impact of incidents
> Number of false positives (i.e., false detection alerts/alarms)

Answer 91

A

Blackout: prolonged loss of power
Brownout: prolonged low voltage
Fault: short loss of power
Surge: prolonged high voltage
Spike: temporary high voltage
Sag: temporary low voltage

to avoid damage use UPS (uninterruptable power supply) , supply consistent, clean power to sensitive equipment, supply power for hours (depending on its size)

other terms:
Inrush: An initial surge of power usually associated with connecting to a power source, whether primary or alternate/secondary
Ground: The wire in an electrical circuit that provides an alternate pathway for electricity to flow to the earth (i.e., the ground)

Answer 92

A

Noise is the interference of power through some form of disturbance, interruption, or fluctuation. Noise that is not consistent is labeled as transient noise

Electromagnetic interference (EMI): common mode and traverse mode. Common mode noise is generated by a difference in power between the hot and ground wires of a power source or operating electrical equipment. 
Traverse mode noise is generated by a difference in power between the hot and neutral wires of a power source or operating electrical equipment.

Protection: sufficient power conditioning, establishing proper grounding, using shielded cables, running cables through shielding conduits, switching to fiber-optic cables for networking, and limiting copper cable exposure to EMI and RFI (Radio-frequency interference) sources.

example RFI: fluorescent lights, electrical cables, electric space heaters, computers, elevators, motors, and electric magnets

Answer 93

A

to discourage casual intruders, trespassers, prowlers, or would-be thieves who would rather perform their misdeeds, such as vandalism, theft, and loitering, in the dark

provides for easy identification of personnel and makes it easier to notice intrusions.

recommendation: 8 ft high with 2 ft candle power

Answer 94

A

> Never use the wiring closet as a general storage area.
Have adequate locks, which might include biometric elements.
Keep the area tidy.
Do not store flammable items in the area.
Set up video surveillance to monitor activity inside the wiring closet.
Use a door open sensor to log entries.
Do not give keys to anyone except the authorized administrator.
Perform regular physical inspections of the wiring closet’s security and contents.
Include the wiring closet in the organization’s environmental management and monitoring in order to ensure appropriate environmental control and monitoring, as well as to detect damaging conditions such as flooding or fire.

Answer 95

A

Stage 1: The Incipient Stage, At this stage, there is only air ionization and no smoke.
Stage 2: The Smoke Stage, In Stage 2, smoke is visible from the point of ignition.
Stage 3: The Flame Stage, This is when a flame can be seen with the naked eye.
Stage 4: The Heat Stage, At Stage 4, the fire is considerably further down the timescale to the point where there is an intense heat buildup and everything in the area burns.

Suppression:
> Water suppresses the temperature.
> Soda acid and other dry powders suppress the fuel supply.
> Carbon dioxide (CO2) suppresses the oxygen supply.
> Halon substitutes and other nonflammable gases interfere with the chemistry of combustion and/or suppress the oxygen supply.

Gas Discharge System : more effective than water (dont use on areas with people) because it removes oxygen

Answer 96

A

> Rate-of-rise detection systems, trigger suppression when the speed at which the temperature changes reaches a specific level

> Flame-actuated systems trigger suppression based on the infrared energy of flames. This mechanism is fast and reliable but often fairly expensive.

> Smoke-actuated systems, use photoelectric or radioactive ionization sensors as triggers. Either method monitors for light or radiation obstruction or reduction across an air gap caused by particles in the air. It is intended to be triggered by smoke, but dust and steam can sometimes trigger the alarm

> Incipient smoke detection systems, also known as aspirating sensors, are able to detect the chemicals typically associated with the very early stages of combustion before a fire is otherwise detectible via other means.

Answer 97

A

> A wet pipe system : full of water, Water discharges immediately when suppression is triggered.
A dry pipe system : contains compressed inert gas. Once suppression is triggered, the inert gas is released, opening a water valve.
A preaction system (good for areas with people and computer), is a variation of the dry pipe system that uses a two-stage detection and release mechanism. The system exists as a dry pipe until the initial stages of a fire (smoke, heat, and so on) are detected, and then the pipes are allowed to fill with water (Stage 1). The water is released only after the sprinkler head activation triggers are triggered by sufficient heat (Stage 2).
A deluge system, is a system that uses larger pipes and therefore delivers a significantly larger volume of water. Also, when one sprinkler head opens, they all open to fully deluge the area with suppressant. Deluge systems are inappropriate for environments that contain electronics and computers.

