Security Architecture Engineering (SAE)

Question 1

Accreditation

Answer 1

the managerial approval to operate a system based upon knowledge of risk to operate

Question 2

Alarm Station

Answer 2

A manually actuated device installed at a fixed location to transmit an alarm signal in response to an alarm condition.

Question 3

Annunciator

Answer 3

A device that signals a change of protection zone status in a security system.

Question 4

Architecture

Answer 4

high level design or model with a goal of consistency, integrity, and balance

Question 5

Bell-LaPadula

Answer 5

Security policy model with simple security property and *-property. The simple security property is no process may read data at a higher level. This is also known as no read up (NRU). The *-property: no process may write data to a lower level. This is also known as no write down (NWD).

Question 6

Biba

Answer 6

Security policy model that deals with integrity alone and ignores confidentiality. First rule integrity - preventing unauthorized users from making modifications. Simple integrity - No read down. Star integrity - No write up. Service commands - Tranquility.

Question 7

Blackout

Answer 7

prolonged loss of commercial power

Question 8

Bollard

Answer 8

vehicle stopping object

Question 9

Bolt

Answer 9

The part of a lock which, when actuated, is projected (or “thrown”) from the lock into a retaining member, such as a strike plate, to prevent a door or window from moving or opening.

Question 10

Bounds

Answer 10

a process consist of limits set on the memory addresses and resources it can access. The bounds state the area within which a process is confined or contained.

Question 11

Brewer-Nash

Answer 11

Created Chinese-Wall model to handle conflicts of interest. Law firm 1 works for Company A. Law firm 2 works for Company B. Law firm 1 and Law firm2 merges. Ensures paralegals on Law firm 1 only works on Company A and paralegals on Law firm 2 only works on Company B.

Question 12

Brownout

Answer 12

reduction of voltage by the utility company for a prolonged period of time

Question 13

Bumping

Answer 13

hitting a filed down key in a lock with a hammer to open without real key

Question 14

Capacitance

Answer 14

The property of two or more objects, which enables them to store electrical energy in an electric field between them. The basic measurement unit is the Farad.

Question 15

Card Access

Answer 15

A type of access control system that uses a card with a coded area or strip, on or inside the card, to actuate a lock or other access control device.

Question 16

Card Key

Answer 16

A card usually plastic, that contains encoded information to open a locking device.

Question 17

Central Processing Unit

Answer 17

the core of a computer that calculates

Question 18

Central Station

Answer 18

An organization or business established for the purpose of monitoring subscribers’ alarm systems from a centralized monitoring location rather than at the individual sites.

Question 19

Certification

Answer 19

the technical and risk assesment of a system within the context of the operating environment

Question 20

CICS

Answer 20

complex instructions. Many operations per instruction. Less number of fetches

Question 21

Clark and Wilson

Answer 21

Integrity security model. Three integrity goals: Preventing unauthorized users from making modifications, Preventing authorized users from making improper modifications, maintaining internal and external consistency. Defines well formed transactions, Separation of duties, Access Triple - subject-application-object.

Question 22

Classified Information

Answer 22

Official information that has been identified and marked as Top Secret, Secret, or Confidential in the interests of national security.~

Question 23

Closed Circuit Television (CCTV)

Answer 23

A television system, hard-wired, used for proprietary purposes and not for public or general broadcast.

Question 24

Combination Lock

Answer 24

A keyless lock which requires the turning of a numbered dial to a preset sequence of numbers for the lock to open.

Question 25

Common Criteria

Answer 25

the current internationally accepted set of standards and processes for information security products evaluation and assurance, which joins function and assurance requirements

Question 26

Confinement

Answer 26

to restrict the actions of a program. Simply put, process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing.

Question 27

Conflict of interest

Answer 27

one entity with two competing allegiances

Question 28

Covert Channel

Answer 28

an unintended communication path

Question 29

CPU Cache

Answer 29

dedicated fast memory located on the same board as the CPU

Question 30

Custodian

Answer 30

An individual who is designated the responsibility for maintaining, safeguarding and accounting for classified information.

Question 31

Data Execution Prevention

Answer 31

a system-level memory protection feature that is built into the OS, it prevents code from being run from data pages such as the default heap, stacks, and memory pools.

