Implementing Secure Systems Flashcards
What is Least Functionality?
least functionality is a core security principle stating that systems should only have the least amount applications, services and protocols necessary.
In implementing secure Operating Systems, the requirements of a trusted operating system have to meet what goal and who/what defines these requirements?
it meets a set of predetermined requirements (regarding security) so that only authorized personal can access data based on their permissions.
The requirements are defined in the Common Criteria (for Information Technology Security Evaluation)
A trusted operating system prevents what? What access control model does it use?
modifications by unauthorized users and prevents malicious code from executing.
It commonly uses the Mandatory Access Control model
requirements for certified trusted operating systems are defined by third parties, true or false?
True
What are two important benefits that Imaging provides?
SECURITY - A secure starting point for an OS build
COST SAVING - because a) it’s easy to deploy, b) easier to support as there’s only a single OS version
What do Windows system admins use to automatically check and configure systems?
Group Policy
Explain the 3 steps of secure baselining
1) Create an initial, secure baseline configuration of a OS and deploy it across devices
2) The baseline config is monitored for deviation, called Integrity Measurements
3) Deviations detected can then be isolated for remediation.
What is common security issue with unauthorized software?
it often contains Malware
What is the Linux sandbox feature that allows isolation of an application? How is it isolated?
it’s called Chroot. It changes the root directory of the application, preventing it from accessing system files in the root directory.
A secure staging environment actually includes multiple environments, what are they?
Development
Test
Staging
Production!
What two electrical phenomena does secure systems design address?
EMI and EMP (Electro magnetic Pulse)
Regarding encryption. Describe an FDE and SED
FDE = full disk encryption.
An SED is a Self-Encrypting Drive which is a drive that features the hardware and software to encrypt the drive and securely store the encryption keys
A TPM is a hardware ____ included on many laptops and mobile devices. It provides ___ ____ encryption and supports a secure ____ ___ and remote _____. A TPM includes a unique ____ ____ key burned onto the chip which provides a hardware root of trust.
A TPM (Trusted Platform Module) is a hardware CHIP included on many laptops and mobile devices. It provides FULL DISK ENCRYPTION and supports a secure BOOT PROCESS and remote ATTESTATION. A TPM includes a unique RSA ASYMMETRIC key burned onto the chip which provides a hardware root of trust.
IN TPM, what does the secure boot process check for?
it checks key boot files against the signatures of those same files it stored in the TPM on initially setting up. If the signatures don’t match, it indicates the boot files have been changed and blocks the boot process.
What is a HSM and what is it typically used by?
a HSM (Hardware Security Module). It's a removable or external device that can generate, store and manage RSA keys used in asymettric encryption It is typically used by servers
Which cloud solution does the customer have most responsibility over maintenance and security responsibilities? Why?
IaaS
Because it is the customer who is charges with installing and configuring the software on the infrastructure provided to them by the CSP
What does SecurityaaS do and what effect might that have on staff/training?
It outsources the administrative task of implementing a security application like keeping antivirus up to date
COST SAVING - It also eliminates the need for employees to be experts on everything
What cloud device can enforce security policy when accessing cloud services like ensuring that all network traffic is encrypted?
A cloud access security broker (CASB)
From a security perspective, sandboxing is useful for testing…
…security controls and testing patches
describe the staging environment
it simulates the production environment and is used for late stage testing
which environment involves the initial creation of the application and includes version and change management controls to track the app development?
Development environment
What secure operating system concept is defined in the Common Criteria?
Trusted Operating systems
