Security Engineering Domain Flashcards

1
Q

Abstraction

A

Involves the removal of characteristics from an entity in order to easily represent its essential properties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Control Matrix

A

A two-dimensional table that allows for individual subjects and objects to be related to each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Asymmetric Algorithms

A

One-way functions; that is; a process that is much simpler to go in one direction (forward) than to go in the other direction (backward or reverse engineering).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Address Space Layout Randomization (ASLR)

A

Involves randomly arranging the positions of key data areas of a program; including the base of the executable and the positions of the stack; heap; and libraries in a process’s memory address space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Aggregation

A

Combining non-sensitive data from separate sources to create sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Algorithm

A

A mathematical function that is used in the encryption and decryption processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bell–La Padula Model

A

Explores the rules that would have to be in place if a subject is granted a certain level of clearance and a particular mode of access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Brewer-Nash (The Chinese Wall) Model

A

This model focuses on preventing conflict of interest when a given subject has access to objects with sensitive information associated with two competing parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cable Plant Management

A

The design; documentation; and management of the lowest layer of the OSI network model – the physical layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Certificate Authority (CA)

A

An entity trusted by one or more users as an authority in a network that issues; revokes; and manages digital certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Ciphertext or Cryptogram

A

The altered form of a plaintext message; so as to be unreadable for anyone except the intended recipients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Cloud Computing

A

A model for enabling ubiquitous; convenient; on-demand network access to a shared pool of configurable computing resources (e.g.; networks; servers; storage; applications; and services) that can be rapidly provisioned and released with minimal management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Common Criteria

A

Provides a structured methodology for documenting security requirements; documenting and validating security capabilities; and promoting international cooperation in the area of IT security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Community Cloud Infrastructure

A

Provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Confusion

A

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round; it provides added complexity that the attacker would encounter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Control Objects for Information and Related Technology (COBIT)

A

Provides a set of generally accepted processes to assist in maximizing the benefits derived using information technology (IT) and developing appropriate IT governance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Covert Channels

A

Communications mechanisms hidden from the access control and standard monitoring systems of an information system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Cryptanalysis

A

The study of techniques for attempting to defeat cryptographic techniques and; more generally; information security services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Cryptology

A

The science that deals with hidden; disguised; or encrypted communications. It embraces communications security and communications intelligence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Cyber-Physical Systems (CPS)

A

Smart networked systems with embedded sensors; processors; and actuators that are designed to sense and interact with the physical world and support real-time; guaranteed performance in safety-critical applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Data Hiding

A

Maintains activities at different security levels to separate these levels from each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Data Warehouse

A

A repository for information collected from a variety of data sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Decoding

A

The reverse process from encoding – converting the encoded message back into its plaintext format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Diffusion

A

Provided by mixing up the location of the plaintext throughout the ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Digital Certificate

A

An electronic document that contains the name of an organization or individual; the business address; the digital signature of the certificate authority issuing the certificate; the certificate holder’s public key; a serial number; and the expiration date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Digital Rights Management (DRM)

A

A broad range of technologies that grant control and protection to content providers over their own digital media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Digital Signatures

A

Provide authentication of a sender and integrity of a sender’s message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Enterprise Security Architecture (ESA)

A

Focused on setting the long-term strategy for security services in the enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Firmware

A

The storage of programs or instructions in ROM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

“Generally Accepted Principles and Practices for Securing Information Technology Systems” (NIST SP 800-14)

A

Provides a foundation upon which organizations can establish and review information technology security programs.

31
Q

Graham-Denning

A

Primarily concerned with how subjects and objects are created; how subjects are assigned rights or privileges; and how ownership of objects is managed.

32
Q

Inference

A

The ability to deduce (infer) sensitive or restricted information from observing available information.

33
Q

ISO/IEC 21827:2008; The Systems Security Engineering – Capability Maturity Model (SSE-CMM)

A

Describes the essential characteristics of an organization’s security engineering process that must exist to ensure good security engineering.

34
Q

Hash Function

A

Accepts an input message of any length and generates; through a one-way operation; a fixed-length output.

35
Q

Industrial Control Systems (ICS)

A

Used to control industrial processes such as manufacturing; product handling; production; and distribution.