Question 32

Data hiding

Answer 32

a software design technique for abstraction of a process

Question 33

Data Mining

Answer 33

technique allow analysts to comb through data warehouses and look for potential correlated information.

Question 34

Data Warehousing

Answer 34

large databases, store large amounts of information from a variety of databases for use with specialized analysis techniques.

Question 35

Deadbolt Lock

Answer 35

A lock that uses strong metal components that cannot be easily forced.

Question 36

Dedicated Line

Answer 36

A power or transmission line with a single function, such as data transmission, or to a single source such as an outlet for a computer.

Question 37

Deterrent

Answer 37

Any physical or psychological device or method that discourages action.

Question 38

Doppler Effect

Answer 38

The change in the frequency of a light wave or sound wave, resulting from relative motion of the source and the receiver.

Question 39

Electromagnetic Interference (EMI)

Answer 39

high frequency noise

Question 40

Electromagnetic Lock

Answer 40

A door lock that uses an electrically actuated magnetic attraction to secure the door. Magnetic locks use no moving parts.

Question 41

Electrostatic Discharge

Answer 41

power surge

Question 42

Embedded

Answer 42

hardware or software that is part of a larger system

Question 43

Fault

Answer 43

momentary loss of power

Question 44

Fire Detection

Answer 44

Alerts personnel to the presence of a fire

Question 45

Fire Prevention

Answer 45

Reduces causes of fire

Question 46

Fire Suppression

Answer 46

to reduce fire

Question 47

Firmware

Answer 47

reprogrammable basic startup instructions

Question 48

Foil

Answer 48

An electrically conductive ribbon used for a sensing circuit.

Question 49

Framework

Answer 49

third party processes used to organize the implementation of an architecture

Question 50

Generator

Answer 50

fault tolerance for power

Question 51

Gong

Answer 51

Not model implementation, not answer

Question 52

Graham Denning

Answer 52

focused on relationship between subjects and objects. Need update, delete, modify. Integrity security model.

Question 53

Harrison-Russo-Ullman

Answer 53

More granular than Graham Denning. Access control with list and matrix. Integrity security model.

Question 54

Information Flow model

Answer 54

mediation of covert channels must be addressed

Question 55

Infrared Motion Detector

Answer 55

A passive, low power, area protection device that detects a change in ambient temperature within the coverage pattern caused by the movement of a body.

Question 56

Infrastructure

Answer 56

specific format of technical and physical controls that support the chosen framework and the architecture

Question 57

Inrush Current

Answer 57

initial surge of current

Question 58

Interference (noise)

Answer 58

natural occurrence in circuits that are in close proximity

Question 59

Intrusion Detection System

Answer 59

An alarm system comprised of intrusion sensors and alarm annunciation devices for the purpose of detecting intruders.

Question 60

ISO 27001

Answer 60

focused on the standardization and certification of an organization’s information security management system (ISMS), security governance, a standard; ISMS. Info security minimum systems

Question 61

ISO 27002

Answer 61

inspired from ISO 17799; a guideline which lists security control objectives and recommends a range of specific security controls; more granular than 27001. 14 areas

Question 62

ITSEC

Answer 62

the past internationally accepted set of standards and processes for information security products evaluation and assurance, which separates function and assurance requirements

Question 63

Jeuneman

Answer 63

Not model implementation, not answer

Question 64

Karger

Answer 64

Not model implementation, not answer

Question 65

Kernel

Answer 65

the core logic engine of an operating system which almost never changes

Question 66

Lattice

Answer 66

a one way, directed graph which indicates confidentiality or integrity flow

Question 67

Layering

Answer 67

a programming design concept which abstracts one set of functions from another in a serialized fashion

Question 68

Lee & Shockley

Answer 68

Not model implementation, not answer

Question 69

Lipner

Answer 69

Confidentiality and Integrity - use for VAX VMS and Windows

Question 70

MAC

Answer 70

Subjects are labelled as to their level of clearance. Objects are labelled as to their level of classification or sensitivity.

