Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Security Models > Flashcards

Security Models Flashcards

1
Q

Confinement

A

Process confinement restricts the actions of a program. Process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Bounds

A

Each process that runs on a system is assigned an authority level. The authority level tells the operating system what the process can do. There may only be two authority levels: user and kernel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Isolation

A

When a process is confined through enforcing access bounds, that process runs in isolation. Process isolation ensures that that any behavior will affect only the memory and resources associated with the isolated process. Isolation is used to protect the operating environment, the kernel of the OS, and other independent applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Trusted System

A

A system in which all protection mechanisms work together to process sensitive data for many types of users while maintaining a stable and secure computing environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Assurance

A

Defined as a the degree of confidence in satisfaction of security needs. Assurance must continually be maintained, updated, and reverified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Trusted Computing Base

A

A combination of hardware, software, and controls that work together to form a trusted base to enforce your security policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

State Machine Model

A

A mathematical model that groups all possible system occurrences, called states. Every possible state of a system is evaluated, showing all possible interactions between subjects and objects. If every state is proven to be secure, the system is proven to be secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Information Flow Model

A

Describes how information may flow in a secure system.

Bell-LaPadula and Biba use the information flow model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Noninterference Model

A

Ensures that data at different security domains remain separate from one another.

Implementing this model assures that covert channel communication does not occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Take-Grant Model

A

Contains rules that govern the interaction between subjects and objects, and permissions subjects can grant to other subjects.

Rules include: take, grant, create and remove.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Access Control Matrix

A

A table that defines access permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Bell-LaPadula Model

A

Originally developed for the DoD.

Focused on maintaining the confidentiality of objects.

No read up, no write down.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Biba Model

A

Focused on maintaining integrity.

No read down, no write up.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Clark-Wilson Model

A

Protects integrity by requiring subjects to access objects via programs.

Uses two primary concepts to ensure that security is enforced: well-formed transactions and Separation of Duties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Goguen-Meseguer Model

A

Foundation of noninterference conceptual theories.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Sutherland Model

A

Focuses on preventing interference in support of integrity.

Based on the state machine model and the information flow model.

The model is based on the idea of defining a set system states, initial states, and state transitions.

17
Q

Graham-Denning Model

A

Focused on secure creation and deletion of both subjects and objects.

A collection of eight primary protection rules or actions that define the boundaries of certain secure actions:

  • Securely create an object
  • Securely create a subject
  • Securely delete an object
  • Securely delete a subject
  • Securely provide the read access right
  • Securely provide the grant access right
  • Securely provide the delete access right
  • Securely provide the transfer access right
18
Q

TSEC - Trusted Computer System Evaluation Criteria

A

Orange Book

Attempts to define differing levels of security and access control implementation within an IT system.

19
Q

TNI - Trusted Network Interpretation

A

Red Book

TCSEC for network systems.

20
Q

ITSEC

A

European TCSEC model.

21
Q

Abstraction

A

Hides unnecessary details from the user. Complexity is the enemy of security.

22
Q

Security Domains

A

The list of objects a user is allowed to access. More broadly defined, domains are groups of subjects and objects with similar security requirements.

23
Q

The Ring Model

A

Ring 0 – Kernel
Ring 1 – Other OS components that do not fit in ring 0
Ring 2 – Device Drivers
Ring 3 – User applications

CISSP (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions