Section 7 - Supply Chain Assessment Flashcards
By conducting a supply chain assessment, you’re going to be able to understand what?
Where parts come from and if you can trust that end product
In order to create a trusted computing environment, you need to do what?
Ensure that the operation of every element, which includes the hardware, the firmware, the drivers, the OS, and the applications are consistent and tamper-resistant.
What is due diligence?
A legal principle that says the subject has used best practice or reasonable care when setting up, configuring, and maintaining a system.
What are important things to consider when doing a supply chain assessment?
- Properly resourced cybersecurity program
- Security assurance and risk management processes: do they have a valid organization and a way of doing due diligence within themselves?
- Product support life cycle: what is its end-of-life date? will it be around for five years when I have a problem and need a resolution?
- Security controls for confidential data: do they have the proper security controls in place to ensure your data remains confidential?
- Incident response and forensics assistance: when things go wrong, will they be there to help you?
- General and historical company information: do they have strong enough financials that they’re going to be in business next year?
The Department of Defense has low tolerance for hardware. So they created something known as…?
The Trusted Foundry
This is a microprocessor manufacturing utility that’s part of a validated supply chain, one where the hardware and software does not deviate from its documented function.
What is “hardware source authenticity”?
This is the process of ensuring the hardware is procured tamper-free from trustworthy suppliers.
What is ROT?
Root of Trust
A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics.
*** If you think about your TPM inside of your BIOS, that is a root of trust.
What is TPM?
Trusted Platform Module
A specification for hardware-based storage of digital certificates, keys, hash passwords, and other user and platform identification information.
*** For the test, remember that this is a part of your system that allows you to have the ability to ensure that when you’re booting up, it is done securely and we can take those reports and digitally sign them using the TPM.
What is a “hardware security module”?
This is an appliance for generating and storing cryptographic keys that is less specifiable to tampering and insider threats than using storage-based solutions.
What does it mean to “anti-tamper”?
Methods that make it difficult for an attacker to alter the authorized execution of software
What are the two main ways to provide anti-tampering to our electronics?
- FPGA
- PUF
They will zero out your cryptographic key which then can automatically wipe out the information on that system, making sure you know it’s been tampered with and therefore, nobody can get the information.
What is FPGA?
Field Programmable Gate Array
What is a PUF?
Physically Unclonable Function
A ___ ___ gives an attacker an opportunity to run any code at the highest level of CPU privilege.
firmware exploit
This is because if you’re at the firmware, like in the BIOS or the UEFI, you essentially have root access over the entire system.
*** This means that anti-malware will not find it because this happens before Windows is loaded.
What is UEFI?
Unified Extensible Firmware Interface
This is a type of system firmware providing support for 64-bit CPU operations at boot.
This also gives you a full GUI and mouse operations at boot and better boot security.