Domain Three: Architecture and Design Flashcards
What are the four main element of code quality and testing ?
Code Analysis, Stress Testing, Model Verification, Version Control
What are the two types of code analysis ?
Dynamic and Static
What is dynamic code analysis ?
Testing during execution by feeding inputs into the application
Fuzzing is a method of dynamic analysis in which a brute force test method is used to detect input and validation issues or vulnerabilities in the system
What is static code analysis ?
Involves examining the code without execution
What is model verification ?
Making sure that the systems does what it is intended to do in an expected manner. Do interdependencies with other functions and apps also behave as expected.
What is stress testing ?
Testing the app for performance bottlenecks under normal conditions. Load testing is the testing under peak conditions over and above stress testing.
What are embedded systems ?
Embedded systems are those that are incorporated into other systems examples are Smart TVs and Washing Machines.
Describe IOT/Smart Devices ?
These are characterised by remote control of the system at hand. You can think of home automation and fitness sensors as being prime examples of this.
During the course of the history of IOT functionality over security was very much the design pattern and it now should be considering that they have access to our biometric data.
What is the problem in terms of security with printers and MFD devices ?
Printers and MFDs are hackable. Printers communicate to servers and computers in a bidirectional manner taking jobs, queuing them and then sending back outcome notifications.
It is perfectly feasible that these devices can send malware back to the server especially as all to often they have been designed for functionality first and security was an afterthought.
What are real time operating systems ?
Characterised by not queuing data and events but operating on them as soon as they arrive. Think of a robot arm in a car assembly plant. The biggest security risk is something interrupting the timing and this often means that they are difficult to take offline to patch and update which in turn increases the security risk.
What are SCADA systems ?
Supervisory Control and Data Acquisition - These systems usually are part of another system that has a physical aspect to them an example being traffic lights.
Traditionally these systems were separated and air gapped so that the only access to them was via external media but they are increasingly becoming connected which has meant a greater security attack surface.
What are the issues of Aircraft and security ?
Physical buttons, switches, gauges etc are replaced with digital devices such as touch screens.
What are the issues of security with Medical devices ?
Often overlooked but these are critical and have to be re-certified everytime they are updated.
What are the issues with unmanned vehicles ?
Popular with military controlled over network connection which makes it an attractive target for hacking.
What are the security issues we should be aware of with vehicles ?
Vehicles are coming with more and more hackable technology.
What is system on a chip ?
These are systems where the software and hardware instructions are all governed from a single chip. Computers are multi chip systems.
What are the uses of benchmarks ?
These are usually guides on the best practice for configuring systems and components.
CIS (Centre for Internet Security)
What are the three ways of implementing defence in depth ?
There are three ways to implement
Vendor Diversity - For example having both windows and linux devices
Control Diversity - Administration controls such as policies and risk assessments and technical controls such as firewalls and IDS/IPS
User Training - Policy and procedure awareness.
Give an example of a non regulatory framework ?
NIST
Give some examples of Physical security controls ?
Lighting - Important to give visibility of action
Signs - Demarcates dangerous or high security areas
Alarms - Warnings
Barricades - Protection of areas
Fencing - Physical around area Cage - Indoor fencing Gate - monitoring on entrance to cage
Bollard - Simple Barricade
Mantraps - Effective against tailgating
Faraday Cages - Used to stop emi
TEMPEST - DoD program to emi and eavesdropping
CCTV - Should be on separate network so they dont provide an entrance to corporate network
Physical Security Logs - Should be taken
Bump Key Resistant Locks - Bump keys are those where the notches are deeply cut allowing an attacker to force the key into the lock and open it
HVAC - Heating, Ventilation, air con
Hot aisles and cold aisles can be used to maintain a data centre temp
Fire suppression systems - dont prevent fires but limit damage
Describe RAID 0
Striped Disks - Data is spread across multiple disks which increases speed but not redundancy
Describe RAID 1
Mirrored Disks - Data is copied from one disk to another. If the disk is lost we dont lose the data. This is more expensive than other methods.
