Domain 3: Security Architecture and Engineering 13% Flashcards

Question 1

Q

DAC (Discretionary Access Control)

Answer

A

gives the subjects full control of objects they have created or been given access to.

Question 2

Q

MAC (Mandatory Access Control)

Answer

A

is system-enforced access control based on a subject’s clearance and an object’s labels.

Question 3

Q

RBAC (Role Based Access Control)

Answer

A

is where access to objects is granted based on the role of the subject.

Question 4

Q

ABAC (Attribute Based Access Control)

Answer

A

is where access to objects is granted based on subjects, objects AND environmental conditions.

Question 5

Q

RUBAC (Rule Based Access Control)

Answer

A

is access that’s granted based on IF/THEN statements.

Question 6

Q

Bell-LaPadula: Confidentiality (MAC)

Answer

A

Simple Security Property “No Read UP”
Security Property “No Write DOWN”
StrongProperty “No Read or Write UP and DOWN”

Question 7

Q

BIBA: Integrity (MAC)

Answer

A

Simple Integrity Axiom “No Read DOWN”
*Integrity Axiom “No Write UP”
Invocation Property “No Read or Write UP”

Question 8

Q

Lattice Based Access Control (LBAC)(MAC)

Answer

A

e.g. “Top Secret” crypto. chemical

Question 9

Q

Graham-Denning Model

Answer

A

uses Objects, Subjects, and Rules. The 8 rules that a specific subject can execute on an object are:

Transfer Access
Grant Access
Delete Access
Read Object
Create Object
Destroy Object
Create Subject
Destroy Subject.

Question 10

Q

HRU model (Harrison, Ruzzo, Ullman)

Answer

A

An OS level comp security model that deals with the integrity of access rights in the system. It is an extension of the Graham-Denning model. Considers Subjects to be Objects too. 
Uses 6 primitive operations: 
1. Create object
2. Create subject
3. Destroy subject
4. Destroy object
5. Enter right into access matrix
6. Delete right from access matrix.

Question 11

Q

Clark-Wilson - Integrity

Answer

A

Separates end users from the backend data through ‘Well-formed transactions’ and ‘Separation of Duties’. The model uses Subject/Program/Object

Question 12

Q

Separation of duties

Answer

A

The certifier of a transaction and the implementer are different entities. The person making purchase orders should not be paying the invoices.

Question 13

Q

Well-formed transactions

Answer

A

is a series of operations that transition a system from one consistent state to another consistent state.

Question 14

Q

Brewer-Nash (Chinese Wall or Informaton Barriers)

Answer

A

Designed to provide controls that mitigate conflict of interest in commercial orgs, and is built upon an information flow model. No information can flow between the subjects and objects in a way that would create a conflict of interest.

Question 15

Q

Non-Interference Model

Answer

A

Ensures that any actions that take place at a higher security level do not affect, or interfere with, actions that take place at a lower level. The model is not concerned with data flow, but with what a subject knows about the state of the system. Any change by a higher level subject, will never be noticed by a lower level subject.

Question 16

Q

Take-Grant Protection Model

Answer

A

Uses rules that govern the interactions between subjects and objects. It uses permissions that subjects can grant to (or take from) other subjects. It has 4 rules:
1. Take rule allows a subject to take rights of another object. 2. Grant rule allows a subject to grant own rights to another object. 3. Create rule allows a subject to create new objects. 4. Remove rule allows a subject to remove rights it has over another object.

Question 17

Q

Access Control Matrix

Answer

A

Model describing the rights of every subject for every object in the system.