Question 71

Mantrap

Answer 71

a physical enclosure for verifying identity before entry to a facility SYN- double door system

Question 72

Masked/Interruptible

Answer 72

cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components

Question 73

Memory Addressing

Answer 73

When using memory resources, the processor must have some means of referring to various locations in memory. The solution to this problem is known as addressing

Question 74

Memory management

Answer 74

a program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives

Question 75

Microwave Sensor

Answer 75

An active intrusion sensor that detects the movement of a person or object through a pattern of microwave energy.

Question 76

Monolithic Operating System Architecture

Answer 76

All of the code working in kernel mode/system mode in an ad hoc and non-modularized OS

Question 77

Multi Threading

Answer 77

execute different parts of a program simultaneously

Question 78

Multi-Core

Answer 78

more than one CPU on a single board

Question 79

Multi-processing

Answer 79

to execute more than one instruction at an instant in time

Question 80

Multi-processor

Answer 80

more than one processor sharing same memory, also know as parallel systems

Question 81

Multi-programming

Answer 81

rapid switching back and forth between programs from the computer’s perspective and appearing to do more that one thing at a time from the user’s perspective

Question 82

Multi-state machine

Answer 82

can offer several security levels without risk of compromising the system’s integrity.

Question 83

Multi-tasking

Answer 83

more than one process in the middle of executing at a time

Question 84

Multiprocessing

Answer 84

more than one CPU is involved.

Question 85

Multitasking

Answer 85

execute more than one task at the same time

Question 86

Non-interference

Answer 86

subjects will not interact with each other’s objects

Question 87

Operating

Answer 87

state of computer, to be running a process

Question 88

Paging

Answer 88

divides memory address space into even size blocks called pages. To emulate that we have more RAM than we have.
SYSTEM KERNAL KNOWS THE LOCATION OF THE PAGE FILE

Question 89

Photoelectric Alarm

Answer 89

A kind of motion detector that uses a focused beam of light to detect an intruder.

Question 90

Picking

Answer 90

using small special tools all tumblers of the lock are aligned for opening a door

Question 91

Preemptive

Answer 91

a type of multitasking that allows for more even distribution of computing time among competing request

Question 92

Primary storage

Answer 92

memory - RAM

Question 93

Process isolation

Answer 93

a form of data hiding which protects running threads of execution from using each other’s memory

Question 94

Protection

Answer 94

memory management technique that allows two processes to run concurrently without interaction

Question 95

Protection Keying

Answer 95

Numerical values, Divides physical memory up into particular sized blocks, each of which has an associated numerical value called a protection key

Question 96

Race Condition

Answer 96

two or more processes require access to the same resource and must complete their tasks in the proper order for normal functions

Question 97

Radio Frequency Interference (RFI)

Answer 97

lower frequency noise

Question 98

Rainbow series

Answer 98

Red = trusted network, Orange = TCSEC evaluation
Brown = trusted facilities management dcsmmmTan = audit, Aqua = glossary.
Green = password management

Question 99

Reference Monitor

Answer 99

the hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.

Question 100

Relocation

Answer 100

memory management technique which allows data to be moved from one memory address to another

Question 101

Ring protection

Answer 101

implementation of operating system protection mechanism, where more sensitive built upon the layering concept

Question 102

RISC

Answer 102

reduced instructions. Simpler operations per instruction. More fetches.

Question 103

Running

Answer 103

a process state, to be executing a process on the CPU

Question 104

SaaS

Answer 104

Software-as-a-Service, is a derivative of PaaS. Provides on-demand online access to specific software applications or suites without the need for local installation. In many cases, there are few local hardware and OS limitations.

Question 105

SABSA

Answer 105

Sherwood Applied Business Security Architecture (SABSA) is an enterprise security architecture framework that is similar to the Zachman framework. It uses the six communication questions (What, Where, When, Why, Who, and How) that intersect with six layers (operational, component, physical, logical, conceptual, and contextual).

Question 106

Sag/Dip

Answer 106

short period of low voltage.

Question 107

Secondary storage

Answer 107

the hard drive

Question 108

Security Blueprint

Answer 108

a template for the designing the architecture

Question 109

Security domain

Answer 109

an administrative unit or a group of objects and subjects controlled by one reference monitor

Question 110

Security kernel

Answer 110

subset of operating systems components dedicated to protection mechanisms

Question 111

Segmentation

Answer 111

dividing a computer’s memory into segments.

