Domain 3-Security Engineering (Engineering and Management of Security)

Question 1

Bell-LaPadula

Answer 1

No Read Up, confidentiality , Simple Security Property and the * Security Property

Question 2

Simple Security Property

Answer 2

no read up

Question 3

Security Property

Answer 3

a subject at a higher classification level cannot write to a lower classification level.

Question 4

Strong Tranquility Property

Answer 4

states that security labels will not change while the system is operating

Question 5

Weak Tranquility

Answer 5

Property states that security labels will not change in a way that conflicts with defined security properties

Question 6

Lattice-based access

Answer 6

allows security controls for complex environments

Question 7

Simple Integrity Axiom

Answer 7

no read down:” a subject at a specific classification level cannot read data at a lower classification. This prevents subjects from accessing information at a lower integrity level. This protects integrity by preventing bad information from moving up from lower integrity levels.

Question 8

Integrity Axiom

Answer 8

“no write up:” a subject at a specific classification level cannot write to data at a higher classification.

Question 9

Clark-Wilson

Answer 9

is a real-world integrity model that protects integrity by requiring subjects to access objects via programs.

Question 10

Clark-Wilson enforces the concept

Answer 10

separation of duties and transformation procedures within the system.

Question 11

The Chinese Wall model/ Brewer-Nash

Answer 11

by prohibiting one person, such as a consultant, from accessing multiple conflict of interest categories

Question 12

The noninterference model ensures

Answer 12

that data at different security domains remain separate from one another.

Question 13

The noninterference model

Answer 13

ensures that data at different security domains remain separate from one another.

Question 14

The Take-Grant Protection Model

Answer 14

contains rules that govern the interactions between subjects and objects, and permissions subjects can grant to other subjects

Question 15

Harrison-Ruzzo-Ullman Model

Answer 15

In addition to HRU’s different operations, it also differs from Graham-Denning because it considers subjects to be also objects

Question 16

Abstraction

Answer 16

hides unnecessary details from the user.

Question 17

A security domain

Answer 17

is the list of objects a subject is allowed to access. More broadly defined, domains are groups of subjects and objects with similar security requirements.

Question 18

The Ring Model

Answer 18

The ring model is a form of CPU hardware layering that separates and protects domains (such as kernel mode and user mode) from each other

Question 19

The northbridge

Answer 19

is directly connected to the CPU, and is faster than the southbridge.

Question 20

SMP systems

Answer 20

SMP systems have one operating system to manage all CPUs.

Question 21

AMP systems

Answer 21

have one operating system image per CPU, essentially acting as independent systems.

Question 22

A monolithic kernel

Answer 22

is compiled into one static executable and the entire kernel runs in supervisor mode.

Question 23

Microkernels

Answer 23

A microkernel is usually smaller and has less native functionality than a typical monolithic kernel (hence the term “micro”), but can add functionality via loadable kernel modules

Question 24

transparent virtualization

Answer 24

uns stock operating systems, such as Windows 10 or Ubuntu Linux 15.04, as virtual guests. No changes to the guest OS are required.

Question 25

Paravirtualization

Answer 25

uns specially modified operating systems, with modified kernel system calls. Paravirtualization can be more efficient, but requires changing the guest operating systems. This may not be possible for closed operating systems such as the Microsoft Windows family.

Question 26

Covert Storage Channels

Answer 26

A storage channel example uses shared storage, such as a temporary directory, to allow two subjects to signal each other.

Question 27

A covert timing channel

Answer 27

relies on the system clock to infer sensitive information

Question 28

Maintenance hooks

Answer 28

are a type of backdoor; they are shortcuts installed by system designers and programmers to allow developers to bypass normal system checks during development, such as requiring users to authenticate

Question 29

Polymorphic virus

Answer 29

a virus that changes its signature upon infection of a new system, attempting to evade signature-based antivirus software

Question 30

Multipartite virus

Answer 30

a virus that spreads via multiple vectors. Also called multipart virus.

Question 31

A rootkit

Answer 31

is malware that replaces portions of the kernel and/or operating system

Question 32

SOAP (originally an acronym for ‘Simple Object Access Protocol,’ but now simply ‘SOAP’)

Answer 32

provides the connectivity

Question 33

Electronic Code Book (ECB)

Answer 33

is the simplest and weakest form of DES. It uses no initialization vector or chaining. Identical plaintexts with identical keys encrypt to identical ciphertexts. Two plaintexts with partial identical portions (such as the header of a letter) encrypted with the same key will have partial identical ciphertext portions.

Question 34

Cipher Block Chaining (CBC) mode

Answer 34

is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted.

Question 35

One limitation of CBC mode is

Answer 35

that encryption errors will propagate: an encryption error in one block will cascade through subsequent blocks due to the chaining, destroying their integrity

Question 36

he primary difference is CFB is a …….

Answer 36

stream mode.

Question 37

Output Feedback (OFB)

Answer 37

Since the subkey is not affected by encryption errors, errors will not propagate.

Question 38

Counter (CTR)

Answer 38

encryption can be done in parallel

Question 39

Triple DES

Answer 39

the primary weakness is that it is slow and complex compared to newer symmetric algorithms

Question 40

“double DES”

Answer 40

s not used due to a meet-in-the-middle attack: see the “Cryptographic Attacks” section for more information.

Question 41

International Data Encryption Algorithm (IDEA)

Answer 41

the primary drawbacks are patent encumbrance and its slow speed compared to newer symmetric ciphers such as AES

Question 42

AES uses

Answer 42

128-bit (with 10 rounds of encryption), 192-bit (12 rounds of encryption), or 256-bit (14 rounds of encryption) keys to encrypt 128-bit blocks of data

Question 43

A known plaintext attack

Answer 43

relies on recovering and analyzing a matching plaintext and ciphertext pair: the goal is to derive the key that was used.

Question 44

Encrypting without knowing the key is done …

Answer 44

via an “encryption oracle,

Question 45

Linear cryptanalysis

Answer 45

is a known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key

Question 46

Side-channel attacks

Answer 46

use physical data to break a cryptosystem, such as monitoring CPU cycles or power consumption used while encrypting or decrypting.

Question 47

An implementation attack

Answer 47

xploits a mistake (vulnerability) made while implementing an application, service or system.

Question 48

The birthday attack is used

Answer 48

o create hash collisions.

Question 49

Key Clustering

Answer 49

s when two symmetric keys applied to the same plaintext produce the same ciphertext. This allows two different keys to decrypt the ciphertext.

Question 50

A Hashed Message Authentication Code (HMAC)

Answer 50

combines a shared key with hashing. IPsec uses HMACs

Question 51

IPsec (Internet Protocol Security) is a suite of protocols that provide a cryptographic layer to both

Answer 51

to both IPv4 and IPv6.

Question 52

IPsec includes two primary protocols:

Answer 52

Authentication Header (AH) and Encapsulating Security Payload (ESP). AH and ESP provide different, and sometimes overlapping functionality.

Question 53

Authentication Header provides

Answer 53

authentication and integrity for each packet of network data. AH provides no confidentiality; it acts as a digital signature for the data. AH also protects against replay attacks, where data is sniffed off a network and resent, often in an attempt to fraudulently reuse encrypted authentication credentials.

Question 54

Encapsulating Security Payload

Answer 54

primarily provides confidentiality by encrypting packet data. It may also optionally provide authentication and integrity.