Question 18

Q

Zachman Framework (for Enterprise Architecture)

Answer

A

Provides 6 frameworks: What, How, Where, Who, When, Why

Mapping those frameworks to rules for: Planner, Owner, Designer, Builder, Programmer, User

Question 19

Q

Dedicated security mode

Answer

A

All users must have:
Signed NDA for ALL information on the system. Proper clearance for ALL information on the system. Formal access approval for ALL information on the system. A valid need to know for ALL information on the system. All users can access ALL data

Question 20

Q

System high security mode

Answer

A

All users must have: Signed NDA for ALL informaton on the system. Proper clearance for ALL information on the system. Formal access approval for ALL information on the system. A valid need to know for SOME information on the system. All users can access SOME data, based on their need to know.

Question 21

Q

Compartmented security mode

Answer

A

Signed NDA for ALL informaton on the system. Proper clearance for ALL information on the system. Formal access approval for SOME information on the system. A valid need to know for SOME information on the system. All users can access SOME data, based on their need to know and formal access approval.

Question 22

Q

Multilevel security mode - (Controlled Security Mode)

Answer

A

Signed NDA for ALL informaton on the system. Proper clearance for SOME information on the system. Formal access approval for SOME information on the system. A valid need to know for SOME information on the system. All users can access SOME data, based on their need to know, clearance and formal access approval.

Question 23

Q

The Orange Book

Answer

A

DOD Trusted Computer Systems Evaluations Criteria (TCSEC)

Question 24

Q

ITSEC (The European Info Tech Sec Evaluation Criteria)

Answer

A

Was the first successful int model. Contains a lot of references from The Orange Book, but both are retired now.

Question 25

Q

The International Common Criteria (ISO/IEC 15408)

Answer

A

Common Criteria evaluations are performed on computer security products and systems. To be of practical use, the evaluation must verify the target’s security features. This is done through the following: Target of Evaluation, Protection Profile, Security Target.

Question 26

Q

The International Common Criteria (ISO/IEC 15408) Evaluation Assurance Level (EAL)

Answer

A

How did the product score on the testing? EAL Level 1-7
EAL1: Functionally Tested
EAL2: Structurally Tested
EAL3: Methodically Tested and Checked
EAL4: Methodically Designed, Tested, and Reviewed.
EAL5: Semi-formally Designed and Tested
EAL6: Semi-formally Verifed Design and Tested
EAL7: Formally Verified Designed and Tested.

Question 27

Q

Layering

Answer

A

Separates hardware ans software functionality into layers.Layers can influeence layers next to themselves, but not past that.

Question 28

Q

Abstraction

Answer

A

Hiding unnecessary details fro teh user, it provides a seamless experience for the user, they don’t see the millions of background calculations.

Question 29

Q

Security Domains

Answer

A

A list of Objects a Subject is allowed to access, groups of Objects and Subjects with similar security requirements.

Question 30

Q

Kernel mode (Supervisor mode)

Answer

A

is where the kernel lives, allowing low-level unrestricted access to memory, CPU, disk, etc. Crashes are not recoverable

Question 31

Q

User mode (Problem mode)

Answer

A

has no direct access to hardware, it is directed through an API. Crashes are recoverable. This is most of what happens on a PC.

Question 32

Q

Open systems

Answer

A

use open standards, and can use standard components from multiple vendors.

Question 33

Q

Closed systems

Answer

A

use proprietary hardware and software. This is “security through obscurity.”

Question 34

Q

The Ring Model

Answer

A

4-ring model that seperates Users (Untrusted) from the Kernel (Trusted). 
Ring 3: User applications
Ring 2: Device drivers
Ring 1: Other OS
Ring 0: Kernel
Ring -1: Hypervisor mode

Question 35

Q

Northbridge (Mem controller Hub)

Answer

A

connected to it are: CPU, Video mem, RAM, and Southbridge

Question 36

Q

Southbridge

Answer

A

connected to it are: Mouse/keyboard, HD, USB, CD DVD

Question 37

Q

CPU

Answer

A

contains Arithmetic logic unit (ALU) for math functions and Control Unit (CU) traffic cop.

Question 38

Q

CPU 4 base functions

Answer

A

Fetch, Decode, Execute, Store

Pipelining- combining multiple steps into one process: can do many functions in same clock cycle.

