Hardware Assurance Best Practices Flashcards

1
Q

Secure working in an unsecure environment involves mitigating the risks of the supply
chain

A

Supply Chain Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A legal principle that a subject has used best practice or reasonable care when
setting up, configuring, and maintaining a system

A

Due Diligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A microprocessor manufacturing utility that is part of a validated supply chain
(one where hardware and software does not deviate from its documented
function)

A

Trusted Foundry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The process of ensuring that hardware is procured tamper-free from trustworthy
suppliers

A

Hardware Source Authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A cryptographic module embedded within a computer system that can endorse
trusted execution and attest to boot settings and metrics

A

Hardware Root of Trust (ROT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A specification for hardware-based storage of digital certificates, keys, hashed
passwords, and other user and platform identification information

A

Trusted Platform Module (TPM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An appliance for generating and storing cryptographic keys that is less susceptible
to tampering and insider threats than software-based storage

A

Hardware Security Module (HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Methods that make it difficult for an attacker to alter the authorized execution of
software

A

Anti-Tamper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A firmware exploit gives an attacker an opportunity to run any code at the highest level of CPU privilege

A

Trusted Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A type of system firmware providing support for 64-bit CPU operation at boot, full
GUI and mouse operation at boot, and better boot security

A

Unified Extensible Firmware Interface (UEFI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A UEFI feature that prevents unwanted processes from executing during the boot
operation

A

Secure Boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A UEFI feature that gathers secure metrics to validate the boot process in an
attestation report

A

Measured Boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A claim that the data presented in the report is valid by digitally signing it using
the TPM’s private key

A

Attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A firmware update that is digitally signed by the vendor and trusted by the system
before installation

A

Trusted Firmware Updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A disk drive where the controller can automatically encrypt data that is written to
it

A

Self-Encrypting Drives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A mechanism for ensuring the confidentiality, integrity, and availability of
software code and data as it is executed in volatile memory

A

Secure Processing

17
Q

Low-level CPU changes and instructions that enable secure processing
▪ AMD
● Secure Memory Encryption (SME)
● Secure Encrypted Virtualization (SEV)
▪ Intel
● Trusted Execution Technology (TXT)
● Software Guard Extensions (SGX)

A

Processor Security Extensions

18
Q

The CPU’s security extensions invoke a TPM and secure boot attestation to ensure
that a trusted operating system is running

A

Trusted Execution

19
Q

The extensions allow a trusted process to create an encrypted container for
sensitive data

A

Secure Enclave

20
Q

Certain operations that should only be performed once or not at all, such as
initializing a memory location

A

Atomic Execution

21
Q

Data is encrypted by an application prior to being placed on the data bus

A

Bus Encryption