Describe RAID 5
Block Striped with Error check - Most commonly used stripes data and parity checks across multiple drives; increased reliability and speed
Describe RAID 10
Stripe of Mirrors - combines striping and mirroring
What are distributive allocations ?
This is the mechanisms by which load is distributed across redundant resources. If the resources are servers then distributive load is the method that allocates work to those servers.
If the resource is data then geographical locations can be used as a means of distribution.
What is redundancy ?
Redundancy is the use of multiple independent elements to perform critical functions
This can be done through multiple servers, connections or even ISPs and many organisations maintain a supply of spare parts to readily repair any failed hardware components.
Describe high availability and fault tolerance ?
High Availability is the maintaining of a systems availability through an unusual event by the use of a hot systems.
Fault Tolerance is the maintaining of a systems availability during an non critical event by the use of a warm system. The event is non critical because we should have built enough redundancy in the system to cover a foreseen eventuality such as a disk failure,
What are the benefits of automation ?
Cuts down risks due to using humans. Releases operations team members back from routing tasks.
Continuous Monitoring can be used to automatically respond to certain events
Continuous validation - automated testing to resolve issues with configuration management
What is elasticity and scalability ?
Scalability is the ability of the system to accommodate larger loads just by adding resources either making hardware stronger (scale up) or adding additional nodes (scale out).
Elasticity is the ability to fit the resources needed to cope with loads dynamically usually in relation to scale out. So that when the load increases you scale by adding more resources and when demand wanes you shrink back and remove unneeded resources. Elasticity is mostly important in Cloud environments where you pay-per-use and don’t want to pay for resources you do not currently need on the one hand, and want to meet rising demand when needed on the other hand.
What is the concept of non persistence ?
These are machine images that changes are made to but are not expected to persists. Ephemeral storage is a good example.
Snapshots are the point in time backups of VMs
Rollback to known configuration - Microsoft term for rolling back to last known registry configuration that was saved by OS
Live Boot Media - USBs that have a bootable OS on them
What are templates and master images ?
Templates can be used to create master images of machine instances. You can use automation for post configuration task such as IP addresses, licensing and instance specific configuration.
Describe the two software development lifecycles ?
Agile vs Waterfall,
There are two forms of Agile - Scrum and XP or extreme programming
Scrum has a 30 day sprint and a product backlog. Its crucial that developers know secure coding practices.
XP has a more flexible definition of a sprint and there is a greater emphasis on user acceptance testing to create incremental advances.
What is the reasoning around code re-use ?
We should aim to re-use code where possible and remove dead code as it can be a security risk.
What is code signing ?
This is using PKI to digitally sign a code download in order to verify its source and integrity. A trusted CA should be used.
What is data exposure ?
Data at rest and in transit should always be protected.
What are the rules around encryption ?
Use the most up to date algorithms, dont craft your own.
What is the rule around memory management ?
Memory should be reclaimed after use and appropriate values should be assigned to variable types.
What is obfuscation ?
Is hiding element such as code or data items so if they are leaked hackers cant make use of them.
Code obfuscation is sometimes frowned upon.
What are the rules around proper error handling ?
Information when an application errors should never be relayed back to a user as it can be used against the system by a hacker. The main challenge is where to store the information. The ideal location is an acl controlled log file.
Why use proper input handling ?
We should use proper input validation to make sure that malicious users cant inject values and code into our applications that could cause a security issue.
All input should be viewed as hostile.
Proper input validation will mitigate the following attacks
Buffer Overflows
Cross Site Scripting
Cross Site Request Forgeries
Injection Attacks
Normalisation is the process of checking inputs and formatting them to be of the correct format - Postcodes, email, social security numbers.
Where should we implement checks server or client ?
Both are ideal but because we cant be sure of the client environment we must always have server side validation and checking. We should always distrust anything coming from the client and validate it on the server side.
Why use stored procedures ?
Stored Procedures on a database are preferred to dynamic queries sent from the application layer as they have a specific name and input structure and dont reveal the inner workings of the database as dynamic queries do.