Question 39

Q

CPU Interrupt

Answer

A

An interrrupt is a signal to the processor emitted by hardware or software indicating an event that needs immediate attention.

Question 40

Q

CPU Process

Answer

A

An executable program and its associated data loaded and running in memory. A heavy weight process (HWP) is also called a task. A parent process may spawn additional child processes called threads.

Question 41

Q

CPU Thread

Answer

A

Light Weight Process (LWP) Threads can share memory, resulting in lower overhead compared to heavy weight processes.

Question 42

Q

CPU Multithreading

Answer

A

is teh ability of a CPU or single core in a multi-core processor to execute multiple processes or threads concurrently, appropriately supported by the OS.

Question 43

Q

CPU multiprocessing

Answer

A

A comp using more than one CPU at a time for a task.

Question 44

Q

CPU Multitasking

Answer

A

tasks sharing a common resource ( 1 CPU)

Question 45

Q

CPU Multiprogramming

Answer

A

A computer running more than one program at a time (Word and Chrome at the same time).

Question 46

Q

CPU Memory protection

Answer

A

prevents one process from affecting the confid, integr, or availability of another.

Question 47

Q

CPU Process isolation

Answer

A

is a logical control that tries to prevent one process from Interfering with another.

Question 48

Q

CPU Hardware segmentation

Answer

A

takes that a step furhter by mapping processes to specific memory locations.

Question 49

Q

CPU Virtual Mem

Answer

A

provides virtual address mapping between applicaitons and hardware memory.

Question 50

Q

CPU Swapping

Answer

A

moves entire processes from primary mem (RAM) from/to secondary mem (HD)

Question 51

Q

CPU Paging

Answer

A

copies a block from primary memory (RAM) from/to secondary mem (HD)

Question 52

Q

BIOS

Answer

A

(Low level OS) BIOS runs a asic POST. Once the POST process is complet and successful, it locates the boot sector for the OS. The Kernel loads and exe, and teh OS boots. BIOS is stored on ROM most likely EEPROM

Question 53

Q

WORM Media (Write Once Read Many)

Answer

A

CD/DVDs can be WORM media (R)

Question 54

Q

TPM (Trusted Platform Module)

Answer

A

Is an int std for secure cryptoprocessor, which is dedicated microcont designed to secure hrdwr by integrating cryptographic keys into devices. Its is most commonly used to ensure boot integrity.

Question 55

Q

Data Execution Prevention (DEP)

Answer

A

is a security feature that can prevent damage to your computer from viruses and other security threats.

Question 56

Q

Address Space Layout Randomization (ASLR)

Answer

A

is a memory-protection proess for OS’; it guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.

Question 57

Q

At the core of the OS is the Kernel

Answer

A

It interfaces between the OS (and applications) and the hardware.

Question 58

Q

Monolithic kernel

Answer

A

is one static executable and the kernel runs in supervisor mode.

Question 59

Q

Microkernels

Answer

A

are modular kernels

Question 60

Q

Reference monitor

Answer

A

is a core function fo the kernel; it handles all access between subjects and objects. It is always on and can’t be bypassed.

Question 61

Q

Windows NTFS

Answer

A

is a type of DAC (Discretionary Access Control)

Question 62

Q

Virtualization

Answer

A

we have many servers (clients) on the same hardware platform (host). Virtualization is software running under the OS and above the Hardware (Ring-1)

Question 63

Q

Hypervisor

Answer

A

control the access between the virtual guest/clients and the host hardware.

Question 64

Q

Type 1 hypervisor (Bare Metal)

Answer

A

is a part of a Virtualization OS that runs on top of the host hardware.

Answer 65

A

runs on top of a regular OS like Win 10.

Answer 66

A

is when an attacker can jump from the host or a client to another client.

Answer 67

A

There is no ‘Cloud’ it is just another computer somewhere else.

