Security Engineering Domain Flashcards

1
Q

The design, documentation, and management of the lowest layer of the OSI network model - the physical layer

A

Cable Plant Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

This model focuses on preventing conflict of interest when a given subject has access to objects with sensitive information associated with two competing parties

A

Brewer-Nash (The Chinese Wall) Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explores the rules that would have to be in place if a subject is granted a certain level of clearance and a particular mode of access

A

Bell-La Padula Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A mathematical function that is used in the encryption and decryption processes

A

Algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Involves randomly arranging the positions of key data areas of a program, including the base of the executable and the positions of the stack, heap and libraries in a process’s memory address space

A

Address Space Layout Randomization (ASLR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

One-way functions, that is, a process that is much simpler to go in one direction (forward) than go in the other direction (backward or reverse engineering)

A

Asymmetric Algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A two-dimensional table that allows for individual subjects and objects to be related to each other

A

Access Control Matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Involves the removal of characteristics from an entity in order to easily represent its essential properties

A

Abstraction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The process of exchanging one letter or byte for another

A

Subsitution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The science that deals with hidden, disguised, or encrypted communications. It embraces communications security and communications intelligence

A

Cryptology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The study of techniques for attempting to defeat cryptographic techniques and more generally, information security services

A

Cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Communications mechanisms hidden from the access control and standard monitoring systems of an information system

A

Covert Channels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Provides a set of generally accepted processes to assist in maximizing the benefits derived from using information technology (IT) and developing appropriate IT governance

A

Control Objects for Information and Related Technology (COBIT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns

A

Community Cloud Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g, networks, servers, sotrage, applications, and services) that can be rapidly provisioned and released with minimal management

A

Cloud Computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The altered form of a plaintect message so as to be unreadable for anyone except the intended recipient

A

Ciphertext or Cryptogram

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

An entity trusted by one of more users as an authority in a network that issues, revokes, and manages digital certificates

A

Certificate Authority (CA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A repository for information collected from a variety of data sources

A

Data Warehouse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Maintains activities at different security levels to separate these levels from each other

A

Data Hiding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The ability to deduce (infer) sensitive or restricted information from observing available information

A

Inference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The storage of programs or instructions in ROM

A

Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Focused on setting the long-term strategy for security services in the enterprise

A

Enterprise Security Architecture (ESA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Provide authentication of a sender and integrity of a sender’s message

A

Digital Signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A broad range of technologies that grant control and protection to content providers over their own digital media

A

Digital Rights Management (DRM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An electronic document that contains the name of an organization of individual, the business address, the digital signature of the certificate authority issuing the certificate, the certificate holder’s public key, a serial number, and the expiration date

A

Digital Certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Provided by mixing up the location of the plaintext throughout the ciphertext

A

Diffusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

The reverse process from encoding - converting the encoded message back into its plaintext format

A

Decoding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Accepts an input message of any length and generates, through a one-way operation, a fixed-length output

A

Hash Function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Used to provide computing services in a small form factor with limited processing power

A

Embedded Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Defines the organizational structure and skill requirements of an IT organization as well as the set of operational procedures and practices that direct IT operations and infrastructure, including information security operations

A

IT Infrastructure Library (ITIL)

31
Q

Used to control industrial processes such as manufacturing, product handling, production and distribution

A

Industrial Control Systems (ICS)

32
Q

The action of chaning a message into another format through the use of a code

A

Encoding

33
Q

A connectivity software that enables multiple processes running on one or more machines to interact

A

Middleware

34
Q

Combining non-sensitive data from separate sources to create sensitive information

A

Aggregation

35
Q

Smart networked systems with embedded sensors, processors, and actuators that are designed to sense and interact with the physical world and support real-time guaranteed performance in safety-critical applications

A

Cyber-Physical Systems (CPS)

36
Q

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter

A

Confusion

37
Q

Provides a structured methodology for documenting security requirements, documenting and validating security capabilities, and promoting international cooperation in the area of IT security

A

Common Criteria

38
Q

Provides a foundation upon which organizations can establish and review information technology security programs

A

“Generally Accepted Principles and Practices fo Securing Information Technology Systems” (NIST SP 800-14)

