test1 Flashcards

1
Q

3 components of security education

A

Policy - what to do
Training - skills for doing it
Awareness - changes behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

BPA, MOU/A, ISA

A

Business Partership Agreement: good for addressing ownership, profit & loss, clearly lays out who makes what decision, who owns what part of company
Memorandum of Understanding/Agreement: when two organizations connect their networks together, who owns what info, who is responsible for what actions, who has liabilities for particular exposures
Interconnection Security Agreement: typically part of MOU, involves who is allowed to keep info if partners separate. dictates technical security requirements associated with two organizations connecting networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CIA Triad vs DAD

A

CIA: Confidentiality (preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary data), Integrity (guarding against improper data modification, includes ensuring information non-repudiation and authenticity), Availability (ensuring timely and reliable access to and use of information)
DAD (logical opposite of CIA): Disclosure, Alteration, Destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Controls are implemented across what three levels? Give examples for each

A

Administrative (aka directive): background checks, policies/procedures
Technical: encryption, smart cards
Physical: locks, securing laptops/magnetic media, protection of cable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Criminal vs Civil

A

Criminal: possible to get jail time, burden of proof is beyond a reasonable doubt (99.9%)
Civil: tip of scale (50.1%)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CVSS

A

Common Vulnerability Scoring System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Draw chart of 5 types of documentation

A

refer to “Types of Documentation - Drawing 1B”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Draw the qualitative RA matrix

A

Qualitative Risk Analysis Matrix helps identify most significant risks to organization
Likelihood on left vertical, Impact top horizontal (high med low)
Refer to “Qualitative RA Matrix - Domain 1 pg 67”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Due Care vs Due Diligence

A

Due Care: minimal customary practice aka the “Prudent Man Rule”; are you doing what a reasonable organization would do when implementing security
If you trip and fall on property with steak knives sticking up from the ground you could sue for due care since Eric didn’t do what a normal person would do
Due Diligence: maintaining proper environment
If someone else did it and Eric was aware but didn’t change or alter it, then someone could sue Eric for Due Diligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Excessive risk

A

means above acceptable level of risk for executive / data owner; excessive does NOT mean a lot of risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Fork bomb

A

attack that says while 1=1 (which is always the case) keep forking out (starting new process) until all memory is used and system crashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Formula for Risk

A

risk = threat x vulnerability
threat drives calculation, vulnerability reduces the risk
threat: potential for harm, can be internal/external/competitor/govt (hurricanes, snowstorms, viruses, worms)
vulnerability: weakness (unpatched system, default install)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Fraggle

A

variation of smurf involving spoofed UDP datagrams sent to UDP port 7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IAAA

A

Identification: means by which users claim their identities to a system
Authentication: establishes, tests or reconciles a user’s identity
Authorization: rights/permissions granted to an individual (or process) that enable access to a computer
Accountability: system’s ability to determine actions of single individual within a system, shows that a particular individual performed a particular action e.g. audit trails and logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

LAND attack

A

creates recursive loop which crashes system e.g. from 192.168.1.1 to 192.168.1.1 on 8080

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

List all quantitative formulas

A

SLE (Single Loss Expectancy) = EF (exposure factor) x AV (asset value)
ARO (Annualized Rate of Occurrence)
ALE (Annualized Loss Expectancy) = SLE x ARO
TCO (Total Cost of Ownership)
ROI (Return on Investment)
Cost/Benefit Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

List all types of controls and examples of each

A

Preventative: locks on doors, firewalls
Detective: goes off during attack (alarm systems, IDS), means preventative failed
Corrective: short-term fix to prevent future attacks (police guards, evacuation)
Compensating: alternative control (one-way firewall in hospital if MRI system could never be connected to network but doctors need info from it)
Recovery: long-term fix
Suppressive: where you detect and respond to deal with a problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Name a directive control that is a strategic user-focused document?

A

Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Name and define the 5 types of documentation

A
  • Policy - high level statement of what to do, should be specific, measurable, achievable e.g. All servers must be properly hardened by patching and turning off services
  • Procedure - details of how to do it e.g. the security configuration must be applied when a system is built
  • Standard - specifies a certain way something should be done or a certain brand/type of equipment to be used e.g. Admins must use Windows Server 2012 R2 as the base operating system
  • Baseline - more specific implementation of a standard, specific technical details of how a system’s hardware/software should be configured; usually a baseline starts off as a guideline until it has been properly modified to meet the needs of org; e.g. The specific settings for Win Server 2012 R2 should match those in the CIS Security Benchmark
  • Guideline (optional) - recommended way of doing something; best practice might start off as a guideline and if analysis shows there is great benefit, it may become a standard (mandatory) e.g. to ease the config, local GPOs can be used to roll out the changes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Name different types of DoS attacks