Answer 98

A

> Class A (ASH) fires are common combustibles, such as wood, paper > water or soda acid
Class B (BOIL) fires are burning alcohol, oil and other petroleum products > gas or soda acid (never use water)
Class C (CONDUCTIVE) fires are electrical fires > gas
Class D (DILYTHIUM) fires are burning metal > dry powder
Class K (KITCHEN) fires are kitchen fires, such as burning oil or grease > wet chemical, alkaline mixtures

Answer 99

A

> Mean time to failure (MTTF) is the expected typical functional lifetime of the device given a specific operating environment.
Mean time to repair (MTTR) is the average length of time required to perform a repair on the device.
Mean time between failures (MTBF) is an estimation of the time between the first and any subsequent failures.

Answer 100

A

> Smoke is damaging to most storage devices

> Heat can damage any electronic or computer component

> Suppression mediums can cause short circuits, initiate corrosion

Answer 101

A

Electronic Combination Locks (Cipher lock): something you know

Key card systems : something you have

Biometric System: something you are

Conventional Locks are easily picked/bumped & keys easily duplicated

Pick-and-bump resistant locks are expensive, harder to pick and keys not easily duplicated

Answer 102

A

Site Selection:
> Visibility
> Composition of the surrounding area
> Area accesibility
> Effect of natural disasters

Facility Design:
> Level security neeeded by organization and planning for it before construction begins

> Critical path analysis is a systematic effort to identify relationships between mission-critical applications, processes, and operations and all the necessary supporting elements. For example, an online store relies on internet access, computer hardware, electricity, temperature control, storage facilities, and so on.

Answer 103

A

> no equal access to all location within facility, areas with high-value assets require restricted access
valuable and confidential assets should be located in the center of protection provided by a facility
computer room need not be human compatible

Answer 104

A

> Abuses of physical access control include propping open secured doors and bypassing locks or access control
Masquerading, using someone else security ID to gain entry to a facility
Piggybacking, following someone through a secured gate or doorway without being identified or authorized personally

Answer 105

A

> escort is assigned to visitors and their access and activities are monitored closely
Tracking actions, visitors log

Answer 106

A

Room for securely store blank, reusable, and installation media

Concerns: theft, corruption, data remnant recovery

Protection: locked cabinets, assign custodian, check-in check-out process, media sanitization

Evidence Storage: used to retain logs, drive images, virtual machine snapshots, datasets for recovery, internal investigations and forensic investigation

Protection: same as media storage + isolated storage facilities, encryption, offline storage

Answer 107

A

Audit trails and access logs are useful tools for managing for physical access control

Creation, may need to be created manually by security guards or may generated automatically with the right equipment (smartcards and certain proximity readers)

Monitoring, using CCTV, compare audit trails and access logs with visually recorded history of the events

Answer 108

A

Equipment failure is a common cause of a loss of availability. When deciding on strategies to maintain availability, it is often important to understand the criticality of each asset and business process as well as the associated allowable interruption window (AIW), service delivery objective (SDO), and maximum tolerable downtime/outage (MTD/MTO)

Aging hardware should be scheduled for replacement and/or repair

Answer 109

A

40 V, Destruction of sensitive circuits and other electronic components
1,000 V, Scrambling of monitor displays
1,500 V, Destruction of data stored on hard drives
2,000 V, Abrupt system shutdown
4,000 V, Printer jam or component damage
17,000 V, Permanent circuit damage

Answer 110

A

A proximity device can be a passive device, a field-powered device, or a transponder. When it passes near a proximity reader, the reader device is able to determine who the bearer is and whether they have authorized access.

> passive proximity : no active electronics; it is just a small magnet with specific properties
field-powered : has electronics that activate when the device enters the EM field that the reader generates, example, RFID
transponder : self-powered and transmits a signal received by the reader

Answer 111

A

Intrusion detection systems (IDSs) or burglar alarms are systems, automated or manual, designed to detect an attempted intrusion, breach, or attack; the use of an unauthorized entry point; or the occurrence of some specific event at an unauthorized or abnormal time.