This technique prevents sql injection attacks.
What is secure devops ?
Secure DevOps is about making sure that within the devops environment security has a first order place.
Automation of highly repetitive tasks releases workers to concentrate on more high value work.
Examples of automation are static code analysis and vulnerability scanning
Immutable Systems (Cattle) vs Pets
Describe the traditional four environment types ?
Dev, test, staging and prod
What is sandboxing ?
Can be done for whole environment down to applications running on your phone. The idea is to provide security through isolation.
What is emi/emp ?
EMI is electrical interference and EMP is a pulse of that interference and this can damage or prevent the operation of the affected device. Mitigated by the use of shielded cables and grounded circuits.
What is HSM ?
Generate and store keys, can connect via usb and can be used as a means to authenticate and encrypt and apply digital signatures as well.
What is secure boot ?
Malware targeting drivers present a problem because they get loaded before security tools and therefore can be missed. Secure boot only allows drivers signed and vetted to be installed.
What is a trusted platform module ?
Trusted Platform Modules are chips on the motherboard to create and store keys. The TPM hashes sections of the hardware, firmware and software and on the next run compares the new hash against the previous to see if anything has changed if it has it may prevent authentication.
TPM are not accessible via the normal channels so cannot be interfered with.
What is bios ?
UEFI and BIOS its older counterpart are the firmware that aids interoperability between the OS and hardware. UEFI is more recent and more secure.
Stored in non volatile memory so survives the powering down of the device.
What arethe different types of OS ?
Networking OS - That which runs on networking hardware such as routers
Server OS - Runs as an interface between hardware and applications normally doesnt have a gui
Workstation OS - GUI
Appliances - Machines dedicated to one task only
Kiosks - Standalone machines that allow some limited functionality
Mobile Operating Systems - Streamlined for mobile devices.
Describe virtualisation ?
Virtualisation is the ability to run distinct os separately on one machine
Type 1 - Hardware faster than type 2 alternative
Type 2 - Software easier to get up and running
Containerisations/Application Cells
Less overhead than virtualisation as it doesnt clone an entire copy of the os.
VM Sprawl is where we lose control over the amount of VMs that are being created and this can happen because it is just easy to spin up VMs. There should be proper policies and procedures in place to control VM sprawl.
VM escape is where an attack escapes the confines of a VM to attack the base operating system. We should have the same controls on these systems as others. IDP/IDS
When designing a network what are the major design considerations ?
Device Placement, Security Zones, Failure Modes, Connectivity
What are the typical areas in Security Zones placement ?
Data and trust sensitivity.
Give two examples of a security zone ?
Guest Network and Management VLAN
Describe the failure mode consideration ?
When a security device fails should it fail so that no traffic passes (fail closed) or should it allow all traffic to pass (fail open)
Why would I use a VLAN ?
A VLAN is a Virtual Local Area Network (https://www.makeuseof.com/wan-vs-lan/). It’s a logical grouping of devices on a network, usually based on location or function. For example, all computers in a school’s library could be assigned to the “Library” VLAN, while all computers in the school’s computer lab could be assigned to the “Computer Lab” VLAN. In this way, VLANs can improve the efficiency and flexibility of a local area network.
A VLAN can improve security and performance by isolating traffic on your network.
Name the two ways of creating a logical segmentation in a network ?
VLAN and Subnetting
Give an example of security through obscurity ?
Using non standard ports.
What is software defined network ?
Software defined network separates the control plane from the data plane. Previously the software designed to control hardware devices was tightly coupled usually from the same provider. SDN breaks this by offering a more generic and flexible software layer that makes it easier to have dynamic configurations and security.
What is SD-WAN ?
An incarnation of SDN for WAN good for routing via application and choosing a variety of connection based on cost.
What is Secure Access Service Edge (SASE) ?
Secure access service edge, often abbreviated (SASE), is a security framework that converges software-defined wide area networking (SD-WAN) and Zero Trust security solutions into a converged cloud-delivered platform that securely connects users, systems, endpoints, and remote networks to apps and resources.