Answer 68

A

The vendor provides infrasturcutre up to the OS, the customer adds the OS and up.

Answer 69

A

The vendor provides the OS and applications/programs. (O365, Gmail, Payroll)

Answer 70

A

The vendor provides pre-configured OSs, then the customer adds all the programs and applications.

Answer 71

A

can make use of resources not currently in use from 100 or 100,000’s of computers to perform very complex tasks.

Answer 72

A

Any system can be a client and/ or a server. Most commonly used on torrent networks.

Answer 73

A

Anything that connects to the Internet is some way (that didn’t before)

Answer 74

A

often Electromagnetic Emanations. Info that can be disseminated from the electrical changes from a system or a wire.

Answer 75

A

Creates the capability to transfer info. using channels not intended to do so.

Answer 76

A

Operations that affect the “real response time observed” by the receiver.

Answer 77

A

Hidden info through the modification of a stored object.

Answer 78

A

hiding a message within another media

Answer 79

A

encode data into a file

Answer 80

A

require some sort of huma interaction and are often transmitted by USB or other portable devices.

Answer 81

A

Change their signature to avoid the antivirus signature definitions

Answer 82

A

Spread across multiple vectors. They are often hard to get rid of because even if you clean the file infections, the virus may still be in the boot sector and vice-versa.

Answer 83

A

spread through self propagation.

Answer 84

A

malicous code embedded in a program that is normal

Answer 85

A

replaces some of the OS/Kernel with a malicous payload.

Answer 86

A

Malicious code that executes at a certian time or event.

Answer 87

A

Programs to compress *.exe files, which can be used to hide malware in an executable, neutral tech.

Answer 88

A

Signature based - looks for known malware signatures

Heuristic (Behavioral) based - looks for a abnormal behavior

Answer 89

A

Attack directly from an attacker to a target.

Answer 90

A

The client initiates, then gets infected with malicious constent usually from web browsers or IM apps (You go to them)

Answer 91

A

small apps often embedded into other software (web browser)

Answer 92

A

applets run in a sandbox environment - segmenting the Java from the OS (limiting some threats); OS agnostic

Answer 93

A

runs with certificates (not sandbox) - since Active x is a MS prod it interacts more with the OS (Win only)

Answer 94

A

is a style of software design where services are provided to the other components by application components, through a communication protocol over a network.

Answer 95

A

Two (or more) instances of the same file depending on who accesses it.

Answer 96

A

is a collection of gathering of data together for the purpose of statistical analysis.

Answer 97

A

requires deducing from evidence and reasoning rather than from explicit statements

Answer 98

A

is the computing process of discovering patterns in large data sets.

Answer 99

A

is looking at what normal operations look like, then allowing us to more proactively identify abuse from insider threats or compromised accounts.

Answer 100

A

is a general term for several types of control sys and associated inst used in indust prod technology

Answer 101

A

is a control sys arch that uses comp, network data comm and GUI for high-level process supervisory management.

Answer 102

A

is a comp control sys for a process or plant in which autonomous controllers are distributed throughout the system, but there is central operator supervisory control.

Answer 103

A

is an industrial digital computer which has been ruggedized and adapted for the control and manufacturing processes.

Answer 104

A

a set of comm protocols used between components in process automation systems. Comm between a master station and remote terminal units (RTU) or IEDs.

Answer 105

A

is the science of securing comm

Answer 106

A

creates messages where the meaning is hidden

Answer 107

A

is the science of breaking encrypted communication.

Answer 108

A

is a cryptographic algorithm.

Answer 109

A

is an encrypted message

Answer 110

A

converts the plaintext to a ciphertext

Answer 111

A

turns ciphertext back into plaintext

Answer 112

A

Use of a well-known text (Often a book) as the key.