Answer 112

A

is the security design principle indicating that organizations do not operate in isolation. It is because we participate in shared responsibility that we must research, implement, and manage engineering processes using secure design principles.

Answer 113

A

Address space is how operating system keep track of memory given to each program.

Memory space is the actual physical memory from the heap .

Address space maps to the memory space, when program terminates, the memory space is released back to the heap.

Address space is virtual and also known as virtual memory.

Virtual memory gives an impression that the computer memory is large, but it keeps reusing memory space.

Answer 114

A

various forms of execution in which a process may run

> Ready : process is ready to resume or begin processing as soon as it is scheduled for execution
Running : is when a process executes on the CPU and keeps going until it finishes, its time slice expires, or it is blocked for some reason (usually because it has generated an interrupt for I/O)
Waiting : when a process is ready for continued execution but is waiting for I/O to be serviced before it can continue processing. Once I/O is complete, then the process typically returns to the ready state, where it waits in the process queue to be assigned time again on the CPU for further processing.
Supervisory : when the process must perform an action that requires privileges that are greater than the problem state’s set of privileges, including modifying system configuration, installing device drivers, or modifying security settings. Basically, any function not occurring in the user mode (ring 3) or problem state takes place in the supervisory mode
Stopped : When a process finishes or must be terminated (because an error occurs, a required resource is not available, or a resource request can’t be met), it goes into a stopped state. At this point, the OS can recover all memory and other resources allocated to the process and reuse them for other processes as needed.

Answer 115

A

> Register Addressing , When the CPU needs information from one of its registers to complete an operation, it uses a register address (for example, “register 1”) to access its contents.
Immediate Addressing, a way of referring to data that is supplied to the CPU as part of an instruction, CPU being told to no need to retrieve that value from a memory location, usually constant value, example command, adds 2 value to register 1
Direct Addressing, CPU is provided with an actual address of the memory location to access. The address must be located on the same memory page as the instruction being executed. Direct addressing is more flexible than immediate addressing since the contents of the memory location can be changed more readily than reprogramming the immediate addressing’s hard-coded data.
Indirect Addressing, uses a scheme similar to direct addressing. However, the memory address supplied to the CPU as part of the instruction doesn’t contain the actual value that the CPU is to use as an operand. Instead, the memory address contains another memory address. The CPU reads the indirect address to learn the address where the desired data resides and then retrieves the actual operand from that address.
Base+Offset Addressing, uses a value stored in one of the CPU’s registers or pointers as the base location from which to begin counting. The CPU then adds the offset supplied with the instruction to that base address and retrieves the operand from that computed memory location.

Answer 116

A

memory data retention issues:
> cold boot attack : freezes memory chips to delay the decay of resident data when the system is turned off or the RAM is pulled out of the motherboard
> memory dump : can extract encryption key on memory

access control on multiuser issue

Answer 117

A

Many electrical devices emanate electrical signals or radiation that can be intercepted by unauthorized individuals. These signals may contain confidential, sensitive, or private data

The types of countermeasures and safeguards used to protect against emanation attacks are known as TEMPEST countermeasures

Van Eck phreaking : allows the electronic emanations that devices produce (known as Van Eck radiation) to be read from a distance

> Faraday Cage : a box, mobile room, or entire building designed with an external metal skin, often a wire mesh that fully surrounds an area on all sides. can be designed to block specific frequencies while allowing others—for example, blocking Wi-Fi while allowing walkie talkies and mobile phones.
White Noise : broadcasting false traffic to mask and hide the presence of real emanations. White noise can consist of a real signal from another source that is not confidential
Control Zone : implementation of both a Faraday cage and white noise generation to protect a specific area in an environment; A control zone can be a room, a floor, or an entire building.
Shielding of cables (networking and otherwise) may be sufficient to reduce or block emanation access

Answer 118

A

Systems designed to perform numerous calculations simultaneously include SMP, AMP, and MPP

symmetric multiprocessing (SMP), single computer contains multiple processors that are treated equally and controlled by a single OS, processors share not only a common OS but also a common data bus and memory resources
asymmetric multiprocessing (AMP), the processors are often operating independently of one another. Usually, each processor has its own OS and/or task instruction set, as well as a dedicated data bus and memory resources
massive parallel processing (MPP), variation of AMP where numerous AMP systems are linked together in order to work on a single primary task across multiple processes in multiple linked systems

> Grid Computing : form of parallel distributed processing that loosely groups a significant number of processing nodes to work toward a specific processing goal. security concern with grid computing is that the content of each work packet is potentially exposed to the world. Many grid computing projects are open to the world, so there is no restriction on who can run the local processing application and participate in the grid’s project
Peer to Peer : are networking and distributed application solutions that share tasks and workloads among peers. This is similar to grid computing; the primary differences are that there is no central management system and the services are usually provided in real time rather than as a collection of computational power. example VoIP Service, Bittorrent

Answer 119

A

also called distributed computing environment (DCE) is a collection of individual systems that work together to support a resource or provide a service. The primary security concern is the interconnectedness of the components.

Answer 120

A

a collection or ledger of records, transactions, operations, or other events that are verified using hashing, timestamps, and transaction data.

Answer 121

A

once information has been converted into a binary form and stored as digital files, it is subject to the laws of the country within which the storage device resides.

Answer 122

A

Internet of Things (IoT) is a class of devices that are internet-connected in order to provide automation, remote control, or AI processing to appliances or devices. The security issues related to IoT often relate to access and encryption.

Industrial Internet of Things (IIoT) is a derivative of IoT that focuses on industrial, engineering, manufacturing, or infrastructure level oversight, automation, management, and sensing. IIoT is an evolution of ICS and DCS that integrates cloud services to perform data collection, analysis, optimization, and automation.

Answer 123

A

Specialized equipment is anything designed for one specific purpose, to be used by a specific type of organization, or to perform a specific function. It may be considered a type of DCS, IoT, smart device, endpoint device, or edge computing system. Some common examples of specialized devices are medical equipment, smart vehicles, autonomous aircraft, and smart meters.

Answer 124

A

Service-oriented architecture (SOA) constructs new applications or functions out of existing but separate and distinct software services. The resulting application is often new; thus, its security issues are unknown, untested, and unprotected. A derivative of SOA is microservices.

Answer 125

A

A microservice is simply one element, feature, capability, business logic, or function of a web application that can be called upon or used by other web applications. It is the conversion or transformation of a capability of one web application into a microservice that can be called upon by numerous other web applications. It allows large complex solutions to be broken into smaller self-contained functions.

Answer 126

A

Infrastructure as code (IaC) is a change in how hardware management is perceived and handled. Instead of seeing hardware configuration as a manual, direct hands-on, one-on-one administration hassle, it is viewed as just another collection of elements to be managed in the same way that software and code are managed under DevSecOps (development, security, and operations).

Answer 127

A

VM escaping occurs when software within a guest OS is able to breach the isolation protection provided by the hypervisor in order to violate the container of other guest OSs or to infiltrate a host OS.

Answer 128

A

A virtual application or virtual software is a software product deployed in such a way that it is fooled into believing it is interacting with a full host OS. A virtual (or virtualized) application has been packaged or encapsulated so that it can execute but operate without full access to the host OS

Answer 129

A

virtualized network or network virtualization is the combination of hardware and software networking components into a single integrated entity. The resulting solution allows for software control over all network functions: management, traffic shaping, address assignment, and so on.

Answer 130

A

Software-defined everything (SDx) refers to a trend of replacing hardware with software using virtualization. SDx includes virtualization, virtualized software, virtual networking, containerization, serverless architecture, infrastructure as code, SDN, VSAN, software-defined storage (SDS), VDI, VMI, SDV, and software-defined data center (SDDC).

Answer 131

A

Virtual desktop infrastructure (VDI) is a means to reduce the security risk and performance requirements of end devices by hosting desktop/workstation OS virtual machines on central servers that are remotely accessed by users. Virtual mobile infrastructure (VMI) is where the OS of a mobile device is virtualized on a central server.

Answer 132

A

Software-defined visibility (SDV) is a framework to automate the processes of network monitoring and response. The goal is to enable the analysis of every packet and make deep intelligence-based decisions on forwarding, dropping, or otherwise responding to threats.

Answer 133

A

Software-defined data center (SDDC) or virtual data center (VDC) is the concept of replacing physical IT elements with solutions provided virtually, and often by an external third party, such as a cloud service provider (CSP).

