Supply Chain Assessment Flashcards

1
Q

Due Diligence

A

A legal principle identifying a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Trusted Foundry

A

§ A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function)
§ Trusted Foundry Program is operated by the Department of Defense

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Hardware Root of Trust (ROT)

A
§ A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics
§ A hardware root of trust is used to scan the boot metrics and OS files to verify their signatures, which we can then use to sign a digital report
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Trusted Platform Module (TPM)

A

§ A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information
§ A TPM can be managed in Windows via the tpm.msc console or through group policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Hardware Security Module (HSM)

A

An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Unified Extensible Firmware Interface (UEFI)

A

A type of system firmware providing support for 64-bit CPU operation at boot, full GUI and mouse operation at boot, and better boot security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Secure Boot

A

A UEFI feature that prevents unwanted processes from executing during the boot operation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Measured Boot

A

A UEFI feature that gathers secure metrics to validate the boot process in an attestation report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Attestation

A

A claim that the data presented in the report is valid by digitally signing it using the TPM’s private key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

eFUSE

A

A means for software or firmware to permanently alter the state of a transistor on a computer chip

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Secure Processing

A

A mechanism for ensuring the confidentiality, integrity, and availability of software code and data as it is executed in volatile memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Trusted Execution

A

The CPU’s security extensions invoke a TPM and secure boot attestation to ensure that a trusted operating system is running

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Secure Enclave

A

The extensions allow a trusted process to create an encrypted container for sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Atomic Execution

A

Certain operations that should only be performed once or not at all, such as initializing a memory location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Bus Encryption

A

§ Data is encrypted by an application prior to being placed on the data bus
§ Ensures that the device at the end of the bus is trusted to decrypt the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly