Student Text Flashcards
What are the standard computer capabilities and characteristics?
- Speed
- Accuracy
- Diligence
- Versatility
What is the fastest possible speed for information transmission?
Speed of light
What is limited by the efficiency of the programmed algorithms being computer and system components?
Computer speed
What is a personal computer that may of may not be connected to a network?
Workstation
What are the different types of client workstations?
- Thin client
- Thick client
What is a software program or actual computer relying heavily on another computer to do most of its work?
Thin client
What operates on a network with client software or computer acting as an interface & the network doing all the processing work?
Thin client
What is a workstation computer in a client server configuration functioning independent of the server?
Thick client
What pulls some data from a central server and may run on its own without being connected to the server?
Thick client
What is a computer on a network managing shared resources for other systems on the network?
A server
What are some common types of servers?
- Application
- Catalog
- Database
- DHCP
- File
- Proxy
- Web
What is a computer system weakness that is open to exploitation?
Vulnerability
What is a possible danger that may take advantage of a vulnerability?
Threat
What is the likelihood that a threat will take advantage of a vulnerability?
Risk
What are some types of malicious code?
- Viruses
- Worms
- Logic bombs
- Spyware
- Adware
- Rootkits
- Botnets
What is code that spreads from one computer to another by attaching itself to other files?
A virus
What is code that spreads from one computer to another on its own but not by attaching itself to another file?
A worm
What is code that sits dormant on a target computer until it’s triggered by a specific event?
A logic bomb
What stealthily installs malicious software intended to track and report data from a target system?
Spyware
What is software that automatically displays or downloads advertisements?
Adware
What is code intended to take full of partial control of a system at low levels?
A rootkit
What is a collection of software robots run by a command & control (C2) program which in turn is controlled by a person?
A botnet
What are some common causes of vulnerabilities?
- Configuration/familiarity
- Implementation
- Design
What can a system or application misconfiguration cause?
A vulnerability
What can using well known software increase?
The probability of an attacker finding a vulnerability to exploit
What can lack of input validation cause?
A vulnerability
Is there a possibility that there are vulnerabilities that are inherent in protocols, applications, or architecture used in the design?
Yes
What are the primary threat categories?
- Unstructured threats
- Structured threats
- Internal threats
- External threats
What are unfocused attacks on one or more network systems often by individuals with limited skill?
An unstructured threat
What types of threats are focused by one or more individuals with high skills actively working to compromise a specific system?
A structured threat
What threats originate from individuals who have (or had) authorized access to the network?
Internal threats
What threats originate from individuals outside the organization?
External threats
What are common vulnerability sources?
- Common Vulnerability and Exposure (CVE)
- US National Vulnerability Database (NVD)
- Exploit Database (DB)
What was developed by MITRE in 1999 and has a list of vulnerability entries?
Common Vulnerability Sources (CVE)
What contains an ID number, description, and at least one public reference?
A Common Vulnerability Source (CVE) entry
What was launched by the US National Vulnerability Database (NVD) in 2005?
The US National Vulnerability Database (NVD)
What is a vulnerability database built upon & fully synchronized with the CVE list?
The US National Vulnerability Database (NVD)
What provides a Common Vulnerability Scoring System (CVSS)?
The US National Vulnerability Database (NVD)
What is maintained by Offensive Security and is an archive of exploits, shell code, & security papers?
Exploit Database (DB)
What is on the motherboard and controls the number of tasks the computer may accomplish at once and how quickly it can complete those tasks?
The Central Processing Unit (CPU)
What is on the motherboard and is the circuitry responsible for managing specific hardware components?
Chipsets
What is on the motherboard and is a small chip the CPU relies on to synchronize & control timing on all computer operations?
The system clock
What is on the motherboard and is a small plastic slot used to install various devices?
Expansion slots
What is on the motherboard, translates processor requests into instructions the component can understand and executes Power-On-Self-Test (POST)?
The BIOS
What is on the motherboard, contains the computer’s inventory list & advanced setup options, and stores data read by the BIOS?
The CMOS
What are the two types of memory?
RAM (Random Access Memory) and ROM (Read Only Memory)
What is a memory chip on a computer responsible for storing temporary data and is volatile in nature?
RAM
What is a chip with read-only data that are essential instructions when the system is turned on and is non-volatile in nature?
ROM
What stores changing digital data in a relatively permanent form with the most popular being SCSI, SAS, and SATA?
Hard drives
What are the two basic distributed system architectures?
- Client-server model (centralized environment)
- Peer-to-peer model (decentralized environment)
What is an architecture where smart clients contact the server for data then format and displays it to the user?
The client-server model
What is an architecture where there are no special machines that provide a server or manage the network resources and every node can serve as both client and server?
The peer-to-peer model
What are the security basics?
- The CIA triad
- Enforce system policies & procedures
- The four A’s
- System hardening
- Vulnerability management
- Due care, due diligence, & due process
- Operations continuity & disaster recovery plans
What is the CIA Triad?
Confidentiality, Integrity, and Availability
What does a policy statement do?
Outlines a plan for the user security component
What measures the level of adherence to the security policy?
Standards
What are recommendations or best practices for how to meet the policy standard?
Guidelines
What are step-by-step instructions that detail how to implement components of the policy?
Procedures
What are the four A’s?
Authentication, authorization, access control, auditing/accounting
What is the process of uniquely ID’ing a particular individual or entity?
Authentication
What is the process of determining what rights & privileges a particular entity has?
Authorization
What is the process of determining & assigning privileges to resources, objects, or data?
Access Control
What is the process of tracking & recording system activities & resource access?
Auditing/accounting
What is system hardening?
Eliminate as many security risks as possible
What are some examples of system hardening?
- Disabling unnecessary services
- Protecting management interfaces & applications
- Disabling unnecessary accounts
- Password protection
What is an ongoing comprehensive process or program that aims at managing an organization’s vulnerabilities in a holistic & continuous manner?
Vulnerability management
What are some types of vulnerability management?
- Asset management
- Software management
- Vulnerability assessment
- Patch management
- Change management
What is a policy describing how individuals should use & maintain organization issued hardware & software and includes both using the equipment safely & using it in an approved manner?
Due Care
What is investing & researching all issues & options relating to a particular subject, ensuring security policies & practices are effective, and ensuring no violations in laws, statutes, or individual human rights?
Due diligence
The organization does not assume an individual is guilty?
Due process
What defines how an organization will maintain normal day-to-day Ops during a disruption or crisis?
Operations continuity plan
What defines how people & resources will be protected in case of a natural or man-made disaster?
Disaster recovery plan
What are the capabilities & benefits of websites?
- Reduces communication costs
- Enhances communication & coordination
- Accelerates the distribution of knowledge
- Improves the customer service & customer satisfaction
What are some capabilities & benefits of databases?
- Data sharing is improved in the organization
- Improvement in data security
- Effective data integration
- DBMS minimizes data inconsistency
- Better access to data
- Increase in productivity of the end user
- Quick decision making
What are the 10 most critical security risks?
- Injection
- Broken authentication
- Sensitive data exposure
- XML External Entities (XXE)
- Broken access control
- Security misconfiguration
- Cross-site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient logging & monitoring
What is it called when untrusted data is sent to an interpreter as part of a command or query and tricks it into accessing data without proper authorization?
Injection
What is it called when issues with application functions related to authentication & session management allow someone to assume another users’ identity temporarily or permanently?
Broken authentication
What is it called when lack of encryption for data at rest or in transit leads to the release of PII, healthcare, etc?
Sensitive data exposure
What is it called when someone fails to enforce authenticated user restrictions?
Broken access control
What allows someone to exploit unpatched flaws or default configurations?
Security misconfigurations
What is it called when theirs insufficient input validation and attackers are able to add malicious content to a website & content executed on other victim’s browser?
Cross-Site Scripting (XSS)
What is it called when existing data structures are used but content is changed?