A

DoS attacks:

  • Crafted Packets
    • Ping of Death
    • LAND attack
    • Tear drop
  • Flooding
    • Syn flood
    • Smurf
    • Fraggle

DDoS - compromising multiple machines to attack the victim
-Fork bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

OCTAVE

A

Operationally Critical Threat, Asset and Vulnerability Evaluation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

password guessing vs password cracking

A

Guessing (online, where you try to guess at website login prompt but subject to account lockout)
Cracking (offline, no account lockout but need raw encrypted passwords)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

PCI DSS

A

Payment Card Industry Data Security Standard - aka dirty dozen (12 requirements), know in general the 12 goals (don’t need to know order):
Install/maintain firewalls, no vendor default passwords/parameters, protect stored data, encrypt transmission of data across public network, use/update antivirus, develop/maintain secure systems and applications, restrict access to cardholder data by business need to know, authenticate access to system components, restrict physical access to cardholder data, track and monitor all access to network resources to cardholder data, regularly test security systems/processes, maintain a policy that addresses information security for all personnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Ping of Death

A

buffer overflow attack, if you send ping packet larger than the largest size you can

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Privacy Act of 1974

A

Info about individuals will be kept private and if it needs to be disclosed the person will be notified; regulated at state level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

RFI, RFP, RFQ

A

Request for Information - helps you tailor the RFP
Request for Proposal - stage of procurement to determine which providers will bid for project and what their proposal looks like, more detailed than RFQ
Request for Quote - can sometimes ask for RFQ to make sure we have enough budget before doing a full RFP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

SLA, OLA, ELA

A

Service Level Agreement: delivering certain level of service and if you don’t there’s penalties e.g. ISP delivers certain level of bandwidth with certain reliability
Operating Level Agreement: internal agreement that supports SLA e.g. you need to make sure you have enough staff to meet the SLA
Enterprise License Agreement: site licensing for software e.g. Microsoft licensing agreement for Windows software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Smurf attack

A

spoof victim’s IP and sends ICMP Echo Request (ping) to directed broadcast; adversary sends out one request to broadcast address saying to 1 million computers to reply to “me” which is spoofed source address of person you want to bring down (smurfs singing down the street with hundreds joining like multiple packets growing together)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Syn flood

A

has table that keeps track of connections, if you fill up, no new connections can come in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Tear drop

A

putting a bunch of different puzzle pieces that could never be put together

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Third party governance

A

Before purchasing third party products, assess exposures and risks, validate software, etc. COTS (Commercial Off the Shelf software) e.g. Windows/Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Types of IP

A

Intellectual Property
Formal methods of protection:
Patent: public, can’t just be an idea, needs to be reduced to practice, show how it actually works; govt does it to encourage people to share best way to do something and share with society, then we’ll give you 20 yr monopoly
Copyright: creator of work is implied owner of copyright e.g. monkey who took selfies had copyright, not photographer
Trademark: “Ultimate driving machine”, “Just do it”
Informal means of protection:
Trade secret: formula for coca cola (if it were patent it would be public)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is an internal SLA?

A

OLA (Operating Level Agreement)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is OECD?

A

Organization for Economic Co-operation and Development, 34 countries in Europe, strict controls for information held on your behalf
-Working Party on Information Security and Privacy develops non-binding guidance (member countries do not have to implement recommendations)

EUDPD (European Union’s Data Protection Directive) - binding requirement for EU member states, considered more stringent than US Privacy laws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is the ultimate output of threat mapping or attack services?

A

Security dashboard: visual representation that shows you where high exposures are and what systems they are on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is TOC/TOU?

A

Time of Check / Time of Use; difference should always be zero e.g. if you put system online for two hours before it’s fully patched and secured there’s a good chance it will be compromised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What methodology is most common for scoring vulnerabilities? Name a second system as well.

A

CVSSv2 (Common Vulnerability Scoring System) is most common. Another is OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which country does not have one set of privacy laws?

A

The US since privacy laws are at a state level, not federal. All of Europe has one set of laws.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Your company has decided to perform a major technology overhaul. Which would best describe impact to the organization:

a) policies and procedures will need major revisions
b) policies and procedures will need minor revisions
c) minor revisions to policy and major revisions to procedures
d) minor revisions to procedures and major revisions to policy

A

Answer: c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

__ is for industries where we are constantly in litigation, no one can say any info was modified or changed because it is not possible with this technology.

