Supply Chain Management Flashcards

1
Q

Due Diligence

A

A legal principle identifying a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Trusted Foundry

A

A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function)

Trusted Foundry Program is operated by the Department of Defense (DoD)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Hardware Source Authenticity

A

The process of ensuring that hardware is procured tamper-free from trustworthy suppliers

Greater risk of inadvertently obtaining counterfeited or compromised devices when purchasing from second-hand or aftermarket sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hardware ROT

A
Hardware Root of Trust:
A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics

A hardware root of trust is used to scan the boot metrics and OS files to verify their signatures, which we can then use to sign a digital report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

HSM

A

Hardware Security Module:
An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Anti-Tamper

A

Methods that make it difficult for an attacker to alter the authorized execution of software

Anti-tamper mechanisms include a field programmable gate array (FPGA) and a physically unclonable function (PUF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

UEFI

A

Unified Extensible Firmware Interface:
A type of system firmware providing support for 64-bit CPU operation at boot, full GUI and mouse operation at boot, and better boot security

Basically a new-and-improved BIOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Secure Boot

A

A UEFI feature that prevents unwanted processes from executing during the boot operation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Measured Boot

A

A UEFI feature that gathers secure metrics to validate the boot process in an attestation report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Attestation

A

A claim that the data presented in the report is valid by digitally signing it using the TPM’s private key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

eFUSE

A

A means for software or firmware to permanently alter the state of a transistor on a computer chip

Basically, the fuse will blow if the state of the software/firmware is modified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Processor Security Extensions

A

AMD:
SME (Secure Memory Encryption)
SEV (Secure Encrypted Virtualization)

Intel:
TXT (Trusted Execution Technology)
SGX (Software Guard Extensions)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Trusted Execution

A

The CPU’s security extensions invoke a TPM and secure boot attestation to ensure that a trusted operating system is running

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Secure Enclave

A

The extensions allow a trusted process to create an encrypted container for sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Atomic Execution

A

Certain operations that should only be performed once or not at all, such as initializing a memory location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Bus Encryption

A

Data is encrypted by an application prior to being placed on the data bus

Ensures that the device at the end of the bus is trusted to decrypt the data