Implementing Secure Systems Flashcards
What is Least Functionality?
least functionality is a core security principle stating that systems should only have the least amount applications, services and protocols necessary.
In implementing secure Operating Systems, the requirements of a trusted operating system have to meet what goal and who/what defines these requirements?
it meets a set of predetermined requirements (regarding security) so that only authorized personal can access data based on their permissions.
The requirements are defined in the Common Criteria (for Information Technology Security Evaluation)
A trusted operating system prevents what? What access control model does it use?
modifications by unauthorized users and prevents malicious code from executing.
It commonly uses the Mandatory Access Control model
requirements for certified trusted operating systems are defined by third parties, true or false?
True
What are two important benefits that Imaging provides?
SECURITY - A secure starting point for an OS build
COST SAVING - because a) it’s easy to deploy, b) easier to support as there’s only a single OS version
What do Windows system admins use to automatically check and configure systems?
Group Policy
Explain the 3 steps of secure baselining
1) Create an initial, secure baseline configuration of a OS and deploy it across devices
2) The baseline config is monitored for deviation, called Integrity Measurements
3) Deviations detected can then be isolated for remediation.
What is common security issue with unauthorized software?
it often contains Malware
What is the Linux sandbox feature that allows isolation of an application? How is it isolated?
it’s called Chroot. It changes the root directory of the application, preventing it from accessing system files in the root directory.
A secure staging environment actually includes multiple environments, what are they?
Development
Test
Staging
Production!
What two electrical phenomena does secure systems design address?
EMI and EMP (Electro magnetic Pulse)
Regarding encryption. Describe an FDE and SED
FDE = full disk encryption.
An SED is a Self-Encrypting Drive which is a drive that features the hardware and software to encrypt the drive and securely store the encryption keys
A TPM is a hardware ____ included on many laptops and mobile devices. It provides ___ ____ encryption and supports a secure ____ ___ and remote _____. A TPM includes a unique ____ ____ key burned onto the chip which provides a hardware root of trust.
A TPM (Trusted Platform Module) is a hardware CHIP included on many laptops and mobile devices. It provides FULL DISK ENCRYPTION and supports a secure BOOT PROCESS and remote ATTESTATION. A TPM includes a unique RSA ASYMMETRIC key burned onto the chip which provides a hardware root of trust.
IN TPM, what does the secure boot process check for?
it checks key boot files against the signatures of those same files it stored in the TPM on initially setting up. If the signatures don’t match, it indicates the boot files have been changed and blocks the boot process.
What is a HSM and what is it typically used by?
a HSM (Hardware Security Module). It's a removable or external device that can generate, store and manage RSA keys used in asymettric encryption It is typically used by servers
