Principles of Security Models, Design, and Capabilities Flashcards
Be able to define object and subject in terms of access
The subject is the user or process that makes a request to access a resource. The object is the resource a user or process wants to access.
Be able to describe open and closed systems
Open systems are designed using industry standards and are usually easy to integrate with other open systems. Closed systems are generally proprietary hardware and/or software. Their specifications are not normally published, and they are usually harder to integrate with other systems.
Understand open and closed source
An open source solution is one where the source code, and other internal logic, is exposed to the public. A closed source solution is one where the source code and other internal logic is hidden from the public.
Know about secure defaults
Never assume the default settings of any product are secure. It is always up to the system’s administrator and/or company security staff to alter a product’s settings to comply with the organization’s security policies.
Understand the concept of fail securely
Failure management includes programmatic error handling (aka exception handling) and input sanitization; secure failure is integrated into the system (fail-safe vs. fail-secure).
Know about the principle of “keep it simple”
“Keep it simple” is the encouragement to avoid overcomplicating the environment, organization, or product design. The more complex a system, the more difficult it is to secure.
Understand zero trust
Zero trust is a security concept where nothing inside the organization is automatically trusted. Each request for activity or access is assumed to be from an unknown and untrusted location until otherwise verified. The concept is “never trust, always verify.” The zero trust model is based around “assume breach” and microsegmentation.
Know about Privacy by Design
Privacy by Design (PbD) is a guideline to integrate privacy protections into products during the early design phase rather than attempting to tack them on at the end of development. The PbD framework is based on seven foundational principles.
Understand “trust but verify”
“Trust but verify” is a traditional security approach of trusting subjects and devices within the company’s security perimeter automatically. This type of security approach leaves an organization vulnerable to insider attacks and grants intruders the ability to easily perform lateral movement among internal systems.
Know what confinement, bounds, and isolation are
Confinement restricts a process to reading from and writing to certain memory locations. Bounds are the limits of memory a process cannot exceed when reading or writing. Isolation is the mode a process runs in when it is confined through the use of memory bounds.
Know how security controls work and what they do
Security controls use access rules to limit the access by a subject to an object.
Understand trust and assurance
A trusted system is one in which all protection mechanisms work together to process sensitive data for many types of users while maintaining a stable and secure computing environment. In other words, trust is the presence of a security mechanism or capability. Assurance is the degree of confidence in satisfaction of security needs. In other words, assurance is how reliable the security mechanisms are at providing security.
Define a trusted computing base (TCB)
A TCB is the combination of hardware, software, and controls that form a trusted base that enforces the security policy.
Be able to explain what a security perimeter is
A security perimeter is the imaginary boundary that separates the TCB from the rest of the system. TCB components communicate with non-TCB components using trusted paths.
Know what the reference monitor and the security kernel are
The reference monitor is the logical part of the TCB that confirms whether a subject has the right to use a resource prior to granting access. The security kernel is the collection of the TCB components that implement the functionality of the reference monitor.