Supply Chain Management

Question 1

A legal principle identifying a subject
has used best practice or reasonable
care when setting up, configuring,
and maintaining a system

Answer 1

Due Diligence

Question 2

This essentially means that a vendor like EMC has decided
that the product in question has reached the end of its “useful lifespan.” After this particular
date the manufacturer will no longer be marketing, sustaining and (in most cases) selling
the product in question

Answer 2

End of life

Question 3

A microprocessor manufacturing
utility that is part of a validated
supply chain (one where hardware
and software does not deviate from
its documented function)

Answer 3

Trusted Foundry

Question 4

The process of ensuring that
hardware is procured tamper-free
from trustworthy suppliers

Answer 4

Hardware Source

Authenticity

Question 5

A cryptographic module embedded
within a computer system that can
endorse trusted execution and attest
to boot settings and metrics

Answer 5

Hardware Root of Trust

ROT

Question 6

A specification for hardware-based
storage of digital certificates, keys,
hashed passwords, and other user
and platform identification
information

Answer 6

Trusted Platform Module

TPM

Question 7

An appliance for generating and
storing cryptographic keys that is
less susceptible to tampering
and insider threats than
software-based storage

Answer 7

Hardware Security Module

HSM

Question 8

Methods that make it difficult for an
attacker to alter the authorized
execution of software

Answer 8

Anti-Tamper

Question 9

It gives an attacker an
opportunity to run any code at the
highest level of CPU privilege

Answer 9

firmware exploit

Question 10

A type of system firmware providing
support for 64-bit CPU operation at
boot, full GUl and mouse operation
at boot, and better boot security

Answer 10

Unified Extensible
Firmware Interface (UEFI)

Question 11

A UEFI feature that prevents
unwanted processes from executing
during the boot operation

Answer 11

Secure Boot

Question 12

A UEFI feature that gathers secure
metrics to validate the boot process
in an attestation report

Answer 12

Measured Boot

Question 13

A claim that the data presented in
the report is valid by digitally signing
it using the TPM’s private key

Answer 13

Attestation

Question 14

for software or firmware to
permanently alter the state of a
transistor on a computer chip

Answer 14

eFUSE

Question 15

An update that is digitally
signed by the vendor and trusted by
the system before installation

Answer 15

Trusted Firmware Updates

Question 16

A disk drive where the controller can
automatically encrypt data that is
written to it

Answer 16

Self-Encrypting Drives

Question 17

A mechanism for ensuring the
confidentiality, integrity, and
availability of software code and
data as it is executed in volatile
memory

Answer 17

Secure Processing

Question 18

Low-level CPU changes and
instructions that enable secure
processing

Answer 18

Processor Security

Extensions

Question 19

The CPU’s security extensions
invoke a TPM and secure boot
attestation to ensure that a trusted
operating system is running

Answer 19

Trusted Execution

Question 20

The extensions allow a trusted
process to create an encrypted
container for sensitive data

Answer 20

Secure Enclave

Question 21

Certain operations that should only
be performed once or not at all,
such as initializing a
memory location

Answer 21

Atomic Execution

Question 22

Data is encrypted by an application

prior to being placed on the data bus

Answer 22

Bus Encryption