Supply Chain Assessment Flashcards

1
Q

A legal principle identifying a subject has used best practice or reasonable
care when setting up, configuring, and maintaining a system

A

Due Dilligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A microprocessor manufacturing utility that is part of a validated supply
chain (one where hardware and software does not deviate from its
documented function)

A

Trusted Foundry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The process of ensuring that hardware is procured tamper-free from
trustworthy suppliers

A

Hardware Source Authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A cryptographic module embedded within a computer system that can
endorse trusted execution and attest to boot settings and metrics

A

Hardware Root of Trust(ROT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A specification for hardware-based storage of digital certificates, keys,
hashed passwords, and other user and platform identification
information

A

Trusted Platform Module(TPM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An appliance for generating and storing cryptographic keys that is less
susceptible to tampering and insider threats than software-based storage

A

Hardware Security Module(HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Methods that make it difficult for an attacker to alter the authorized
execution of software

A

Anti-Tamper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A firmware exploit gives an attacker an opportunity to run any code at the
highest level of CPU privilege

A

Trusted Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A type of system firmware providing support for 64-bit CPU
operation at boot, full GUI and mouse operation at boot, and
better boot security

A

Unified Extensible Firmware Interface(UEFI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A UEFI feature that prevents unwanted processes from executing
during the boot operation

A

Secure Boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A UEFI feature that gathers secure metrics to validate the boot
process in an attestation report

A

Measured Boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A claim that the data presented in the report is valid by digitally
signing it using the TPM’s private key

A

Attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A means for software or firmware to permanently alter the state
of a transistor on a computer chip

A

eFuse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A firmware update that is digitally signed by the vendor and
trusted by the system before installation

A

Trusted Firmware Updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A disk drive where the controller can automatically encrypt data
that is written to it

A

Self-Encrypting Drives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A mechanism for ensuring the confidentiality, integrity, and availability of
software code and data as it is executed in volatile memory

A

Secure Processing

17
Q

§ Low-level CPU changes and instructions that enable secure processing

A

Processor Security Extensions

18
Q

The CPU’s security extensions invoke a TPM and secure boot attestation
to ensure that a trusted operating system is running

A

Trusted Execution

19
Q

The extensions allow a trusted process to create an encrypted container
for sensitive data

A

Secure Enclave

20
Q

Certain operations that should only be performed once or not at all, such
as initializing a memory location

A

Atomic Execution

21
Q

§ Data is encrypted by an application prior to being placed on the data bus

A

Bus Encryption