Part-3 Flashcards

1
Q

XOR operation

A

This is a technique used in obfuscation

Exclusive or

It is the smaller part of the larger block encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When are XOR operations commonly used?

A

They are commonly used to obfuscate malicious code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

XOR are used by knowledgeable malware authors to hide their malware from detection because why?

A

XOR operations are quick, simple, and require a little processing overhead

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Security through obscurity

A

The practice of attempting to hide the existence of vulnerability is from others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cryptographic modules

A

Any software or hardware solution that implements one or more cryptographic concepts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CSP

A

Cryptographic service provider

Windows software library that implements Microsoft crypto API. Developers can design their applications to call a CSP so that it can perform one or more cryptographic services for the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

PKI

A

Public key infrastructure

A system that is composed of certificate authorities, certificates, software’s, services, and other cryptographic components, for the purpose of enabling authenticity and validation of data and entities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PKI components

A

Digital certificate,
(OID) object identifier, (CA)certificate authority, (RA)registration authority,
(CSR) certificate signing request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Digital certificate

A

These are the most fundamental components of a PKI. The certificate validates that just a certificate holders identity Through a digital signature and is also a way to distribute the holders public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

OID

A

Object identifier

The identity Information included in his certificate is provided through OID’s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CA

A

Certificate Authority

A CA is a server that issues digital certificates and maintains the associated private/public key pair.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

RA

A

Registration Authority

This server is responsible for verifying users and device identities and approving or denying request for digital certificates.

Some larger CA’s might have local registration authorities LRA’s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CSR

A

Certificate signing request

This is a message sent to ACA in which a resource applies for a certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CA hierarchy or trust model

A

This is a single CA or group of CPAs that work together to issue digital certificates. Every CA in the hierarchy as a parent child relationship with the CA directly above it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Chain of trust

A

When are use your device or other entity is present of a certificate, it validates the certificate through this which is also called certificate training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Certificate pinning

A

This is a method of trusting certificates and a more direct way that I typical see a hierarchy. This planning effectively bypasses the CA hierarchy and channel trust in order to minimize the man in the middle attack .

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Root CA

A

This is the top most CA in the hierarchy and the most trusted authority
The route CA must be secured because if it is compromised all other certificates become invalid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Private route CA

A

This is created by a company for use primarily with in the company itself. It can be set up and configured in house or contracted to a third-party vendor.

19
Q

Public route CA

A

This is created by third-party or commercial vendor for general access by the public.

Symantec is a well-known provider a public certificate services

20
Q

Subordinate CAs

A

Is there any CAs below the route in the hierarchy. Subordinate CA’s issue certificates and provide day-to-day management of the certificates, including renewal, suspension, and revocation.

21
Q

Types of certificates

A

Self-signed, route, user, computer, email, code signing, (SAN) subject alternative name, wild card, (DV) domain validation, (EV)extended validation

22
Q

Self signed certificate

A

This requires the client to trust the entity directly

23
Q

SAN

A

Subject alternative name

An organization that owns multiple domains may want to combine those domains into a single SSL/TLS certificate.

24
Q

Wild card

A

The certificate is similar to SAN certificate, but instead of enabling the use of multiple domains, it enables the certificate to apply to multiple subdomains.

25
X.509
PKI’s and CA hierarchies it here to a standard for formatting certificates. ``` If includes information such as: Version Serial number Algorithm used to sign certificate Name of issuing entity Period Of time valid Name of the subject being certified ```
26
X.509 certificate file formats
``` .der .pem .cer .p7b .p12 .pfx ```
27
Certificate lifecycle phase
``` Issuance Enrollment Renewal Revocation expiration Suspension ```
28
Certificate lifecycle factors
Length of private key Strength of the cryptography used Physical security of the CA and private key Security of issued certificates and their private keys Risk of attack User trust Administrative involvement
29
SSL/TLS Connection process
Use certificates ``` Client send request Server response with certificate Encryption negotiated Client sends encrypted session key Connection is encrypted ```
30
Private key protection methods
Back it up to removable media and store the media securely Delete it from insecure media Require a password to restore the private key Never share the key Never transmit key on the network or across the Internet after it is issued Consider using key escrow to store a private key with trusted third parties
31
Key escrow
An alternative to keep back ups this can be used to store private key is securely, while allowing one or more trust a third parties access to the keys under predefined conditions. The third-party is called the key escrow agent.
32
M of N scheme
There are only a certain number of agents or trustees that have you thought he to recovery key. To prevent a single authorize Asian from a covering a key this scheme is the commonly used. It is a mathematical control that takes into account the total number of key recovery agents( N )Along with the number of agents required to perform a key recovery (M)
33
EFS
Encrypted file system It uses Microsoft Windows NTFS based public encryption.
34
Revoke certificates
You might want a security entity to stop using a certificate for a specified period of time.
35
Reasons for certificate revocation
The certificate on his private key has been compromised or lost. It was obtained by fraudulent means. It had been superseded by another certificate It’s holder is no longer trusted. This happens when someone leaves the company.
36
OCSP
Online certificate status protocol
37
Online certificate status protocol
And HTTP based alternative to CRL for dynamically checking the status of revoked certificates.
38
OCSP stapling
This transfer is the burden to the Web server that presents the certificate. The Web server queries the OCSP server a specific intervals, and the OCSP server response by providing a time stamped digital signature. The Web server a pens the signed response to the SSL/TLS handshake with the client so that the client can verify the certificates status.
39
Security framework’s
Regulatory—flow from government regulations that mandate certain behavior in Any legal entity that Nonregulatory
40
Security framework examples
NIST 800 Series COBIT 5 ITIL ISO/IEC 27001
41
Compliance
The practice of ensuring that the requirements of legislation, regulations, industry codes and standards, and organizational standards are met.
42
Defense in depth
A tactic that leverages a layered approach to security, but instead of just focusing on the tools used to protect the system and its data, it is used to plan user training, policy adoption, physical protection, another, more comprehensive security strategies.
43
AUP
Acceptable use policy States the limits and guidelines that are set for users and others to make use of an organization’s physical and intellectual resources; in other words, the rules of behavior for personnel.