Answer 113

A

uses a well-known test as a key as well, but uses a previously agreed upon phrase

Answer 114

A

Substitues one letter for another - T would be W

Answer 115

A

Similar but uses different starting points each round

Answer 116

A

analyzing the frequency of a certain character - In English E is used 12.7% of the time

Answer 117

A

XOR is very useful in basic cryptography; we add a key to the plaintext to make the ciphertext

Answer 118

A

is the relationship between the plaintext and ciphertext; it should be as random (confusing) as possible

Answer 119

A

is how the order of the plaintext should be “diffused (dispersed) in the ciphertext

Answer 120

A

replaces one character for another, this provides diffusion

Answer 121

A

provides confusion by rearranging the characters of the plaintext

Answer 122

A

Message written lenghtwise on a long thin piece of parchment wrapped arond a certain size round stick.

Answer 123

A

Done by switching letters a certain numbers of spots in the alphabet.

Answer 124

A

a polyslphabetic cipher. The alphabet is repeated 26 times to form a matrix (Vigenere Square)

Answer 125

A

2 concentric disks with alphabets on them

Answer 126

A

rotary based. Breaking the Enigma was responsible for ending the war early and saving millions of lives.

Answer 127

A

Japanese rotary based, very similar to the Enigma

Answer 128

A

Cryptogrpahic algorithm where plaintext is combined with a random key. It is the only existing mathematically unbreakable encryption.

Answer 129

A

First known use of a one-time pad.

Answer 130

A

was a project by the US and UK to break KGB’s encryption from 1943 to 1980 only broken because KBG reused pads.

Answer 131

A

a cipher sys using a set of wheels or disks, each with the 26 letters of the alpha bet arranged around the edge.

Answer 132

A

A rotor machine used by the US throughout WW2 similar to the Enigma. It used 3x 5 sets of rotors

Answer 133

A

was used to prevent export of “Critical Technologies” from Western countries to the Iron Curtain

Answer 134

A

currently in use. Limits exports on military and dual-use tech. Cryptography is part of that.

Answer 135

A

Pros: It does not need a pre-shared key, only 2x users = total keys
Cons: It is much slower, it is weaker per bit.

Answer 136

A

Pros: Much faster, stronger per bit. Cons: Needs a pre-shared key, n(n-1)/2 users, become unmanageable with many users.

Answer 137

A

Uses Asymmetric encryption to share a Symmetic Key (session key)

Answer 138

A

For the exam it may be called DEA (algorithm) or DES (standard) Symmetric - 64 bit block cipher - 56 bit key. Has 5 different modes it can encrypt data with, they include: Block, Stream, Initialization Vector, if errors occurr they propagate to teh next block.

Answer 139

A

Symmetric - 64 bit block cipher - 56 bit key. K1 (keymode1) - 3 different keys with 112 bit key strength. Considered secure until 2030 and is still commonly used

Answer 140

A

Symmetric, 128bit key, 64 bit block size, considered safe. Not widely used now, since it is patented and slower than AES

Answer 141

A

Symmetric, considered secure, open source, 4x4 column-major order matrix of bytes

Answer 142

A

each byte is combined with a block of the round key using bitwise XOR

Answer 143

A

a non-linear subsititution step where each byte is replaced with another according to a lookup table.

Answer 144

A

a transportation step where the last three rows of the state are shifted a certain number of steps.

Answer 145

A

a mixing operation which operates on the columns, combining the four bytes in each column

Answer 146

A

subbytes, shiftrows, addrounkey

Answer 147

A

10 cycles for 128-bit keys
12 cycles for 192-bit keys
14 cycles for 256-bit keys

Answer 148

A

publish domain, uses Fistel, no longer considered secure

Answer 149

A

uses Fistel, considered secure

Answer 150

A

The cipher splits a plaintext block into two halves (L and R) The process goes through several rounds, the right half of the block does not change. The right half is XOR’ed with a subkey for each round.