Insecure deserialization
When you use preconfigured client/server-side components but you don’t understand the component patch state what are you possibly doing?
Using components with known vulnerabilities
When you are not validating logging & monitoring capabilities what are you setting yourself up for?
Insufficient logging and monitoring
What are the various website components?
- Web page
- Web content
- Websites
- Web browser
- Web applications
- Browser engine
What is a computer file that is suitable for the World Wide Web & a web browser?
Web page
What are the two types of web pages?
Static and dynamic
What is a flat/stationary web page called?
Static web pages
What web page is controlled by application server processing server-side scripts and client web browser processing client-side scripts?
Dynamic web pages
What is the textual, visual or aural content that is encountered as part of the user experience on a website?
Web content
What is a collection of related web pages ID’d by a common domain name, published on at least one web server and accessible by IP networks or private LAN by URL?
Websites
What is an application for accessing information on WWW by retrieving web page & content by distinct URLs onto the user’s device?
Web browser
What is a client-server program which the client runs in a web browser?
Web application
What is the core software component of every major web browser?
Browser engine
What are some common database terms?
- Data
- Database
- Database system (Schema)
- Database Management System (DBMS)
What are recorded facts & figures called?
Data
What is a collection of meaningful information organized for searching & retrieving that information?
Database
What is the logical layout for the database?
Database system (Schema)
What is a set of programs & utilities executed on a computer to create, process, & administer a database?
Database management system (DBMS)
What are the four major components?
Data, hardware, users, software
What is known facts recorded & implicit meaning?
Data
What are data characteristics?
Persistent, integrated, shared
What is computing equipment needed to use & maintain the database?
Hardware
What are individuals manipulating or maintaining aspects of the database?
Users
What are the four broad classes of users?
- End-user
- Database designers
- Database administrators (DBA)
- Applications programmers
What are the DBMS key components?
- Data dictionary
- Data security
- Performance management
- Data recovery
- Data integrity
- Data interface
What are the four web language types?
- Markup languages
- Style sheets
- Client-side scripting languages
- Server-side scripting languages
What is a modern system for annotating a document in a way syntactically distinguishable from text?
Markup languages
What are the general categories of markup languages?
- Presentational
- Procedural
- Descriptive
What are the most common markup languages?
- HyperText Markup Language (HTML)
- Extensible HyperText Markup Language (XHTML)
- Extensible Markup Language (XML)
What is a form of separation of presentation & content for web design?
Style sheets
What are some examples of style sheets?
- Cascading Style Sheets (CSS)
- Extensible Stylesheet Language (XSLT)
What is a class of computer programs on the web executed client-side instead of server-side (on the Web Server)?
Client-side scripting languages
What is executed by the web server when the user requests a document?
Server-side scripting languages
What are embedded in server-side scripts to retrieve data from databases?
Database Management System Languages
What are the two major categories of database design?
Flat file databases and relational databases
What consists of only one large table, records no structured relationships, and has tables found in Microsoft Excel & Apple Numbers?
Flat file databases
What consists of numerous tables containing rows & columns of data where tables are associated with each other through shared data values?
Relational databases
What is a characteristic or property of the entity that will be stored?
Attribute (Column Name)
What refers to storing information about an object?
Entity (Table Name)
What are the top ten proactive controls?
- Define security requirements
- Leverage security frameworks and libraries
- Secure database access
- Encode and escape data
- Validate all inputs
- Implement digital identity
- Enforce access controls
- Protect data everywhere
- Implement security logging and monitoring
- Handle all errors and exceptions
What is derived from industry standards, applicable laws, & vulnerability history?
Security requirements
What is guarding against security-related design & implementation flaws?
Leveraging security frameworks and libraries
What is securing data stores including queries, configuration, authentication, & communication?
Securing database access
What are defensive techniques meant to stop injection attacks?
Encode and escape data
What is a programming technique that ensures only properly formatted data may enter a software system component?
Input validation
What is a name for using authentication and session management?