A

WORM (Write Once Read Many)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

__ is volatile memory.

A

RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

A __ creates/manages info e.g. salary data managed by HR dept, and is ultimately responsible even if the __ (internal/external entity accessing the data e.g. outsourced payroll company) gets breached.

A

Data controller, data processor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Customizing a standard for an organization, beginning with scoping, and then adding compensating controls and parameters (security configuration settings).

A

Tailoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Data classification process

A
  1. Identify who’s in charge (Identify administrator/custodian)
  2. Criteria for classification (Specify criteria for how information will be classified and labelled)
  3. Classify the data with approval by the supervisor (Classify the data by its owner who is subject to review by a supervisor)
  4. Document exceptions (Specify and document exceptions to the classification policy)
  5. Determine controls (Specify controls that will be applied to each classification level)
  6. Determine declassification (Specify the termination procedures for declassifying the information or for transferring custody of the information to another entity)
  7. Make people aware of the classification process (Create an enterprise awareness program about the classification controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Degaussing and sector-by-sector overwrite are good for __ media.

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Describe FIPS 199 levels of impact for CIA

A

limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Describe options for securely erasing drives

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction (more expensive but more secure)
-NOT effective on EEPROMs: sector-by-sector overwrites can miss data (since writes randomly), degaussing (since not magnetic)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Describe the house analogy in terms of who owns and manages the data

A
Data owner (CEO, board): designs the house, makes the high-level strategic decisions, ultimately responsible
System owner: designs the HVAC/electrical subsystem in the house; plans design/updates, supports system processes; delegated a portion of the design but ultimately the data owner can still overrule
Business owner: focuses on security priorities to support the mission
Custodian (DBA, engineer): builds the house; very tactical, does all activities that need to be performed on behalf of owner, hardening/locking down, changing network
User: lives in the house; running application to perform function, analyzes info
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

How can an EEPROM device be securely erased?

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Process that involves determining applicable portions of a standard that will be followed.

A

Scoping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

The __ describes SBU data where the impact for CIA is:
limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact

A

FIPS (Federal Information Processing Standards Publication) 199
SBU (Sensitive but Unclassified)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

The __ documents computer security best practices. Their 800 series publications cover which general areas of security?

A

United States NIST (National Insitute of Standards & Technology). NIST Special Publications (800 series) include NIST 800-37: Risk Mgmt, NIST 800-53A: Recommended Security Controls, NIST 800-34: Contingency Planning, NIST 800-115: Security Testing & Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

The __ manages/monitors protocols and specifications of the Internet. They specify requirements via RFCs which must be followed by everyone e.g. TCP/IP protocols.

A

IETF (Internet Engineering Task Force)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

The __ says that at least 85% of targeted cyber intrusions could be prevented by top 4 mitigation strategies:

  • application whitelisting
  • patch applications
  • patch OS vulnerabilities
  • restrict admin priveleges and applications based on duties
A

ASD (Australian Signals Directorate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Types of primary memory

A

RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means its faster and you have less of it; SRAM is cache
Good to be familiar with “Computer Architecture (Map of Targets) - Drawing 3C” but basically just need to know and be able to draw out “Memory diagram - Drawing 2A”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Types of ROM

A

ROM (Read only memory): non-volatile
PROM (Programmable): modifiable once e.g. firmware
EPROM (Erasable & Programmable): not the norm
EEPROM (Electrically Erasable): flash memory, can be written e.g. USB flash drives, SSDs, BIOS chips so can be upgraded
PLD (Programmable Logic Devices): integrated circuit that can be modified programmatically, general technology for all EPROM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Types of secondary memory

A

Slower memory e.g. magnetic disks (HDD)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Types of sequential memory

A

Sequentially searching from beginning rather than directly accessing location e.g. tape, advantage is they are very cheap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What are valid ways to distribute classified data?

A

Valid Freedom of Information Act request, Non-Disclosure Agreements, Government contracts, court ordering you to distribute the data
NOT a valid way: age of data (that’s just not possible; this is declassifying data, not distributing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What does ISO stand for?
What does ISO 27001 and 27002 focus on.
Which one replaced ISO 17799?

A

International Organization for Standardization
ISO 27001: focuses on auditing (verifying that you’re doing what you say you’re doing)
ISO 27002: focuses on best practices, formalized process of setting up ISMS (InfoSec Mgmt System)
27002 is replacement for ISO 17799

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Which role is responsible for computer hardware and software design plans and updates and also ensures that proper training is in place?

A

System owners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Which role sets the information security priorities to support the mission of the organization?

A

Business owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Which term describes writing data to an EEPROM?