39
Q

A logical structure for identifying and organizing the descriptive representations (models) that are important in the management of enterprises and to the development of the systems, both automated and manual, that comprise them

A

Zachman Framework

40
Q

A small block of data that is generated using a secret key and then appended to the message

A

Message Authentication Code (MAC)

41
Q

When different encryption keys generate the same ciphertext from the same plaintext message

A

Key Clustering

42
Q

An interoperable authentication protocol based on the OAuth 2.0 family of specifications

A

OpenID Connect

43
Q

Divides the memory address space into equal-sized blocks called pages

A

Paging

44
Q

Divides physical memory up into blocks of a particular size, each of which has an associated numerical value called protection key

A

Protection Keying

45
Q

Holistic life cycle for developing security architecure that begins with assessing business requirements and subsequently creating a “chain of traceability” through the phases of strategy, concept, design, implementation, and metrics

A

Sherwood Applied Business Security Architecture (SABSA) Framework

46
Q

Dividing a computer’s memory into segments

A

Segmentation

47
Q

When a cryptosystem performs its enryption on a bit-by-bit basis

A

Stream-based Ciphers

48
Q

This represents the time and effort required to break a protective measure

A

Work Factor

49
Q

The process of reordering the plaintext to hide the message

A

Transposition

50
Q

An architecture content framework (ACF) to describe standard building blocks and components as well as numerous reference models

A

The Open Group Architecture Framwork (TOGAF)

51
Q

The core of an OS, and one of its main functions is to provide access to system resources, which includes the system’s hardware and processes

A

System Kernel

52
Q

A small representation of a larger message. Message digests are used to ensure the authentication and integrity of information, not the confidentiality

A

Message Digest

53
Q

This represents the total number of possible values of keys in a cryptographic algorithm or other security measure, such as a password

A

Key Space

54
Q

The size of a key, usually measured in bits or bytes, which a cryptographic algorithm used in ciphering or deciphering protected information

A

Key Length

55
Q

Operate with a single cryptographic key that is used for both enryption and decryption of the message

A

Symmetric Algorithms

56
Q

An XML-based standard used to exchange authentication and authorization information

A

Security Assertion Markup Language (SAML)

57
Q

Holds data not currently being used by the CPU and is used when data must be sotred for an extended period of time using high-capacity, nonvolatile storage

A

Secondary Storage

58
Q

An area or grouping within which a defined set of security policies and measures are applied to achieve a specific level of security

A

Security Zone of Control

59
Q

Attempt to take advantage of how a system handles multiple requests

A

State Attacks

60
Q

Describes the behavior of a system as it moves between one state and another, from one moment to another

A

State Machine Model

61
Q

The message in its natural format

A

Plaintext

62
Q

Provides the security architect with a framework of specifications to ensure the safe processing, storing, and transmission of cardholder information

A

Payment Card Industry Data Security Standard (PCI-DSS)

63
Q

Stores data that has a high probability of being requested by the CPU

A

Primary Storage

64
Q

In this model, the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers

A

Private Cloud

65
Q

A security model describes strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers they are in

A

Multilevel Lattice Models

66
Q

A service that ensures the sender cannot deny a message was sent and the integrity of the message is intact

A

Non-repudiation

67
Q

A non-profit organization focused on improving the security of software

A

OWASP

68
Q

A composition of two or more distinct cloud infrastructures (private, community or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability

A

Hybrid Cloud Infrastructure

69
Q

A non-secret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptography variance and to synchronize cryptographic equipment

A

Initialization Vector (IV)

70
Q

Provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic or government organization, or some combination of them. It exists on the premises of the cloud provider

A

Public Cloud Infrastructure

71
Q

This performs certificate registration services on behalf of a CA

A

Registration Authority

72
Q

Primarily concerned with how subjects and objects are created, how subjects are assigned rights or privileges, and how ownership of objects is managed

A

Graham-Denning

73
Q

Describes the essential characteristics of an organization’s security engineering process that must exist to ensure good security engineering

A

ISO/IEC 21827:2008, The Systems Security Engineering - Capability Maturity Model (SSE-CMM)