SASE has four main traits:
- Identity-driven:
Access is granted based on the identity of users and devices. - Cloud-native:
Both infrastructure and security solutions are cloud-delivered. - Supports all edges:
Every physical, digital, and logical edge is protected. - Globally distributed:
Users are secured no matter where they work.
What is zero trust ?
Zero Trust assumes that there is no trust boundary and no network edge. Instead each action is validated and requested as part as a continuous authentication process and access is only allowed after policies are checked, including elements like identity, permissions, system configuration and security status, threat intelligence etc
What is a subject in zero trust ?
Subjects are the user, systems and services that request access or attempt to use rights.
In zero trust what is the policy administrator ?
Policy administrator are not individuals rather they are components that establish or remove the communication path between resources and subjects. In a deny situation the enforcement endpoint is instructed to drop the connection.
In zero trust architecture what is the role of the policy engine ?
Policy engines make decisions based on rules and external systems such as identity management and SIEM. They use a trust algorithm that makes a decision to grant, deny or revoke access to a given resource. Once the decision has been made it is logged and then the policy administrator takes action.
What is the role of a policy enforcement endpoint in a zero trust architecture ?
Communicated with administrators commonly deployed as both a client and a gateway element
In a zero trust architecture what elements live in the control plane ?
Adaptive Identity, Policy Administrator, Policy Engine, Threat Scope Reduction
In a zero trust architecture what elements live in the data plane ?
Subject, Policy Enforcement Endpoints, Enterprise Resources
What is Adaptive Identity ?
leverages Context based authentication, considers where the user is logging in from, whether the device they are using meets security requirements and will either request additional info or request if standards are not met.
What is threat scope reduction ?
Limiting the blast radius determined by least privilege and identity base network segmentation rather than the more traditional network segmentation methods such as VLAN and IP addresses
What is the role of a Cloud Access Service Broker ?
Used to monitor cloud activity and usage and to enforce security policies on users of cloud services.
Why should you be wary of downloaded images ?
They may be part of a steganography attack.
What is the most common way of protecting a Real Time Operating System (RTOS) ?
Encrypted Firmware
Why are firewalls and antimalware not a viable control for RTOS systems ?
RTOS systems often need to have updates downloaded and applied immediately.
When should we use gait analysis to identify people ?
In crowded situations where facial and other biometric data is not clear
What is the primary way to prevent powerloss in an outage ?
UPS
What does an attacker hope to gain by setting of alarms repeatedly over a period of time ?
The generation of a false positive so that when the alarms trigger because of malicious activity people will be desensitised to their occurrence.
What does XAAS mean ?
Anything as a service
What is object detection ?
Object detection can detect specific types or classes of object to determine if an object has been moved.
What security advantage do you get from managing your internal ip scheme ?
Identification of rogue or unknown devices.
What is the most secure type of physical lock ?
Deadbolts
What advantage do you receive with NIC teaming ?
Greater throughput and resiliency. NIC teaming is sending data through multiple cards.
What critical feature is not a default one for most CCTV installations ?
DVR or the ability to record - This can then be used in evidence
What does the term industrial camoflage mean ?
Making a building as non-descript as possible to avoid detection and attacks.
What is the main security problem for static codes in MFA ?
Being stolen due to inproper storage. Brute force attacks are not likely as MFA should have built in backup algorithms
Whats the best current way for making cryptographic algorithms safer ?
Increasing key length
Are motion detectors and cameras a physical or detective control ?
Detective
What is the main advantage of a inert gas system over a carbon dioxide one ?
Inert gas will remove oxygen out of the system without the same dangers to humans as carbon dioxide
What cabling type is best to prevent tampering and prevent access ?
Protected cable distribution
What is shielded cabling used for ?
Prevention of emi
What is the most common threat to physical tokens ?
theft
What is Fog computing ?
Cloud computing at edge of an enterprise network
Name three key stretching algorithms ?
bcrypt, scrypt, PBKDF2
What does ISO 27001 cover ?