A

Flashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

__ encompasses __ and cryptanalysis

A

Cryptology, cryptography (hidden writing)

Cryptanalysis (verifying security of algorithms)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

__ has replaced CRLs.

A

OCSP (Online Certificate Status Protocol)
Analogous to police officer looking up status of one driver’s license rather than downloading entire list of revoked licenses and comparing against that.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

__ is the art and science of hiding the meaning of communication from unintended recipients.

A

Cryptography (hidden writing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

___ and ____ substitution are subject to frequency analysis.

A

Arbitrary and Rotation substitution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

___ destroys patterns connecting the key to the ciphertext.

A

Confusion; substitution provides confusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

___ destroys patterns connecting the plaintext to the ciphertext.

A

Diffusion; permutation provides diffusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

___ is a block cipher that has replaced DES. It has 3 key sizes (128-bit, 192-bit and 256-bit) and it is the new FIPS (Federal Information processing standard) publication 197.

A

AES (Advanced Encryption Standard)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

___ is a DES mode stream cipher. Ciphertext is used as feedback into the key generation source to develop the next stream. Ciphertext generated by performing an xor of the plaintext with the key stream. Ciphertext has same number of bits as plaintext. In this mode errors will propogate.

A

CFB (Cipher Feedback Mode)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

___ is a DES mode that operates with plaintext blocks of 64 bits, uses randomly generated 64-bit IV that is xored with the first block of plaintext, and the result is encrypted using the DES key

A

CBC (Cipher Block Chaining)

  • CBC fixes ECB by encrypting every message block with a different key
  • IV (initialization vector, just random data) is combined with key to start, then at each block after that the ciphertext is combined (XOR-ed) with a different key to create the next block’s key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

___ is native mode of DES, is a block cipher, is applied to 64-bit blocks of plaintext and produces corresponding 64-bit blocks of ciphertext.

A

ECB (Electronic code book) creates patters in ciphertext, this is fixed by CBC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

____ substitution is one-to-many and therefore counters frequency analysis.

A

Polyalphabetic e.g. A=RW,WT,SM, therefore RW can only map to A and so forth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

__fish is symmetrical encryption. __fish is adaptive version of it.

A

Blowfish and twofish (adaptive version, unbreakable) are symmetric.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

A __ reflects a current security posture captured in time.

A

State Machine

Policy dictates and guarantees secure state changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

A ___ ___ binds an individual’s identity to the public key.

A

Digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

A ___ is a newer type of computer monitor that is better quality and more expensive.

A

CCD (Charge Coupled Discharge)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

A ___ is an older, lower cost computer monitor.

A

CRT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

A ____ cookie exists in memory and is deleted upon browser exit.

A

Session cookie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

A ____ cookie is saved to disk and may be used long-term.

A

Persistent cookie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

A collection of related data about an organization intended for sharing by multiple users.

A

Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

A commercial garage is which type of gate?

A

Class II Commerical gate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

A hole on the side of a boat or building to let our water and avoid flooding is a __. This is a __ measure.

A
bilge pump (or sump pump), corrective
evacuation is another corrective measure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

A momentary power loss is a __.

A

fault

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

A prison gate falls under which class?

A

Class IV Restricted gate e.g. prison, airport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

A record or row in a database

A

Tupl (TUP-el)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

A residential gate is which class?

A

Class I Residential gate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

A set of low level commands a CPU knows how to execute could be a __ or __.

A

CISC (Complex Instruction Set Computer) or RISC (Reduced Instruction Set Computer)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

A stream cipher generates the ciphertext key by xoring the plaintext with a keystream. Feedback is used to generate the key stream, therefore the key stream varies. IV is required in this DES mode.

A

OFB (Output feedback mode)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

A type of control where you detect and respond to deal with a problem.

A

Suppressive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

A type of cryptographic attack where you are changing plaintext and looking for differences in ciphertext

A

Differential analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

A type of cryptographic attack where you are looking for patterns across messages trying to find weaknesses in crypto

A

Linear analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

A type of probability where two different messages using the same hash function can produce a common message digest at a higher frequency than you would think.

A

birthday attack

applies to collisions in hashing, teaches us that it will happen with higher frequency than you would think

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

A type of research model that ensures high-level actions (inputs) do not determine low-level user visibility (outputs). Given input there should be no way to predict an output.

A

Noninterference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

A type of research which is similar to BLP in that objects are labeled based on security classes in the form of a lattice (graph). Data can flow in either direction.

A

Information flow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

A user deduces information of higher sensitivity from lower sensitivity information

A

Inference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

A virtual machine hosted by a third-party internet hosting company

A

VPS (Virtual Private Server); building block for cloud computing, providing IaaS (Infrastructure as a Service)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

A way to verify that an entire database transaction has been completed and if it hasn’t, we have the option to roll back to the original point and then re-run the transaction.