36
Q

IT Infrastructure Library (ITIL)

A

Defines the organizational structure and skill requirements of an IT organization as well as the set of operational procedures and practices that direct IT operations and infrastructure; including information security operations.

37
Q

Embedded Systems

A

Used to provide computing services in a small form factor with limited processing power.

38
Q

Encoding

A

The action of changing a message into another format through the use of a code.

39
Q

Hybrid Cloud Infrastructure

A

A composition of two or more distinct cloud infrastructures (private; community; or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.

40
Q

Initialization Vector (IV)

A

A non-secret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.

41
Q

Key Clustering

A

When different encryption keys generate the same ciphertext from the same plaintext message.

42
Q

Key Length

A

The size of a key; usually measured in bits or bytes; which a cryptographic algorithm used in ciphering or deciphering protected information.

43
Q

Key Space

A

This represents the total number of possible values of keys in a cryptographic algorithm or other security measure; such as a password.

44
Q

Message Authentication Code (MAC)

A

A small block of data that is generated using a secret key and then appended to the message.

45
Q

Message Digest

A

A small representation of a larger message. Message digests are used to ensure the authentication and integrity of information; not the confidentiality.

46
Q

Middleware

A

A connectivity software that enables multiple processes running on one or more machines to interact.

47
Q

Multilevel Lattice Models

A

A security model describes strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers they are in.

48
Q

Non-repudiation

A

A service that ensures the sender cannot deny a message was sent and the integrity of the message is intact.

49
Q

OpenID Connect

A

An interoperable authentication protocol based on the OAuth 2.0 family of specifications.

50
Q

OWASP

A

A nonprofit organization focused on improving the security of software.

51
Q

Paging

A

Divides the memory address space into equal-sized blocks called pages.

52
Q

Payment Card Industry Data Security Standard (PCI-DSS)

A

Provides the security architect with a framework of specifications to ensure the safe processing; storing; and transmission of cardholder information.

53
Q

Plaintext

A

The message in its natural format.

54
Q

Primary Storage

A

Stores data that has a high probability of being requested by the CPU.

55
Q

Private Cloud

A

In this model; the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers.

56
Q

Protection Keying

A

Divides physical memory up into blocks of a particular size; each of which has an associated numerical value called a protection key.

57
Q

Public Cloud Infrastructure

A

Provisioned for open use by the general public. It may be owned; managed; and operated by a business; academic; or government organization; or some combination of them. It exists on the premises of the cloud provider.

58
Q

Registration Authority (RA)

A

This performs certificate registration services on behalf of a CA.

59
Q

Secondary Storage

A

Holds data not currently being used by the CPU and is used when data must be stored for an extended period of time using high-capacity; nonvolatile storage.

60
Q

Security Assertion Markup Language (SAML)

A

An XML-based standard used to exchange authentication and authorization information.

61
Q

Security Zone of Control

A

An area or grouping within which a defined set of security policies and measures are applied to achieve a specific level of security.

62
Q

Segmentation

A

Dividing a computer’s memory into segments.

63
Q

Sherwood Applied Business Security Architecture (SABSA) Framework

A

Holistic life cycle for developing security architecture that begins with assessing business requirements and subsequently creating a “chain of traceability” through the phases of strategy; concept; design; implementation; and metrics.

64
Q

State Attacks

A

Attempt to take advantage of how a system handles multiple requests.

65
Q

State Machine Model

A

Describes the behavior of a system as it moves between one state and another; from one moment to another.

66
Q

Stream-based Ciphers

A

When a cryptosystem performs its encryption on a bit-by-bit basis.

67
Q

Symmetric Algorithms

A

Operate with a single cryptographic key that is used for both encryption and decryption of the message.

68
Q

Substitution

A

The process of exchanging one letter or byte for another.

69
Q

System Kernel

A

The core of an OS; and one of its main functions is to provide access to system resources; which includes the system’s hardware and processes.

70
Q

The Open Group Architecture Framework (TOGAF)

A

An architecture content framework (ACF) to describe standard building blocks and components as well as numerous reference models.

71
Q

Transposition

A

The process of reordering the plaintext to hide the message.

72
Q

Work Factor

A

This represents the time and effort required to break a protective measure.

73
Q

Zachman Framework

A

A logical structure for identifying and organizing the descriptive representations (models) that are important in the management of enterprises and to the development of the systems; both automated and manual; that comprise them.