Implementing digital identity
What is a name for granting or denying specific requests from a user, program or process?
Enforcing access controls
What is another name for protecting sensitive data?
Protect data everywhere
What are the two parts of security logging?
Log and monitor the logs
What is a name for allowing an application to respond to errors correctly?
Handle all errors and exception
What are the six AF cyber weapon systems?
- Cyber Command & Control Mission System (C3MS)
- AF Cyber Security and Control System (CSCS)
- AF Intranet Control (AFINC)
- AF Cyberspace Defense (ACD)
- Cyberspace Defense Analysis
- Cyberspace Vulnerability Assessment/Hunter (CVA/H)
What provides 24/7/365 awareness, management, & control of the AF domain?
Cyber Command & Control Mission System (C2MS)
What provides 24/7/365 NetOps & management functions enabling enterprise services within AF unclassified & classified networks?
AF Cyber Security and Control System (CSCS)
What manages top-level boundary & entry point into the AFIN and controls flow of all external & inter-base traffic through 16 gateways?
AF Intranet Control (AFINC)
What prevents, detects, responds to, & provides forensics of intrusions intro unclassified & classified AF networks?
Af Cyberspace Defense (ACD)
What executes vulnerability, compliance, pen-testing & Hunter missions on AF & DoD networks & systems and performs defensive sorties world-wide via remote or on-site access?
Cyberspace Vulnerability Assessment/Hunter (CVA/H)
What characterizes and then eliminates threats for the purpose of mission assurance?
Hunter ops
What are the delivery vector categories?
- Reconnaissance
- Authorized User
- Social Engineering
- Configuration Management
- Software Flaw
- Transitive Trust
- Resource Exhaustion
- Physical Access
- Other
- Unknown
What are the sub categories of delivery vector category 1?
A. Information gathering & data mining
B. Network scan
C. System scan
What are the sub categories of delivery vector category 2?
A. Purposeful
B. Accidental
What are the sub categories of delivery vector category 3?
A. E-mail
B. Website
C. Other
What are the sub categories of delivery vector category 4?
A. Network
B. OS
C. App
What are the sub categories of delivery vector category 5?
A. Exploited new vulnerability
B. Exploited known vulnerability
What are the sub categories of delivery vector category 6?
A. Other IS compromise
B. Masquerading
What are the sub categories of delivery vector category 7?
A. Non-distributed network activity
B. Distributed network activity
What are the sub categories of delivery vector category 8?
A. Mishandled or lost resource
B. Local access to system
C. Abuse of resources
What are the sub categories of delivery vector category 9?
A. New delivery vector
What are the sub categories of delivery vector category 10?
A. Unable to determine
What provides operational level C2 & situational awareness of AF cyberspace forces, networks & mission systems?
Cyber Command & Control Mission System (C3MS)
What are the major sub-components of C3MS?
- Situational Awareness (SA)
- Intelligence, Surveillance & Reconnaissance (ISR)
- Planning
- Execution
- Integration
What provides 24/7/365 network ops & management functions by enabling key enterprise services within AF unclassified & classified networks and supports DCO within those networks?
Cyberspace Security and Control System (CSCS)
What are the major subcomponents of CSCS?
- DoDIN Ops & Management
- Enterprise Services
What consists of two Integrated Management Suites (IMS)?
AF Intranet Control
What are the sub discipline areas of AFINC?
- Defense in depth
- Situational awareness
- Proactive defense
- Network standardization
What are the sub-discipline areas of ACF?
- Incident prevention
- Incident detection
- Incident response
- Computer forensics
What are the sub-discipline areas of CDA?
- Telephony
- Radio frequency
- Internet based capabilities
- Cyberspace op risk assessment
- Web risk assessment
What are the sub components of CVA/H?
- Mobile Interceptor Platform (MIP)
- Deployable Interceptor Platform (DIP)
- Garrison Interceptor Platform (GIP)
- Information Ops Platform (IOP) Flyaway Kit
What is a collection of computing environments (includes personnel & physical security) connected by one or more internal networks under the control of a single authority?