A

2-phase commit: vote first before committing (distributed databases)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

Allowed to access certain pieces of info e.g. there’s no system that will let me get address where you live but can go into one system and find out your zip code, another the street, another the house number and combine all that to find out where you live. This is called __.

A

aggregation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

Alternative to Halon (which is no longer produced since it releases ozone-depleting substances)

A

FM200

Need more of FM200 (7% concentration rather than 5% with Halon) and it takes longer to put fire out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

An “Employees Only” or “Unauthorized Personnel will be prosecuted” sign is a ___ control.

A

Deterrent, deterring unauthroized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

An airport gate falls under which class?

A

Class IV Restricted gate e.g. prison, airport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

Asymmetric encryption is the __ channel for the ____ key

A

Asymmetric, secure, secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

Asymmetric is a difficult (intractable) problem to solve via which three methods?

A

Factoring a large number into its prime (RSA)
Solving the discrete logarithm problem for finite fields (e.g. El Gamal)
Solving discrete logarithmic problems for elliptic curves (ECC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

Asymmetric requires smaller or larger key lengths to have the same effect as symmetric?

A

Asymmetric requires larger key lengths which makes it slower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

Because DES is not a ___, multiple encryptions increase security.

A

group

If something is a group then E(K2,E(K,M)) = E(K3,M)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

Boolean operation that outputs 1 (true) when both inputs differ.

A

XOR (Exclusive OR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

CCTV are traditionally thought of as ___ controls.

A

Detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

Centralized vs Decentralized vs Distributed Data

A

Centralized: all your data is in one place, Decentralized: minimal or no sharing between sites, Distributed: there is sharing between locations
First ask yourself # of locations, if one it’s centralized; if multiple ask if sharing, if so it’s distributed, if no sharing it’s decentralized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

Changing the order of letters e.g. position 1 in message goes to position 4 in ciphertext, is called ___.

A

Permutation aka scrambling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

Chosen plaintext attack with iterations of input based on knowledge of output

A

Adaptive chosen plaintext
After choosing the plaintext that gets encyrpted, the cryptanalyst can also choose other blocks to be encrypted which allows more analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

Contraband checks are primarily ___ measures

A

Detective but can also deter someone from doing something if they know there is a high chance they are going to be caught
Contraband checks include x-ray scanners, metal detectors, bag inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

Crypto attack where plaintext is inserted into device with unknown secret key and corresponding ciphertext is generated

A

Chosen plaintext
Cryptanalyst is able to choose what plaintext gets encrypted and see the resulting ciphertext. Sometimes this can reveal info about the key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

Crypto attack where portion of ciphertext is known

A

Ciphertext only

Goal is to recover one or more plaintext messages or the key used to encrypt the messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

Crypto attack where portions of plaintext and corresponding portions of ciphertext are known

A

Known plaintext
Goal is to find the key used to encrypt the ciphertext or an alternate algorithm to decrypt any message with a key the cryptanalyst knows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

Crypto attack where there is chosen ciphertext attack with iterations dependent upon previous results

A

adaptive chosen ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

Cryptographic attack where you get information from the chipset to find the cryptographic keys?

A

Side channel attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

Cryptographic attack where you use algorithms and mathematics to deduce key or reduce key space to be searched.

A

Analytic attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

Datacenter recommended temperature and RH (relative humidity)

A

70-74 F (21-23 C) ideal temperature range

40-60% ideal humidity range

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Dedicated hardware chip that stores encryption keys?

A

TPM (Trusted Platform Module); can be used to authenticate the integrity of the BIOS, also supports/enhances full disk encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

Describe the steps of Common Criteria

A

created by ISO (2nd intl attempt after Europeans’ ITSEC classes); Need to know 7 layers pg 23, all have “tested” in them; EAL (Evaluation Assurance Level) is applied to product rather than system
EAL 1: Functionally tested, EAL 2: Structurally tested, EAL 3: Methodically tested and checked, EAL 4: Methodically designed, tested, and checked, EAL 5: Semi-formally designed and tested, EAL 6: Semi-formally verified, designed, and tested, EAL 7: Formally verified, designed and tested

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

Describe the type of attack where an adversary gets you to click on link that has embedded scripting that causes you to connected to a legitimate site and bounce your credentials back to the adversary.