Answer 134

A

Anything as a service (XaaS) is the catchall term to refer to any type of computing service or capability that can be provided to customers through or over a cloud solution. Examples are SECaaS, IPaaS, FaaS, ITaaS, and MaaS.

Answer 135

A

is based on the concept of eliminating the duplication of OS elements in a virtual machine. Each application is placed into a container that includes only the actual resources needed to support the enclosed application, and the common or shared OS elements are then part of the hypervisor.

Answer 136

A

Serverless architecture is a cloud computing concept where code is managed by the customer and the platform (i.e., supporting hardware and software) or server is managed by the cloud service provider (CSP). There is always a physical server running the code, but this execution model allows the software designer/architect/programmer/developer to focus on the logic of their code and not have to be concerned about the parameters or limitations of a specific server. This is also known as function as a service (FaaS).

Answer 137

A

is typically designed around a limited set of specific functions in relation to the larger product to which it is attached.

Answer 138

A

is similar to but less complex than a system on a chip (SoC). A microcontroller may be a component of an SoC. A microcontroller is a small computer consisting of a CPU (with one or more cores), memory, various input/output capabilities, RAM, and often nonvolatile storage in the form of flash or ROM/PROM/EEPROM. Examples include Raspberry Pi, Arduino, and FPGA.

Answer 139

A

Static systems/environments are applications, OSs, hardware sets, or networks that are configured for a specific need, capability, or function, and then set to remain unaltered.

Answer 140

A

Network-enabled devices are any type of portable or nonportable device that has native network capabilities. Network-enabled devices may be embedded systems or used to create embedded systems. Network-enabled devices are also often static systems.

Answer 141

A

Cyber-physical systems refer to devices that offer a computational means to control something in the physical world. In the past these might have been referred to as embedded systems, but the category of cyber-physical seems to focus more on the physical world results rather than the computational aspects.

Answer 142

A

Static environments, embedded systems, network-enabled devices, cyber-physical systems, HPC systems, edge computing devices, fog computing devices, mobile devices, and other limited or single-purpose computing environments need security management. These techniques may include network segmentation, security layers, application firewalls, manual updates, firmware version control, wrappers, and control redundancy and diversity.

Answer 143

A

systems are computing platforms designed to perform complex calculations or data manipulations at extremely high speeds. Supercomputers and MPP solutions are common examples of HPC systems.

Answer 144

A

is designed to process or handle data as it arrives on the system with minimal latency or delay. An RTOS is usually stored on read-only memory (ROM) and is designed to operate in a hard real-time or soft real-time condition.

Answer 145

A

Edge computing is a philosophy of network design where data and the compute resources are located as close as possible in order to optimize bandwidth use while minimizing latency. In edge computing, the intelligence and processing are contained within each device. Thus, rather than having to send data off to a master processing entity, each device can process its own data locally.

Answer 146

A

is another example of advanced computation architectures, which is also often used as an element in an IIoT deployment. Fog computing relies upon sensors, IoT devices, or even edge computing devices to collect data, and then transfer it back to a central location for processing. Thus, intelligence and processing is centralized.

Answer 147

A

A rootkit is malware that embeds itself deep within an OS. The term is a derivative of the concept of rooting and a utility kit of hacking tools. Rooting is gaining total or full control over a system.

Answer 148

A

Some forms of attack occur in slow, gradual increments rather than through obvious or recognizable attempts to compromise system security or integrity. Two such forms of attack are data diddling and the salami attack.

Answer 149

A

where access to object is granted based on subject, objects AND environmental conditions

Answer 150

A

EAL1 - Functionally Tested
EAL2 - Structurally Tested
EAL3 - Methodically tested and checked
EAL4 - Methodically designed, tested and reviewed
EAL5 - Semi-formally designed and tested
EAL6 - Semi-formally verified design and tested
EAL7 - Formally verified design and tested

Answer 151

A

Provide six framework: What, Where, Who, When, Why, and How (5W+1H) and mapping those framework to rules for: example, planner, owner, designer, builder

Brainscape's Knowledge GenomeTM

Domain 3 - Security Architecture and Engineering Flashcards

Brainscape's Knowledge Genome^TM