Enclave
What is the name for the AF network used to change unclassified information and provides users access to the Internet, email, file storage, etc?
NIPRNet
What is the largest private network in the world, is comprised of routers and nodes owned by the US DoD, and is part of the Defense Information System Network (DISN)?
NIRPNet
What is the name of the private US IP network used to exchange secret information and provides access to the DoDs classified intranet services?
SIPRNet
What is comprised of routers and nodes owned by the US DoD but is also used by the US Department of State?
SIPRNet
What are the DCO Tactical Mission Types?
- Surveillance
- Reconnaissance
- Access
- Strike
- Escort
- Strike Coordination and Reconnaissance (SCAR)
-Secure - Threat emulation
What mission type has the object of collecting relevant data & information in/on the AO?
Surveillance
What are some tasks that could be part of a surveillance mission?
- Collect/monitor network infrastructure status, changes, trends & events
- Collect/monitor network user characteristics & trends
- Collect/monitor data from individual system(s)
What mission type has the objective of collecting relevant data & information on threats within the AO?
Reconnaissance
What are some tasks that could be part of a reconnaissance mission?
- Find & track specified enemies, adversaries, & threats in the cyber
terrain - Understand & characterize specified enemies, adversaries, & threats in the assigned AO
What mission type has the objective of providing sufficient access for support cyber forces?
Access
What are some tasks that could be part of an access mission?
- Configuring firewall rules and/or policies
- Routing configuration changes
- Provisioning/configuring accounts
- Configuring permission(s)
What mission type has the object of damaging or destroying an objective or a capability?
Strike
What are some tasks that could be part of a strike mission?
- Destroying resident adversary/malicious code or other artifacts in
assigned AO - Quarantining malicious code and/or preventing code execution
- Manipulating, denying, degrading, or disrupting adversary network traffic
What mission type has an objective of providing defensive support to cyber weapon systems or mission partners conducting primary missions in the AO?
Escort
What are some tasks that could be part of an escort mission?
- Deploying countermeasures
- Ensuring all required forces have the necessary level of access to assigned AO during the mission vulnerability window
What mission type has an objective of conducting strike coordination and reconnaissance in response to adversary activity within the AO?
SCAR
What are some tasks that could be part of a SCAR mission?
- Patrolling the AO, or a portion of the AO
- Conduct or support strike and/or follow-on Intelligence Preparation of the Environment (IPOE) missions
What mission type has an objective of enhancing the defenses of the assigned AO in response to active threats?
Secure
What are some tasks that could be part of a secure mission?
- Enhancing the defenses of cyber key terrain
- Reconfiguring network appliances to a more secure configuration in response to active threats
What mission type has an objective of replicating realistic TTPs of specific cyber threats to evaluate cyber defenses?
Threat emulation
What are some tasks that could be part of a threat emulation mission?
- Emulate known adversary TTP
- Identify unmitigated vulnerabilities
- Assesses defensive posture and processes
What units operate the CDA?
- 68th Network Warfare Sq out of JBSA, TX
- 860th Network Warfare Flt out of Offutt AFB, NE
What units operate the ACD?
33rd Network Warfare Sq out of JBSA, TX
What units operate the AFINC?
26th Network Ops Sq out of Gunter Annex, AL
What units operate the CSCS?
- 83rd Network Ops Sq out of JBLE, VA
- 561st Network Ops Sq out of Peterson AFB, CO
- 690 Cyberspace Ops Sq out of JBPHH, HI
- 691st Cyberspace Ops Sq out of Ramstein Air Base, Germany
What units operate C3MS?
616th Ops Center out of JBSA, TX
What is a worldwide collection of interconnected public telephone networks that are circuit switched to allow users to make landline calls?
Public Switch Telephone Networks (PSTN)
What are able to deliver voice communications & multimedia over the internet and are packet-switched networks allowing users to make calls?