A

XSS (Cross-site scripting) reflects a script via a trusted website. XSS attacks commonly use JavaScript. XSS attack is based on lack of input validation or output encoding by websites e.g. where tags such as script (with less than sign before and greater than after) are allowed as input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

Describe/Draw out the Ring Layer Protection

A

CPU/Memory/HDD are bones in your body, OS is muscle/skin that wraps around the bones; kernel is the brains of the computer. Refer to “Ring layer protection - Drawing 3A”. Example of ring protection scheme (pg 37): Ring 3: User, applications, programs (least trusted), Ring 2: I/O drivers and utiltiies, Ring 1: OS components that are not part of the kernel, Ring 0: Operating system kernel (most trusted)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

Difficulty in recovering the plaintext from the ciphertext as measured by cost and/or time

A

Work function (factor)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

Digital certificates are the ____ channel for the ____ key.

A

trusted, public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

Ensuring that if a session key is compromised, previously captured communications may not also be decrypted. This is called __.

A

PFS (Perfect Forward Secrecy)

128
Q

Escrowed encryption standard is embodied in the US Government’s clipper chip which used the ___ secret key algorigthm (now unclassified).

A

skipjack

129
Q

Example of an algorithm used for solving the discrete logarithmic problem for finite fields

A

El Gamal

130
Q

Examples of asymmetric crypto

A

DEER (Diffie Hellman, El Gamal, ECC, RSA)

Also Merkle-Hellman Knapsack, Chor Rivest Knapsack, LUC

131
Q

Examples of Hashing algorithms

A

HMAC, MD4, MD5, RIPEMD, SHA-1, SHA-2

132
Q

Examples of symmetric (secret key) crypto

A

DES, 3DES, IDEA, RC4, RC6, AES

133
Q

Extinguishers need to be within __ ft of any electrical equipment and at exits. Use the color __ to mark lettering on signs at exit points.

A

50 ft, red

134
Q

Factoring a large number into its prime

A

RSA (Ron Rivest, Adi Shamir, Leonard Adleman)

135
Q

Fence heights and levels of protection

A

3-4ft / 1 meter (deters casual trespasser)
6-7ft / 2 meters (too high to easily climb)
8ft / 2.4 meters + 3 strands of barbed wire (prevents determined intruder)

136
Q

Fences are traditionally a ___ control but can also be ___.

A

deterrent, preventive

On exam assume fences are deterrent unless they say 8ft / 2.4m with 3 strands of barbed wire which would be preventive

137
Q

Fire protection and insurance industries support __, not __, as the primary method for extinguishing fires.

A

Water, not gas

even in datacenter since most gas-based systems are not what they lived up to be

138
Q

For asymmetric encryption the type of crypto attack you would do is ___.

A

Ciphertext attacks since you’re after the private key which is used to decrypt. Otherwise you would be trying to crack the public key (used to encrypt) which you already have.

139
Q

For critical areas around buildings you should install lighting at least __ high and with illumination of __ candles

A

8ft / 2.4m high with illumination of 2ft candles

140
Q

For symmetric encryption the type of crypto attack you would do is ___.

A

Plaintext attack since you’re after the secret key

141
Q

Given the following encryption algorithm D(c,k7)=E which algorithm was used to encrypt the message?

A

E(m,k7)=c
They can call key whatever they want e.g. “k7”, “purple” etc
They’ll just do one level of substitution, not multiple levels

142
Q

Hash functions provide what primary function in a cryptosystem?

A

Message integrity

143
Q

Having a lot of databases with smaller amounts of data as opposed to having one big database with everything would be called __-oriented security.

A

impact-oriented security

144
Q

Hiding functionality/details of a system e.g. when you drag and drop a file, there’s thousands of processes going on but you only need to know drag and drop

A

Abstraction

145
Q

Hiding in plain sight is ___.

A

Steganography - algorithm embeds secret message in host file in such a way that no one can detect or see that the host image was altered
Crypto is confidentiality, Stego is secrecy (match up “C” and “S”)

146
Q

Hybrid of wet and dry pipe systems. Valve holds back water (dry pipe), is opened and releases water to the nozzle head. Then the the nozzle head melts and releases the water (wet pipe system).

A

Pre-action

This additional delay allows for manual intervention before water is released.

147
Q

If a system is executing one instruction at a time, it uses a ___.

A

Scalar processor

148
Q

If an attacker impacts a host operating system after compromising a VM, this is called __.

A

VMEscape; the attack is against the hypervisor or virtual devices controlled by the hypervisor

149
Q

If data is __ it is kept in multiple sites but not shared.

A

Decentralized

150
Q

If data is __ it is shared among mulitple sites.

A

Distributed

151
Q

If one process crashes it doesn’t affect all the others. What is this called?

