Domain 3 set 5

Question 1

Simple Integrity Property

Answer 1

No “read Down”

Biba Model

Question 2

Biba Model two rules and Enforces what?

Answer 2

1. Simple Integrity Property
2. • • Integrity Property

Integrity

Question 3

• • Integrity Property

Answer 3

No “Write Up”

Biba Model

Question 4

A system design to operate at different security levels.

Answer 4

Multilevel Security

Question 5

Bell-LaPadula Model two rules and Enforces what?

Answer 5

1. Simple Security rule “No read up”
2. *-Property Rules “No “write Down”

Confidentiality

Question 6

What are the two Evaluation Models

Answer 6

1. TCSEC (Orange Book)

2. Common Criteria ( international Model)

Question 7

What are the 4 Accreditation options?

Answer 7

1. Authorization To Operate (ATO)
2. Interim Authorization To Operate (IATO)
3. Interim Authorization To Test
4. Denial of Authorization To Operate (DATO)

Question 8

Authorization To Operate good for how long

Answer 8

3 years

Question 9

Interim Authorization To Operate (IATO) good for how long

Answer 9

6 months

Question 10

Accreditation is the same as?

Answer 10

Authorization

Question 11

Type 1 Hypervisor is what?

Answer 11

barebone vm, data center

Question 12

Type 2 Hypervisor is what?

Answer 12

vm on as application on the pc

Question 13

VM escape attack is what?

Answer 13

when an attacker break out of the guest environment

Question 14

What are the three Cloud models?

Answer 14

1. Private Cloud
2. Public Cloud
3. Hybrid Cloud

Question 15

The three type of public cloud service.

Answer 15

SaaS Software as a Service
PaaS Platform as a Service
LaaS Infrastructure as a Service

Question 16

LaaS the Customer is responsible for?

Answer 16

OS
Application
Data

Question 17

PaaS the Customer is responsible for?

Answer 17

Data

Application

Question 18

SaaS the Customer is responsible for?

Answer 18

Data

Question 19

Segmentation Fault

Answer 19

A error that occurs when an application requests unauthorized access to a memory segment

Question 20

What are the two types of Covert channels?

Answer 20

1. Covert Storage Channel (ICMP echo request)

2. Covert Timing Channel ( Port Knocking)

Question 21

Raid 1

Answer 21

Disk mirroring ( 2 disk requested)

Question 22

Raid 5

Answer 22

Disk striping with parity ( 3 disk requested)

Question 23

Raid is what type of technique?

Answer 23

Fault tolerance not a backup strategy

Question 24

applets run on what?

Answer 24

on the client

Question 25

Cache Poisoning Attacks

Answer 25

The insert of false records in local cache

Question 26

two main Data Flow Control issues

Answer 26

1. controlling Bandwidth consumption

2. Understanding sensitive data flows (use data-flow maps)

Question 27

Two database Focused attacks?

Answer 27

Aggregation

Inference

Question 28

aggregation is ?

Answer 28

when a multiple with low-level security clearance may be able to piece together sensitive information combining the facts available to them.

Question 29

Use Key-value stores

Answer 29

No SQL

Question 30

2 defined against SQL injections

Answer 30

1. input Validation

2. Parameterized SQL

Question 31

An Attacks occur when an attacker embeds malicious scripts in a third=party website.

Answer 31

(XSS) Cross-Site Scripting

Question 32

What are the 4 names for a Cross-site request attacks

Answer 32

1. XSS
2. CSRF
3. XSRF
4. Sea Surf

Question 33

3 types of ICS systems?

Answer 33

1. Supervisory control and data acquisition (SCADA)
2. Distributed control systems (DCS)
3. Programmable Logic Controllers (PLC)

Question 34

What is an Embedded system?

Answer 34

An other word for Smart Devices

Question 35

Best controls for Embedded system and mainframe?

Answer 35

Network segmentation and Application firewall

Question 36

Class A Fires

Answer 36

Common Combustibles (Wood, cloth and trash)

Question 37

Class B Fires

Answer 37

Flammable liguids (Gas and oil)

Question 38

Class C Fires

Answer 38

Electrical Fires (data centers)

Question 39

Class D Fires

Answer 39

Heavy Metal (industrial application)

Question 40

Class K Fires

Answer 40

Kitchen fires (fats and cooking oils)