MAC ADRRESS Flashcards
Whats an OUI and who assigns thse?
Organization Unique Identifier. IEEE ( The[1] IEEE Registration Authority is the administrative body that is responsible for registering and administering organizationally unique identifiers (OUI) and other types of identifiers which are used in the computer and electronics industries (Individual Address Blocks (IAB), Manufacturer IDs, Standard Group MAC Addresses, Unique Registration Numbers (URN), EtherType values, etc.)
IEEE Registration Authority
IEEE offers Registration Authority programs or registries which maintain lists of unique identifiers under standards and issue unique identifiers to those wishing to register them. The IEEE Registration Authority assigns unambiguous names to objects in a way which makes the assignment available to interested parties.
BitLocker
Bitlocker is a Windows disk encryption feature, designed to protect data by providing encryption for entire volumes.
BitLocker addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned devices.
Data on a lost or stolen device is vulnerable to unauthorized access, either by running a software-attack tool against it or by transferring the computer’s hard drive to a different computer. BitLocker helps mitigate unauthorized data access by enhancing file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected devices are decommissioned or recycled.
TPM
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard.
One of Windows 11’s system requirements is TPM 2.0. Microsoft has stated that this is to help increase security against firmware attacks.[1]
Trusted Platform Module. A TPM is a hardware component installed in many devices and it works with BitLocker to help protect user data and to ensure that a computer hasn’t been tampered with while the system is offline.
Platform integrity
The primary scope of TPM is to ensure the integrity of a platform. In this context, “integrity” means “behave as intended”, and a “platform” is any computer device regardless of its operating system. This is to ensure that the boot process starts from a trusted combination of hardware and software, and continues until the operating system has fully booted and applications are running.
When TPM is used, the firmware and the operating system are responsible for ensuring integrity.
dm-crypt
dm-crypt is the Linux kernel’s device mapper crypto target. From Wikipedia:dm-crypt, it is:
a transparent disk encryption subsystem in [the] Linux kernel… [It is] implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including removable media), partitions, software RAID volumes, logical volumes, as well as files. It appears as a block device, which can be used to back file systems, swap or as an LVM physical volume.
Usage
/Drive preparation
Deals with operations like securely erasing the drive and dm-crypt specific points for partitioning it.
/Device encryption
Covers how to manually utilize dm-crypt to encrypt a system through the cryptsetup command. It covers examples of the Encryption options with dm-crypt, deals with the creation of keyfiles, LUKS specific commands for key management as well as for Backup and restore.
/System configuration
Illustrates how to configure mkinitcpio, kernel parameters and the crypttab file when encrypting a system.
/Swap encryption
Covers how to add a swap partition to an encrypted system, if required. The swap partition must be encrypted as well to protect any data swapped out by the system. This part details methods without and with suspend-to-disk support.
/Specialties
Deals with special operations like securing the unencrypted boot partition, using GPG or OpenSSL encrypted keyfiles, a method to boot and unlock via the network, another for setting up discard/TRIM for a SSD, and sections dealing with the encrypt hook and multiple disks.
/Mounting at login
Example scenarios
/Encrypting a non-root file system
If you need to encrypt a device that is not used for booting a system, like a partition or a file container.
/Encrypting an entire system
If you want to encrypt an entire system, in particular a root partition. Several scenarios are covered, including the use of dm-crypt with the LUKS extension, plain mode encryption and encryption and LVM.
WPS
WiFi Protected Setup (WPS)
is a computing standard created by the WiFi Alliance to ease the setup and securing of a wireless home network. WPS contains an authentication method called “external registrar” that only requires the router’s PIN. By design this method is susceptible to brute force attacks against the PIN.
When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 10^8 to 10^4 + 10^3 which is 11,000 attempts in total.
Disable WPS
Within the wireless router’s configuration menu, disable the external registrar feature of WiFi Protected Setup (WPS). Depending on the vendor, this may be labeled as external registrar, router PIN, or WiFi Protected Setup.
NIC
NETWORK INTERFACE CARD
CIA Triad
confidentiality, integrity, and availability
Applying the Principles
Depending on an organization’s security goals, the industry, the nature of the business, and any applicable regulatory requirements, one of these three principles might take precedence over another. For example, confidentiality is vital within certain government agencies (such as intelligence services); integrity takes priority in the financial sector where the difference between $1.00 and $1,000,000.00 could be catastrophic; and availability is critical in both the ecommerce sector (where downtime can cost companies millions of dollars), and the healthcare sector (where human life could be lost if critical systems are unavailable).
A key concept to understand about the CIA triad is that prioritizing one or more principles can mean the tradeoff of others. For example, a system that requires high confidentiality and integrity might sacrifice lightning-speed performance that other systems (such as ecommerce) might value more highly. This tradeoff is not necessarily a bad thing; it is a conscious choice. Each organization must decide how to apply these principles given their unique requirements, balanced with their desire to provide a seamless and safe user experience.
Confidentiality
Confidentiality refers to an organization’s efforts to keep their data private or secret. In practice, it’s about controlling access to data to prevent unauthorized disclosure.
Typically, this involves ensuring that only those who are authorized have access to specific assets and that those who are unauthorized are actively prevented from obtaining access.
Countermeasures to protect confidentiality include data classification and labeling; strong access controls and authentication mechanisms; encryption of data in process, in transit, and in storage; steganography; remote wipe capabilities; and adequate education and training for all individuals with access to data.
Integrity
In everyday usage, integrity refers to the quality of something being whole or complete. In InfoSec, integrity is about ensuring that data has not been tampered with and, therefore, can be trusted. It is correct, authentic, and reliable.
Ensuring integrity involves protecting data in use, in transit (such as when sending an email or uploading or downloading a file), and when it is stored, whether on a laptop, a portable storage device, in the data center, or in the cloud.
As is the case with confidentiality, integrity can be compromised directly via an attack vector (such as tampering with intrusion detection systems, modifying configuration files, or changing system logs to evade detection) or unintentionally, through human error, lack of care, coding errors, or inadequate policies, procedures, and protection mechanisms.
Countermeasures that protect data integrity include encryption, hashing, digital signatures, digital certificatesTrusted certificate authorities (CAs) issue digital certificates to organizations to verify their identity to website users, similar to the way a passport or driver’s license can be used to verify an individual’s identity. , intrusion detection systems, auditing, version control, and strong authentication mechanisms and access controls.
Note that integrity goes hand in hand with the concept of non-repudiation: the inability to deny something. By using digital signatures in email, for example, a sender cannot deny having sent a message, and the recipient cannot claim the message received was different from the one sent. Non-repudiation assists in ensuring integrity.
Availability
Systems, applications, and data are of little value to an organization and its customers if they are not accessible when authorized users need them. Quite simply, availability means that networks, systems, and applications are up and running. It ensures that authorized users have timely, reliable access to resources when they are needed.
Many things can jeopardize availability, including hardware or software failure, power failure, natural disasters, and human error. Perhaps the most well-known attack that threatens availability is the denial-of-service attack, in which the performance of a system, website, web-based application, or web-based service is intentionally and maliciously degraded, or the system becomes completely unreachable.
Countermeasures to help ensure availability include redundancy (in servers, networks, applications, and services), hardware fault tolerance (for servers and storage), regular software patching and system upgrades, backups, comprehensive disaster recovery plans, and denial-of-service protection solutions
CMOS chip
complementary metal–oxide–semiconductor
CMOS chip on a PC stores the BIOS settings, including the system time and date and hardware settings