Answer 151

A

Used by WEP/WPA/SSL/TLS

Pseudorandom keystream, no longer considered secure, Symmetric, Stream cipher, 40-2048 bit key lenght

Answer 152

A

Symmetric, block cipher, 32, 64,128bit blocks, key length 0-2040 bits, uses Fistel. considered secure (if enough blocks/key)

Answer 153

A

AES Finalist, based on RC5, but changed to meet AES require, uses Fistel, Symmetric, Block Cipher, 128bit blocks, 128, 192, 256 bit key length, considered secure

Answer 154

A

DH and RSA, uses 2 keys: a Public Key and a Private Key (key pair). Public key is publicly available, used by others to encrypt messages sent to you. Private key (you keep safe) used to decrypt messages sent with your public key. Also used for digital signatures, slightly reversed. You encrypt with your private key and teh recipient decrypts with your public key.

Answer 155

A

factoring large Prime numbers using a one-way factorization - It is easy to multiply 2 numbers, but hard to discern the 2 numbers multiplied form the result.

Answer 156

A

one way function - this one uses logarithms, which is teh opposite fo expenentiation.

Answer 157

A

new keypari from very large prime numbers - creates public/private key pair. Used to exchange symmetric keys, it is slow, Asymmetric, 1094-4096bit key, considered secure.

Answer 158

A

DH, ECC, RSA, El Gamal, DSA, Knapsak

Answer 159

A

was one of the 1st public key protocols

Answer 160

A

often found in low-power devices

Answer 161

A

used in GNU Privacy Guard software and PGP

Answer 162

A

no longer considered secure

Answer 163

A

are used for Integrity. A variable-lenght plaintext is hashed into a fixed-length value hash or MD (Message Digest). It is used to prove the Integrity of the data has not changed. Just 1 bit change completely changes the hash. Variable-lenght input, fixed-length output.

Answer 164

A

When 2 hashes of different data provide the same has.

Answer 165

A

128-bit Fixed-lenght has, used very widely until a flaw was found.

Answer 166

A

Was not used for very long, was supposed to replace MD5, but SHA2/3 were better.

Answer 167

A

160bit Hash Value. Found to have weak collision avoidance, but still commonly used.

Answer 168

A

Considered collision resistant. Somewhat used now, relatively new.

Answer 169

A

Finalized in August 2015

Answer 170

A

The MD length is variable 128,169,192,224,256bits. Uses the MD design principles, but is faster. Not widely used.

Answer 171

A

Developed outside of defense to ensure no gov backdoors. Not widely used, no longer secure

Answer 172

A

Redesigned, fixing flaws of RIPEMD. 160bit hashes. Not widely used. Considered secure.

Answer 173

A

random data that is used as an additional input to a 1-way function that “hashes” a password or passphrase. Defends against dictionary attacks or rainbow table attack.

Answer 174

A

Random number issed in an authentication protocol to ensure that old comm cannot be be reused in reply attacks.

Answer 175

A

Modern enryption is so difficult to break, it is easier to recover the private key. Law enfrocement does this with search warrants. Attackers do this by gaining access to your system or key repository.

Answer 176

A

Uses the entire key space (every possible key); with enough time, any plaintext can be decrypted. Effective against all key-based ciphers except the one-time pad.

Answer 177

A

adding 1-2 seconds to password verification

Answer 178

A

Similar to frequency analysis/attacks, but looks at common pairs of letters (th, he, in, er)

Answer 179

A

The attacker secretly relays and may alter communication between 2 parties, who believe they are directly comm with each other.

Answer 180

A

An attacker takes over a web user’s session ID and masquerades as the authorized user.

Answer 181

A

much easier than breaking the key is convincing the key holder to hand it over to the “help desk”

Answer 182

A

pre-made list of plaintext and matching ciphertext. Often passwords and matching Hashes.

Answer 183

A

you know the plaintext and the ciphertext, and using those you try to figure out the key.

Answer 184

A

similar to known plaintext, but the attacker choses the plaintext, then tries to figure out the key.

