Security Architecture & Design Flashcards

1
Q

Architecture

A

A high-level perspective of how business requirements are to be structures and aligned with technology and processes in a comprehensive and manageable way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Best practice

A

A well-recognized and accepted approach to designing, developing, managing/ monitoring, and enhancing processes: often codified into a standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cache

A

The very fast memory directly on the CPU chip body. It is not upgradeable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Central Processing Unit (CPU)

A

The heartbeat of a system. It controls primary processing, interaction with peripheral devices, organization of memory, and control over networking operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Closed systems

A

Proprietary interfaces. Many older systems used proprietary interfaces, and implementations were customized for a specific application’s environments. Interoperability was sacrificed to achieve uniqueness and obscurity, an illusion that security through obscurity works.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Confidentiality

A

Limiting information access and disclosure to authorized users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Dedicated systems

A

Single level of processing permitted. In military applications, this often means that the system was only used for a single purpose (i.e. firing a weapon) and only personnel holding the designated security clearance are granted access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Embedded systems

A

A single purpose computer built into a device and typically programmed to perform a dedicated function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Enterprise Security Architecture (ESA)

A

Includes all areas of security for an organization: leadership, strategy, organizational structure, planning, design, implementation, and operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Firmware

A

Software that is permanently (or semi-permanently) embedded in hardware and typically provides low-level services and/or control of hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Framework

A

A defined approach to the process used to achieve the goals of an architecture, based on policy, and reflecting the requirements and expectations of the various stakeholders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Infrastructure

A

The integrated building blocks that support the goals of the architecture.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Information-flow model

A

Tracks the movement of information from one object to another so that movement of sensitive data to an unprotected area will be identified. A covert channel is the release of information in violation of security policy. The Information-Flow Model specifically addresses the issue of covert channel analysis; no other model addresses this.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Information Security Architecture (ISA)

A

Another term from the ISO/IEC 27002. High-level description of how security requirements are structured.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Information Security Management System (ISMS)

A

Sets a standard for addressing security throughout the development, deployment, and implementation schedule.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Integrity

A

The trustworthiness of information resources.

17
Q

Lattice-based model

A

Hierarchical model defining access control priviledge levels. Each subject and object would be defined in a level of the lattice with a least upper boundary and greatest lower boundary.

18
Q

Mainframe

A

A large, highly fault-tolerant, multiuser computer engineered to run without interruption for long periods of time.

19
Q

Microcomputers

A

These may take many forms, such as free-standing towers, desktops, or blades.

20
Q

Minicomputer

A

Often seen as the little brother to a mainframe, but frequently still architected into a centralized model.

21
Q

Model

A

Outlines how security is to be implemented within the organization.

22
Q

Multilevel systems

A

Processing at two levels is permitted through some form of user authentication and authorization (i.e. user and administrator).

23
Q

Non-interference model

A

Is based upon rules to prevent processes (subjects) that are operating in different domains from affecting (interfering with) each other in violation of security policy.

24
Q

Open systems

A

Standards-based interfaces. Many of today’s systems use standard interfaces and support standardized protocols. Most of these are designed for client/ server environments.

25
Q

Primary storage

A

The memory directly accessible by the CPU and with the highest response speed.

26
Q

Protection Profile (PP)

A

A general set of security requirements and objectives for a category of products that meet similar customer needs for IT security.

27
Q

Registers

A

Very high-speed storage structures built into the CPU chip set and are often used to store timing and state information for the CPU to maintain control over processes.

28
Q

Security kernel

A

Consists of several components including software, firmware, and hardware. They represent all the security functionality of the operating system.

29
Q

Security Target (ST)

A

Contains the IT security objectives and requirements of a specific, identified TOE and defines the functional and assurance measures offered by that TOE to meet stated requirements.

30
Q

Servers

A

Provide storage and computing services for users who are connected to them. They are typically larger, more fault-tolerant computers, usually serving more than one user.

31
Q

Single-level systems

A

Like early generation PCs running DOS and early Windows OS, these systems place all users at the same privilege level and permit users to execute any instruction available.

32
Q

State-machine model

A

Is one that looks for a change in state. State is defined as the condition an entity is in at a point in time. A state machine- such as a stateful inspection firewall- looks for a change in state over time.

33
Q

Target of evaluation (TOE)

A

A set of software, firmware, and/or hardware to be evaluated, possibly accompanied by guidance.