Voice over Internet Protocol (VoIP)
What is world wide non-secure voice, secure voice, data, facsimile, & video teleconferencing services for DoD C2 elements and assures non-blocking services for users with flash & flash override precedence capabilities?
Defense Switched Network (DSN)
What are communication networks with last link being wireless and able to connect to PSTN & Internet?
Cellular Networks
What are some vulnerabilities of Public Switched Telephone Networks (PSTN)?
- Phreaking
- War dialing
- Dialup modems
What are some vulnerabilities of Voice over Internet Protocol (VoIP)?
- Registration hijacking
- Session initiation protocol attack vectors
What are some vulnerabilities of cellular networks?
- Tower hijacking
- Generic computer exploits
What is reverse engineering the system tones used to route long-distance calls for free calls?
Phreaking
What is a technique to automatically scan a list of telephone number to search for modems?
War dialing
What is an overlooked “backdoor” through a
PSTN into another IT network used by admins to remote into Control System equipment?
Dialup modems
What is rogue device which registers as the registration server by impersonating a valid user?
Registration server hijacking
What are Session Initiation Protocol (SIP) attack vectors?
- Enumeration
- Fuzzing
- Man-in-the-Middle
What is enumeration?
Means to ID SIP systems
What is a type of DoS attack used to send malformed data packets to crash the SIP system?
Fuzzing
What is it called when an attacked intercepts SIP call-signaling traffic, masquerades as the calling & the called parties, and hijacks calls via redirection server?
Man-in-the-middle
What is it called when an attacker ID’s bug in base transceiver station software services, exploits vulnerabilities and takes over the tower transceiver
Tower Hijacking
What is it called when incorrect system permission settings grant great access to other areas in the device or there are exposed internal communication protocols that pass messages internally within the device to itself or to other apps?
Mobile device software?
What connects to multiple class 4 and 5 offices and a class 1 (regional center) office?
Class 4 (toll office)
What connects to class 4 and 5 offices and is the only office that connects to individual or business subscribers?
Class 5 (end office)
What is the physical connection between a carrier’s class 5 and the subscribers’ premises?
Local loop (“Last Mile”)
What is the telephone exchange, typically owned by the customer, where calls are made at no cost?
Private Branch Exchange (PBX)
What uses VoIP technologies allowing telephone calls to be made over an IP network?
IP phone/softphone (Skype)
What is the entity that receives registrations from a UAC (User Client Access/User Agent Client) and extracts info about current location and stores it?
Registration server
What forwards requests on behalf of the endpoint by consulting the register and handles the Session Initiation Protocol (SIP) requests of the user agent?
Proxy Server
What accepts a request, maps the address of the called party or more addresses & returns to the client but does not pass the request on to other servers?
Redirect server
What provides consolidated services and sets up & monitors calls, maintains the dial plan, and performs phone number translations?
Call manager
What is the interfacing IP network based voice communications w/ traditional circuit-switched networks?
Media gateway
What routes calls to other nodal switches and is a multifunction switch?
DSN backbone switches
What is the name for switches at bases, posts, camps & stations?
Installation switches
What is the primary switch for long distance services for either an installation or group of installations in a geographic area?
End Office (EO)
What switch serves as the primary switch, is used at smaller DoD installations and will not service installation with critical missions?
Small End Office (SMEO)
What are switches with Multilevel Precendences & Preemption (MLPP) capabilities?
Private Base Exchange 1 (PBX-1)
Which type of Private Branch Exchange does not have MLPP capabilities?
PBX-2
What has a switching capability that is connected to a host as a remote and is dependent on the host switch for software control?
Remote Switch Unit (RSU)
What is considered the “Radio Tower” with “RF”?
Base Transceiver Station (BTS)
What controls one or more BTS (“Radio Towers”) and can be thought of as a cell?
Base Station Controller (BSC)
What acts like a PTSN Local Loop for cellular networks and combines the BTS & BSC?
Base Station System (BSS)
What is considered the PTSN Central Office but for cellular networks and each carrier in each city runs one office?
