Security Architecture and Design

Question 1

Linux/Unix File Permissions (3)

Answer 1

• Read (r)
• Write (w)
• Execute (x)

Question 2

NTFS Permissions (5)

Answer 2

• Read
• write
• Read & Execute
• Modify
• Full Control

Question 3

*nix Privileged Programs

Answer 3

• setuid (set User ID) : Makes an executable run with the premissions of the file’s owner and NOT the running user.
• setgid (set Group ID): programs run iwth the permissions of the file’s group.

Question 4

passwd

Answer 4

This *nix program runs as root allowing users to change their passwords.

Question 5

Define “Virtualization”

Answer 5

Virtulization adds a software layer between an OS and the underlying computer hardware. This allows mulitple “guest” operating systems to run simultaneously one one physical “how” computer

Question 6

Types of Virtualization (2)

Answer 6

• Transparent Virtualization (Full Virtualization) - Runs on stock OS (e.g. Windows, Ubuntu) as virtual guest. No changes to the OS are required.
• Paravirtualization - Requires changing the guest OS

Question 7

Hypervisor

Answer 7

Virtualization Security - controls access between virtual guests and host hardware.

• Type 1 hypervisor (bare metal) - is part of an OS that runs directly on host hardware.
• Type 2 hypervisor - runs as an application on a normal OS.

Question 8

VMEscape

Answer 8

The risk of virtualization escape - where an attacker exploits the host OS or a guest from aonther guest.

Many network-based security tools (e.g. NIDS) can be blinded by virtualization.

Question 9

Three common Cloud Service levels

Answer 9

• Infrastructure as a Service (IaaS)
• Platorm as a Service (Paas)
• Software as a Service (SaaS)

Question 10

Thin Client

Thin Client Applications

Answer 10

Thin clients are system which rely on central servers for OS, kernel, applications, etc. May be a diskless workstation

A Thin Client Application run a system with full OS but use a web browser as a universal client providing access to application downloaded from the thin client server. Typically use TCP port 80 (http) and 443 (https)

Question 11

TEMPEST

Answer 11

NSA standards for shielding electromagnetic emanations from computer equipment

Question 12

Buffer Overflow

Answer 12

These occur when a programmer fails to perform “bounds checking”. That is, if a given input excedes the prescribed length, then excess input may overwrite the memor buffer.

Question 13

TOCTOU/Race Conditions

Answer 13

Time of Check, Time of Use attacks. An attacker attempts to alter a condition AFTER it has been checked by the OS but BEFORE it is used.

Question 14

Backdoors

Answer 14

A shortcut in a system that allows a user to bypass security checks to log in. Attackers may install a backdoor after gaining access to a system.

A maintenance hook is a type of backdoor using by system designers and programmers during development.

Question 15

Malware

Answer 15

Malicious Code

A generic term for any type of software that attacks an application or system. Includes viruses, worms, trojans and logic bombs

Question 16

Computer Virus

Answer 16

Viruses require a carrier to infect a system. Often introduced via human contact.

Question 17

Worms

Answer 17

Malware that self-propagates. Typically cause damage in two ways.

• First, from the malware they deliver to a system
• Secondly, from the loss of network availability they cause from aggressive self-propagation

Question 18

Trojan

Answer 18

Malware that performs TWO functions

• One is begnin (the carrier program), such as a free computer game
• One is malicious - often launched from the begnin program

Question 19

Rootkits

Answer 19

Malware that replaces protions of the kernel and/or OS. A user-mode rootkit operates in ring 3 on most systems. commonly rooted binaries include the “ls” or “ps” commands. Also “dir” or “tasklist”

A kernel-mode rootkit replaces the kernel or loads malicious loadable kernel modules. Operates in ring 0.

Question 20

Packers

Answer 20

Provide runtime compression of executables. The original exe is compressed and a small executable decompresser is prepended.

Many types of malware use packers to evade signature-based malware detection.

Question 21

Logic Bomb

Answer 21

A malware program that is triggered when a specific condition is met. For example, a set number of transactions, a specific date and time, etc.

Question 22

Server-side Attack

Answer 22

Attacks launched directly from an attacker to a listening service. For example, the Conficker worm attacked TCP port 445.

Server-side attach exploit vulnerabilties in installed services.

Question 23

Client-side Attach

Answer 23

Attacks that occur when a user downloads malware. Client-side attacks initiate from the victim who downloads content from the attacker.

Question 24

Java

Answer 24

An object-oriented language. Platform independent, interpreted by the Javal Virtual Machine (JVM). Java applets run in a sandbox - which segregates the code from the OS.

Question 25

ActiveX

Answer 25

Applets, like JAVA. A Microsoft technology available only on Windows OS. Uses digital certificates instead of a sandbox to provide security.

Question 26

Polyinstantiation

Answer 26

Allows two different objects to have the same name (databases).

Question 27

Inference and Aggregation

Answer 27

Inference requires dedution. Based are “clues” a conclusion may be inferred.

Aggregation asks every questions and receives every answers. Phone directory example - performing every lookup and reverse lookup t aggregate the entire phonebook.

Question 28

Bell-LaPadual Model

Answer 28

Data protection model - focuses on maintaining the confidentiality of objects. Operates using two rules.

1. Simple Security Property - there is no READ UP.
2. *Security Property - There is no WRITE DOWN. SIPR system cannot send email to NIPR system.

Question 29

Biba Model

Answer 29

Business version of Bell-LaPadula. Focuses on integrity instead of confidentiality. Two simple rules:

1. Simple Integrity Axiom - No Read Down
2. *Integrity Axiom - No Write Up

Question 30

Clark-Wilson Model

Answer 30

Another integrity model. Uses two concepts to ensure security policy is enforced.

1. Well Formed Transactions
2. Separation of Duties

Question 31

Orange Book

Answer 31

National Computer Security Center (NIST) and NSA,

Trusted Computer System Evaluation Criteria (TCSC)

Provides defined computer security standards and definitions for systems. Classes A - C

• D: Minimal Protection
• C: Discretionary Protections (DAC)
• B: Mandatory Protection (MAC)
• A: Verified Protection

Question 32

Red Book

Answer 32

Trusted Network Intrepretations (TNI)

Security standards for networks.

Question 33

PCI-DSS

Answer 33

Payment Card Industry Data Security Standard

Security standards for payment cards

Core Principals:

• Build and maintains secure network
• Protect cardholder data
• Maintain a vulnerability management program
• Implement strong access control measures
• Regularly monitor and test networks
• Maintain an INFOSEC policy

Question 34

What type of memory is used often for CPU registers?

Question 35

Cloud Computing - Services

Answer 35

• Infrastructure as a Service (IaaS) - Hosted OS
• Platform as a Service (Paas) - Web service hosting
• Software as a Service (SaaS) - Webmail

Question 36

Layering

Answer 36

Secure Software Design Concept

Separates hardware and softward functionality into modular tiers.

• Hardware
• Kernel and device drivers
• OS
• Applications

Question 37

Abstraction

Answer 37

Secure System Design Concepts

Hides unnecessary details from the user. The users does not see the details of a “click” or action.

Question 38

The Ring Model

Answer 38

CPU hardware layering model

• Ring 0 - Kernel
• Ring 1 - OS components
• Ring 2 - Device drivers
• Ring 3 - User applications

Question 39

Multitasking & Multiprocessing

Answer 39

• Multitasking - Multiple tasks run simultaneously on ONE cpu
• Multithreading - Running multiple threads on ONE cpu
• Multiprocessing - Runing multiple processes on multiple cpu’s.