Control Objectives for 14 different areas
What does ISO 27002 cover ?
The actual controls to satisfy the objectives
What does ISO 27701 cover ?
Privacy controls
What does ISO 31000 cover ?
Risk management
What is Role based user training ?
Organisations should use role based training to make sure that individuals receive the appropriate training for their job responsibilities.
What are the three baselining phases in configuration management ?
Establishing a baseline with industry standards such as CIS
Deploying using centrally managed tools
Maintenance
What is a self encrypted drive ?
A self encrypted hard drive implement encryption in hardware and firmware.
Who is chiefly responsible for determining the purposes and means of processing personal data within an organization ?
Data Controller
Define an embedded system ?
Computer systems that are build into other devices.
Define a SCADA system ?
Normally a system responsible for critical infrastructure such as water and power and traffic. Scada is a type of system architecture that combines data acquisition and control devices and interfaces that control the entire architecture.
What is the main security issue with complex systems such as scada ?
They were often not built with security in mind and therefore security can actively interfere with operation. Often the only effective security for such systems is isolation.
Describe IOT systems ?
A type of embedded system but leverage other technologies such as cloud and machine learning
What are the challenges of IOT systems ?
Not designed with security in mind, short patching cycles, poor vendor data practices
Why is securing embedded systems difficult ?
They may not connect to a network making authorisation impossible. They may also have low CPU, memory and power options which makes cryptography, firewalls to expensive in resources. It also makes the ability to patch and monitor
Why is asset management important ?
Knowing that a system contains processes and handles sensitive data is critical during incident response as well as day to day operations.
What is usually a part of asset management ?
Asset Tagging, Inventory checking, Inventory creation.
Which data role is responsible for determining why and how PII is processed in an organisation ?
Data Controller/Owner
Which role is delegated to carry out the decisions of the data controller
Data Stewards
What is the purpose of a data custodians ?
Have specific responsibility for security of data from data controller
What is the difference between separation of duties and two person control ?
Separation of duties is two people doing two distinct tasks that make up an action. Whereas two person control is one task split between two people.
Why should you place wireless APs near centre of building ?
Limiting the range to not go beyond perimeter walls
What is the ideal placement for wireless APs ?
High points to avoid obstacles
In Wireless technology what is Extended Service Set configurations ?
For large buildings it is the meshing together several APs to give a seamless connection experience.
What in wireless techechnolgy co channel interference ?
Closely position ap with overlapping channel coverage
What in wireless technology is adjacent channel interference
two aps using channels that are close together but maybe not overlapping
In a 2.4 ghz wireless settings what channels should you use to avoid interference ?
1, 6, 11
What are the major security technologies in wireless ?
EAP, Radius, WPA3, AAA
Which Wireless protocol is considered deprecated because of its weak 24 bit initialisation vector ?
WEP
What is TKIP ?
A part of WPA it is the generation of a 128 bit key for every packet thus avoiding key re-use
Which protocol is insecure becuase of lack of sufficient data integrity checks in TKIP ?
WPA
Which wireless protocol replaced TKIP with CCMP ?
WPA2
Which two encryption protocols use AES ?
WPA2 and WPA3
Which wireless protocol uses the enhanced open method ?
WPA3
What is management frame protection ?
Protect management traffic in WPA3
What two protocols for wireless authentication fall under AAA
Tacacs+ and Radius
What architecture model does Radius follow to achieve AAA
Client Server
How does TACACS+ differ from Radius ?
Separates out Authentication(A) Authorisation(A) and Accountability (A) so that you can apply more fine grained control unlike Radius and also encrypts the whole packet
Whats the major difference between PEAP and EAP TLS
Peap needs a client certificate on client and server EAP TTLS only server
Is EAP an implemented technology ?
No it is a specification that is implemented in PEAP, EAP-TTLS, EAP-Fast
How does DKIM work ?
On reciept of the email the server can verify the digital key by using the sender public key on DNS server.