A

process isolation

152
Q

If our organization is looking at setting up a new infrastructure for storing information to better support the mission and we are designing out the databases that will store information, what will we use to accomplish this?

A

DDL (Data Definiation Language)

153
Q

If the computer has more than one CPU and it can execute instructions in parallel it is called _____.

A

Multi-processing

154
Q

If we have databases designed and we are now starting to build out the queries which would we use

A

DML (Data Manipulation Language) e.g. SQL

155
Q

If you are in the middle of a transaction and you have data loss, which type of database fault tolerance are you using?

A

Shadow database

156
Q

If you are in the middle of a transaction and you have no data loss, which type of database fault tolerance are you using?

A

Failover (database operations continue on a second server if the first server fails

157
Q

If you have a 256 bit key and you want a robust algorithm how many bits of entropy would you want?

A

256, should be 1 bit of entropy for every bit to be truly random

158
Q

If you were in the process of building a fully integrated system that can manage, query and analyze what would we be using? DML, DDL, DBMS, TPM

A

DBMS (Database Management System)

159
Q

In EAL model what comes after “structurally tested”?

A

Methodically tested and checked

160
Q

In hashing there is no actual “key” however what can the key length in hashing refer to?

A

Fixed length of the hash e.g. RIPEMD-160 uses 160-bit key length

161
Q

In PKI, a __ will vouch for the binding between public keys, certificate holder identities and other attributes

A

ORA (Organizational Registration Authorities)

162
Q

In SCADA the __ displays the information received in an easy to understand graphical way and also archive all the data received.

A

HMI (Human-Machine Interface) element

163
Q

In SCADA the __ gathers data from the __ out in the field. The __ then presents data to the operator who analyzes/monitors the data and sends commands back to the __ and gets pushed back out to the __.

A

Supervisory (control) unit, RTU (Remote Terminal unit or Remote Telemetry Unit), HMI (Human-Machine Interface presents data to human behind keyboard), Supervisory (control) unit, RTUs

164
Q

In SCADA the function of the __ is to collect the onsite information and this information is sent to a central location with the help of the communication element.

A

RTU (Remote Terminal Unit aka Remote Telemetry Unit)

165
Q

In symmetric encryption the secret key goes over a ___ channel (which no one can see or intercept). In asymmetric it goes over a ____ channel for the public key so it needs to be verified via digital certificate

A

secure, trusted

If can find a better way to say this in book, great, if not that’s fine

166
Q

In XOR if the inputs are 1 and 1 what is the output?

A
  1. If inputs are 0,0, output is 0 (false). Output of 1 is true.
    0,1 = 1; 1,0 = 1; 1,1 = 0
    Output of 0 = False, Output of 1 = True
167
Q

In XOR if the inputs are the same the output would be __, if different the output is __.

A

0, 1

168
Q

In XOR if the output is false, what is the output?

A

Output of 0 = False, Output of 1 = True

169
Q

Is ECC stronger or weaker than comparable RSA?

A

ECC is a lot stronger

170
Q

Is ECC stronger or weaker than comparable symmetric ciphers?

A

ECC is twice as weak

171
Q

Lights are a primarily ___ control.

A

Detective, but if you have a building lit up that can be a detterent as well

172
Q

List classes of fire what they can be suppressed with

A

Class A: ALL common combustibles e.g. wood products, laminates (suppress with water or soda acid)
Class B: BOTTLE, you put liquids in a bottle e.g.gas petroleum, coolants (gas [Halon], CO2, soda acid)
Class C: CIRCUIT/CURRENT e.g. electrical, wires (suppress with gas, CO2)
Class D: Metals (suppress with DRY powder)

173
Q

Look at “Digital signature 3”. What is the message digest. What is the digital signature?

A

Message digest is top-right. Digital signature is bottom-left.

174
Q

Look at “XSS Cookie Theft - Domain 3 Pg 71”. When does the user’s bank send the session ID back to the user? Which step did the user compromise the system? What does this type of attack teach us?

A

Step 3, Step 1. Need to do explicit error checking on character type
You may need to click on right number or drag-and-drop words into the steps that are occuring.
Facebook.example.com is referring to some kind of advertisement on facebook posted by adversary that you might click

175
Q

Loss of all power is a __.

A

blackout

176
Q

Making sure information you enter is consistent e.g. being required to enter a City/State and a ZIP code

A

Referential integrity

177
Q

Momentary high voltage is a __.

A

spike

178
Q

Momentary low voltage is a __.

A

sag

179
Q

Most efficient standard method of encryption

A

block cipher

180
Q

Motion and proximity detection systems are exampes of ___ systems.