Mobile Telephone Switching Office (MTSO)
What represents an area within which a diverted Regional Bell Operating Company (RBOC) is permitted to offer exchange telecommunications & exchange access services?
Local Access & Transport (LATA)
What is a system used to direct telephone calls to a particular region and provides a telephone numbering scheme?
North American Numbering Plan (NANP)
What is used for call set up (INVITE) & terminate/call transfer (BYE), uses two types of messages (requests & responses), leverages port 5060, and is similar to the TCP three-way handshake except with more steps?
SIP
What is a media protocol that describes the packet format for the actual data?
Realtime Transport Protocol (RTP)
What is the workload standard for cellular networks and uses subscriber Id module (SIM) cards for different service providers in different countries?
Global System for Mobile Communication (GSM)
What is an American standard which assigns each call a certain portion of time on a designated frequency?
Time Division Multiplexing (TDMA)
Which is an American standard which gives a unique code to each call and spreads it over the available frequencies?
Code Division Multiple Access (CDMA)
What are the different network data technologies?
- 1G
- 2G
- 3G
- 4G
- 5G
What are the different types of Public Switched Telephone Networks (PSTN) security?
- Physical security
- Network security
What are the different types of Voice over Internet Protocol (VoIP) security?
- Physical security
- Layer-2 network segregation
- Layer-3 address segregation
What are the different methods to encrypt VoIP?
- Voice over Secure IP (VoSIP)
- Secure VoIP (SVoIP)
- Secure Voice over Secure IP (SVoSIP)
What are the different types of cellular network security?
- Physical security
- Mobile device
- Patch Management
- Treat it like a computer
- Encryption
- Two-factor Authentication
What is a general term that encompasses several types of control systems?
Industrial Control System (ICS)
What is a computerized system that is capable of gathering & processing data & applying operational controls over long distances?
Supervisory Control & Data Acquisition (SCADA)
What is it called when control is achieved by intelligence that is distributed about the process to be controlled?
Distributed Control System (DCS)
What are the ICS industrial sectors?
Manufacturing and distribution industries
What are the different ways the manufacturing industry can be divided?
Process based and discrete based
What are the different ways a process based industry can be divided?
A continuous manufacturing process or a batch manufacturing process
What is run continuously, often w/ transitions for different grades of a product?
A continuous manufacturing process
What manufacturing process is divided into distinct processing steps?
A batch manufacturing process
What process is a series of steps on a single device to create an end product?
Discrete based
What is used to control geographically dispersed assets?
A distribution industry
What is similar between manufacturing and distribution systems?
Control systems
What systems are usually located within a confined area?
Manufacturing systems
What systems are spread over large areas?
Distribution systems
What are multiple, independent systems combined to form larger more complex systems called?
System of systems
What are some features of critical infrastructure?
- System of systems
- Interconnected and mutually dependent in complex ways
What uses sensors, actuators, and controllers to manipulate some controlled process?
Control loops
How does the control loop process work?
- Sensors measure a physical property and sends info to controllers
- Controllers interprets the signals and generates corresponding variables based on algorithms and target set points
Actuators (e.g. valves, switches, and motors) directly manipulate the controlled process based on commands sent by the controller
What is used by operators/engineers to monitor & configure elements of the controllers & actuators and displays process status information & historical information?
Human-machine Interface (HMI)
What are used to prevent, identify, & recover from abnormal operation or failures?
Remote diagnostics
What are the different design considerations?
- Control Timing Requirements
- Geographic Distribution
‐ Hierarchy
‐ Control Complexity
‐ Availability
‐ Impact of Failures
‐ Safety
What has a wide range of requirements, humans might not be reliable or consistent enough, and systems might require computation to take place as close to the sensor as possible?
Control timing requirements
What has varying degrees of distribution?
Geographic distribution
What allows human operators to have a comprehensive view?
Hierarchy
What drives some systems to require more than just controllers and preset algorithms?
Control complexity
What requires more redundancy?
Systems with high availability requirements and high impact of failure
What are some safety considerations?