Question 112

Sharing

Answer 112

memory management technique which allows subjects to use the same resource

Question 113

Single state machine

Answer 113

operates in the security environment at the highest level of classification of the information within the computer. In other words, all users on that system must have clearance to access the info on that system.

Question 114

Site accreditation

Answer 114

the applications and systems at a specific, self-contained location are evaluated.

Question 115

Stack Memory Segment

Answer 115

used by processors to communicate instructions and data to each other

Question 116

State machine model

Answer 116

abstract and mathematical in nature, defining all possible states, transitions and operations

Question 117

Stopped

Answer 117

a process state, to be either be unable to run waiting for an external event or terminated

Question 118

Supervisor mode

Answer 118

(monitor, system, privileged) a state for operating system tasks only

Question 119

Surge

Answer 119

sudden rise in voltage in the power supply.

Question 120

Surge Suppressor

Answer 120

to reduce sudden rises in current

Question 121

Surreptitious Entry

Answer 121

The unauthorized entry into a facility or security container in a manner in which evidence of such entry is not discernable under normal circumstances.

Question 122

Surveillance

Answer 122

high degree of visual control

Question 123

Sutherland

Answer 123

Not model implementation, not answer

Question 124

System accreditation

Answer 124

a major application or general support system is evaluated.

Question 125

TCSEC (Orange Book)

Answer 125

the past U.S. military accepted set of standards and processes for computer systems evaluation and assurance, which combines function and assurance requirements

Question 126

Territoriality

Answer 126

people protect their domain

Question 127

Threads

Answer 127

a unit of execution

Question 128

TNI (Red Book)

Answer 128

the past U.S. military accepted set of standards and processes for network evaluation and assurance, which combines function and assurance requirements

Question 129

TOCTTOU attack

Answer 129

race condition exploits, and communication disconnects are known as state attacks because they attack timing, data flow control, and transition between one system state to another.

Question 130

Top Guard

Answer 130

Anti-personnel device, usually of barbed or concertina wire, installed at the tops of fences and along roof edges.

Question 131

Transients

Answer 131

line noise that is superimposed on the supply circuit.

Question 132

Trusted Computing Base

Answer 132

all of the protection mechanism in a computer system

Question 133

Type accreditation

Answer 133

an application or system that is distributed to a number of different locations is evaluated.

Question 134

Ultrasonic Detector

Answer 134

A device that senses motion in a protected area by a Doppler shift in the transmitted ultrasonic energy.

Question 135

Uninterruptible Power Source UPS

Answer 135

to smooth out reductions or increases in power

Question 136

User mode

Answer 136

(problem or program state) the problems solving state, the opposite of supervisor mode

Question 137

Virtual Memory

Answer 137

memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive

Question 138

Virtual SAN

Answer 138

software-defined shared storage system is a virtual re-creation of a SAN on top of a virtualized network or an SDN.

Question 139

Wait

Answer 139

a process state, (blocked) needing input before continuing

Question 140

Zachman framework

Answer 140

Enterprise Architecture Framework
A two-dimensional model that intersects communication interrogatives (What, Why, Where, and so on) with various viewpoints (Planner, Owner, Designer, and so on). It is designed to help optimize communication between the various viewpoints during the creation of the security architecture.

Question 141

Zone

Answer 141

Large protected premises are divided into areas or zones, each having it own identification and/or annunciation.

Question 142

IPv6 features

Answer 142

Mobile
Quality of Service
Jumbograms
Next Header
IPsec as next header

Question 143

IPv6 Control
Limit unsanctioned paths

Answer 143

Threat
Vulnerable to eavesdropping and injection attacks -> v6 globally unique addresses ->
If VPN dropped, possible communication

Question 144

IPv6 Control
Limit addresses to a small range of a subnet and controlling assignment rate

Answer 144

NDP DoS attacks when a router is overwhelmed by address resolution requests

Question 145

IPv6 Control
Router advisement guard

Answer 145

Eavesdropping via spoofed router advertisements

Question 146

IPv6 Control
DHCPv6 - Shield filtering rules

Answer 146

Unauthorized ports and malicious packets for DHCP services

Question 147

IPv6 Control
PEPs configured to enforce recommended header order

Answer 147

Malformed packets: do not conform to the recommended header extension order or maximum number of extension header repetitions