Domain 3: Security Architecture and Engineering

Question 1

What shode be done Once security is integrated as an important part of the design?

Answer 1

engineered, implemented, tested, evaluated, and potentially certified and accredited.

Question 2

How do we know if a product provides security?

Answer 2

CIA! The product must be evaluated against the availability, integrity, and confidentiality it claims to provide.

Question 3

What is System Architecture?

Answer 3

Architecture Fundamental organization of a system embodied in its components, their relationships to each other and to the environment, and the principles guiding its design and evolution.

Question 4

Components of Computer Architecture

Answer 4

1. Input Unit and associated Peripherals
2. Output unit and associated peripherals
3. Storage unit/ memory
4. Central processing unit (CPU)
5. Operating system (OS)

Question 5

The FIVE responsibilities of memory manager are:

Answer 5

1. Relocation
2. Protection
3. Sharing
4. Logical Organization
5. Physical Organization

Question 6

Protection rings architecture

Answer 6

*Ring 0 Operating system kernel
*Ring 1 Remaining parts of the operating system
*Ring 2 I/O drivers and utilities
*Ring 3 Applications and user activity

Question 7

Types of OS Architecture

Answer 7

1. monolithic operating system architecture
2. Layered operating system architecture

Question 8

What is virtual machine?

Answer 8

a computer system created using software on one physical computer in order to emulate the functionality of another separate physical computer

Question 9

What are the benefits of using a VM?

Answer 9

*Savings on hardware
* Under-utilized server (DHCP)
*Environmental costs
* Rack space, power consumption
*Management and administration
* Legacy applications can run in virtual machines

Question 10

BIba model rules :

Answer 10

Biba has three main rules to provide this type of protection:
*integrity axiom
*Simple integrity axiom
*Invocation property

Question 11

Bell-LaPadula Model rules:

Answer 11

Simple Security, Star Property, and Strong Star Property

Question 12

Graham-Denning Model primarily concerned:

Answer 12

1. how subjects and objects are created,
2. how subjects are assigned rights/privilege, and
3. how ownership of objects is managed

Question 13

What is cryptography?

Answer 13

Cryptography is a method of storing and transmitting data in a form that only those it is intended for can read and process.The science of protecting information by encoding information into unreadable formats.

Question 14

Types of Ciphers:

Answer 14

Substitution Cipher
Transposition Cipher

Question 15

What is Cryptanalysis?

Answer 15

Cryptanalysis is the science of studying and breaking the secrecy of encryption processes

Question 16

Types of encryption

Answer 16

Symmetric encryption
Asymmetric encryption

Question 17

Steganography

Answer 17

The process of hiding data in another media type so the existence of data is concealed