Answer 185

A

Same as Chosen Plaintext, the attacker “adapts” the following rounds dependent on the previous rounds.

Answer 186

A

A known plaintext attack, the intruder has to know some parts of plaintext and their ciphertexts, used to break ciphers, which have two or more secrets key for multiple encryption using the same algorithm.

Answer 187

A

the attacker knows something about the key, making it easier to break it.

Answer 188

A

Tries to find the “difference” between the related plaintexts

Answer 189

A

A type of known plaintext attack where the attacker has a lot of plaintext/ciphertext pairs created with the same key.

Answer 190

A

is Differential and Linear Cryptanalysis combined.

Answer 191

A

Attackers use physical data to break a crypto sys. This can be CPU cycles, power consumption while encrypting/decrypting

Answer 192

A

Some vulnerability is left from the implementation of the application, system or service.

Answer 193

A

When 2 different Symmetric Keys used on the same plaintext produces the same ciphertext, both can decrypt ciphertext from teh other key.

Answer 194

A

Uses Asymmetric and Symmetric Encryption as well as Hashing to provide and manage digital certficates. To ensure PKI works well, we keep the private key secret.

Answer 195

A

keys are kept by a 3rd party org (often law enforcement)

Answer 196

A

are public signed with a digital signature

Answer 197

A

SSL for ie - is assigned to the server (stored on the server)

Answer 198

A

Digital Signature - is assigned to a person (stored on your PC)

Answer 199

A

Issues and revokes certificates. Can be internal or public (Verisign or GoDaddy)

Answer 200

A

Done within an organization. Authenticates the certificate holder prior to certificate issuance.

Answer 201

A

Maintained by the CA. Certificates are revoked if a private key is compromised, if an employee leaves the organization. Server side, starting to be replace by OCSP (client/server side hybrid)

Answer 202

A

Client/server hybrid, better balance, faster, keeps lists of revoked certificates.

Answer 203

A

a chipset developed and promoted by NSA was abandoned after public outcry, and was later found to have many security flaws.

Answer 204

A

provide integrity and non-repudiation

Answer 205

A

Set of protocols that provide cryptographic layer to IP traffic (IP v4/v6). Is often used for VPNs.

Answer 206

A

Provides Authentication and Integrity for each packet. Does not provie confidentiality. Protects against “replay attacks”

Answer 207

A

Provides confidentiality. It can provide Authentication and Integrity.

Answer 208

A

Simplex one-way comm (like walkie talkie). Can be used to negotiate ESPor AH parameters. If 2 sys use ESP they need 2 channels. If they use AH and ESP, they will use 4 SA’s

Answer 209

A

Manages the SA creation process and key exchange mechanics.

Answer 210

A

encrypts and authenticates the entire package (including headers)

Answer 211

A

only encrypts and authenticates the payload. This is used for systems that speak ITSEC.

Answer 212

A

IPSEC can use different types of encryp and hashes. IKE negotiates the highest and fastest level of security algorithm

Answer 213

A

Provides privacy and authentication for data comm. Can provide confidentiality, integrity, authentication, and non-repudiation

Answer 214

A

provides a standard way to format email, including characters, sets, and attackments.

Answer 215

A

uses PKI to encryt and authenticate MIME-encoded email. The client or client’s email server (called an S/MIME gateway) can perform the encryption.

Answer 216

A

Hash function using a key. Provides integrity and authenticity.

Answer 217

A

A pre-shared key is exchanged. The sender uses XOR to combine the plaintext with a shared key, then hashes the output using a hashing algorithem.

Answer 218

A

currently on v3. Mostly used for web traffic

Answer 219

A

More secure than SSL v3. Less commonly used for securing web traffic. Used mostly for Internet chat and email client access.