- Systems need ability to detect unsafe conditions
- Take actions to reduce those conditions
- Human oversight in safety critical operations
What is used to control dispersed assets where centralized data acquisition is as important as control, is designed to collect field information, transfer it to a central computer facility & display the information to the operator so they can monitor or control an entire system?
Supervisory Control and Data Acquisition (SCADA)
What is the typical hardware in a SCADA system?
- Control center
- Communications equipment
- Remote terminal units (RTUs)
- Programmable Logic Controllers (PLC)
What is used to control production systems within the same geographic region and is usually process control or discrete part control systems?
Distributed Control Systems (DCS)
What is implemented as the primary controller in smaller control system configurations to provide operational control of a discrete process and generally lacks a central control server & HMI?
Programmable Logic Controller (PLC)
What controls the physical world?
ICS systems
What manages data?
IT systems
What are the similarities and differences between ICS systems and IT systems?
- Different risks & priorities
- Risk to health & safety, damage to environment, financial loss
‐ Different performance & reliability requirements
‐ May use OSs & Apps that may be considered unconventional in a typical IT network
- Risk to health & safety, damage to environment, financial loss
What are some different components of Security Architecture?
‐ Network Segmentation & Segregation
‐ BoundaryProtection
‐ Firewalls
‐ Logically Separated Control Network
‐ NetworkSegregation
‐ Recommended Defense-in-Depth Architecture
‐ General Firewall Policies for ICS
‐ Recommended Firewall Rules
‐ Specific ICS Firewall Issues
What is one of the most effective architectural concepts to protect ICS?
Network segmentation & segregation
What are the different methods for network segmentation & segregation?
- Logical network separation (VLANs, VPNs, unidirectional gateways)
- Physical network separation
- Network traffic filtering (IP/route based, restrict based on function, port/protocol filtering, application filtering)
What are key to enforcement of security policies, can be used to isolate ICS & enterprise components, and includes gateways, routers, firewalls, IDS, etc?
Boundary protection
What controls flow of traffic between networks employing differing security postures and is most often deployed between ICS and enterprise networks?
Firewalls
What are some special considerations with firewalls?
- Possible addition of delay to control system communications
- Lack of experience in the design of rule sets suitable for ICS
At a minimum how should ICS be separated from enterprise networks?
Logically separated
What can enhance security using different architectures and lead to the rule that no system should be dual-NIC’d?
Network segregation
What is it called when overlapping security mechanisms are used?
Defense in depth
What are the best practices for general firewall policies?
‐ The base rule set should be deny all, permit none
‐ All “permit” rules should be both IP address and TCP/UDP port specific
‐ All rules should restrict traffic to a specific IP address or range of addresses
What are some recommended firewall rules?
- In most cases there is little reason to allow DNS requests out of the control network to the corporate network and no reason to allow DNS requests into the control network
- HTTP should not be allowed to cross from the public/corporate to the control network
- All TFTP communications should be blocked, while FTP communications should be allowed for outbound sessions only
- Use SSH over Telnet
What are specific ICS firewall issues?
- Data Historians
- Remote Support Access
- Multicast Traffic
- Unidirectional Gateways
- Single Points of Failure
- Redundancy and Fault Tolerance
- Preventing Man-in-the-Middle Attacks
- Authentication & Authorization
- Monitoring, Logging, and Auditing
- Incident Detection, Response, & System Recovery
What was introduced because of incomplete, inappropriate, or nonexistent security policy?
Policy & procedure and predisposing conditions
What can occur in hardware, firmware, software, and large complex systems and networks?
System and predisposing conditions
What are some possible sources for system and predisposing conditions?
- Design Flaws
- Development Flaws
- Misconfigurations
- Poor Maintenance
- Poor Administration
- Connections with other systems & networks
What are some examples of adversarial incidents?
‐ Denial of Control Action
‐ Control Devices Reprogrammed
‐ Spoofed System Status Information
‐ Control Logic Manipulation
‐ Safety Systems Modified
‐ Malware on Control Systems