Answer 220

A

prevents actions from happening - Tall fences, locked doors, bollards

Answer 221

A

controls that detect an attack (before, during or after) - CCTV, alarms

Answer 222

A

controls that deter an attack - fences, security guards, dogs, lights, Beware of Dog signs

Answer 223

A

compensate other controls that are impossible or too costly to implement.

Answer 224

A

controls that give us admin framework - compliance, policies, procedures.

Answer 225

A

Class 1 residential, Class 2 Commercial/General Access, Class 3 Industrial/Limited access (18-wheeler loading dock), Class 4 Restricted access (airport or prison)

Answer 226

A

Can be copied and replicated without the key from either the numbers or a photo of it.

Answer 227

A

a lock mech that uses pins of varying lengths to prevent the lock form opening without the correct key.

Answer 228

A

with a lock pick sets or bumping, opening a lock without the key.

Answer 229

A

using a shaved-down key that matches the lock, the attacker “bumps” the key handle with a hammer or screwdriver which makes the pins jump, then the attacker quickly turns the key.

Answer 230

A

open any lock in a given area or security zone.

Answer 231

A

used to remoe a lock core in “interchangeable core locks.”

Answer 232

A

Not very secure and have limited accountability even with unique codes. Should be used for low security areas.

Answer 233

A

They contain a computer circuit, using Integrated Circuit Card. Contact cards need to be inserted into a machine to be read. Contactless cards can be read by proximity.

Answer 234

A

swiped through a reader, no circuit. Very easy to duplicate.

Answer 235

A

a room with 2 doors; door 1 must close completely before door 2 can be opened.

Answer 236

A

All storage media should be encrypted.

Answer 237

A

Blackout = long loss of power, fault = short loss of power, brownout = long low voltage, Sag = short low voltage, Surge = long high voltage, Spike = Short high voltage.

Answer 238

A

Distrubance generated by an external source that affects an electical circuit by electromagnetic induction, electrostatic coupling, or conduction.

Answer 239

A

fiber > copper, because fiber is way more secure.

Answer 240

A

common temp levels ranage from 68-77 F with an allowable range of 59- 90F

Answer 241

A

Keeping positive pressure keeps outside contaminanats out.

Answer 242

A

should be kept between 40 and 60% (Relative Humidity)

Answer 243

A

You may like your servers more, but save the co-workers first.

Answer 244

A

is dont by removing one of the 3 requirements a fire has: oxygen (Halon,FM200,Argon), heat (chem/water), fuel (equipment).

Answer 245

A

Ordinary combustibles

Answer 246

A

Electrical equipment

Answer 247

A

for different temperatures: Oranage, Red, maybe Yellow.

Answer 248

A

not advisable in data center has water in the pipe.

Answer 249

A

sprinkler heads are closed. Pipe contains compressed air and a valve that stays shut as long as the air is present.

Answer 250

A

Sprinkler heads are open. Similar to Dryp Pipe, but sprinkler head is open, a deluge valve holds water back; normal air in pipers.

Answer 251

A

Single interlock: water released into pipes when teh fire alarm goes off, and when head opens. Double interlock: Similar to Dry Pipe, water not released until fire alarm and the sprinkler is open.

Answer 252

A

Should only be used in unmanned areas.

Answer 253

A

industry standard for protecting high-value assets. No longer used. Montreal Accord stopped the use of Halon except.

Answer 254

A

Data class C, Office class A
PASS method to extingush a fire. 
Pull the pin in the handle
Aim at the base of the fire
Squeeze the lever slowly
Sweep from side to side

Answer 255

A

primarily used for metal fires

Answer 256

A

most common extinguishers.

Answer 257

A

Normal compustibles

Answer 258

A

Flamible liquid and gasses

Answer 259

A

Electric equipment

Answer 260

A

Oils and fats

Answer 261

A

Compustible metals

Brainscape's Knowledge GenomeTM

Domain 3: Security Architecture and Engineering 13% Flashcards

Brainscape's Knowledge Genome^TM