A

Active
Motion system uses doppler, 3 types: sonic (audible sound waves), ultrasonic (high-frequency sound waves), microwave (radio waves)
Proximity: uses electronic field that senses presence of an object or individual

181
Q

Name a system that performs many operations per instruction and another system that uses simpler instructions using fewer cycles.

A

CISC (Complex-Instruction-Set-Computer) versus RISC (Reduced-Instruction-Set-Computer), respectively

182
Q

Only one person can be updating a database record at a given time and when that person is working on that information, the information is locked. This prevents integrity issues and is called __.

A

concurrency

this way two people can’t edit record at the same time

183
Q

Photometric systems and acoustical-seismic detection systems are examples of ___ systems.

A

Passive
Photometric system - detects changes in light
Acoustical-seismic detection system - detects sounds that exceed ambient noise level of the protected area e.g. when you walk and foot pushes air around

184
Q

Prolonged high voltage is a __.

A

surge

185
Q

Prolonged low voltage is a __.

A

brownout

186
Q

Proposed by Brewer and Nash to deal with CoI (Conflict of Interest) e.g. Microsoft hires the top 100 law firms so they can’t be used in patent cases against Microsoft, opposing counsel would have to start with 101 draft pick law firm

A

Chinese Wall Model

187
Q

Protected area of operating system responsible for memory, process, disk and task management?

A

Kernel

188
Q

Short duration noise interference is __.

A

transient

189
Q

Similar to dry pipe suppression system but uses larger amount of water when discharging.

A

Deluge suppression system

Not recommended for use in datacenters since too much water. May use for book factory.

190
Q

Similar to lattice (graph) except it is a spreadsheet with subjects (user, program, process) down and objects (passive entity e.g. file or storage resource) across with privileges (r/w/x) in each cell

A

Access matrix
Refer to Access control matrix - Drawing 3B”. Columns of access matrix are called ACLs (access control lists), Rows are called capability lists

191
Q

Software that will convert physical machines to software

A

P2V

192
Q

SQL (Standard Query Language) is a type of ___.

A

DML (Data Manipulation Language

193
Q

Standard format for digital certificates is ____

A

X.509

194
Q

Symmetric encryption is ____ for the message.

A

confidentiality

195
Q

Symmetric encryption requires one of these three secure key distribution channels.

A

Pre-shared secret, asymmetric encryption, D-H key exchange

196
Q

Symmetric vs Asymmetric strength (key lengths)

A

112 (DES), 128/192/256 (AES) vs 2048, 3072, 7680, 15360 (RSA/DSA) vs 224-255, 256-383, 384-511, 512+
So ECC two times weaker than comparable symmetric ciphers and far stronger than RSA/DSA

197
Q

Systems that are more efficient and use fewer cycles.

A

RISC-based systems (Reduced-Instruction-Set-Computer) since they use simpler instructions which use fewer cycles

198
Q

The __ mediates all requests and only allows subject to access object if its label is equal to or greater e.g. user with secret clearance can access secret or confidential file but not top secret.

A

reference monitor

199
Q

The Chinese Wall model is also know as the __ model.

A

Brewer Nash (aka Chinese Wall Model) deals with potential Conflict of Interest

200
Q

The DB transaction is being done on both servers simultaneously so if primary fails you haven’t lost any data. This database backup system which is more robust but more expensive is called __.

A

Fail-over database

201
Q

The TCSEC, also known as the __, is a security evaluation model used to categorize and rank the overall security of a system.

A

TCSEC (Trusted Computer Security Evaluation Criteria) is frequently referred to as the orange book. It was created by the US DoD and is the grandfather of security evaluation models.

202
Q

The theft of a PDA can pose a threat to which tenet(s) of the CIA triad?

A

All of them: Confidentiality, Integrity and Availability

203
Q

This DES mode uses a 64-bit random number. There is a different counter for every block of text e.g. each subsequent block incremented by 1). Used by ATM and Ipsec

A

CTR (Counter Mode)

204
Q

This system stores data and provides operations on the DB such as create, delete, update and search. It also provides security and integrity controls.

A

DBMS (Database Management System)

205
Q

Type of crypto attack where the cryptanalyst knows something about the specific relationships between the keys

A

Chosen-key attack

Contrary to what the name suggests, the cryptanalyst does not choose the key, that would not leave much to reveal

206
Q

Type of cryptographic attack where you are looking at the statistical chraracteristics of the language or weaknesses in keys.

A

Statistical analysis

207
Q

Type of encryption used for authentication?

A

asymmetric e.g. LUC, RSA, etc

208
Q

Type of encryption used for real-time communication such as VoIP.

A

stream cipher

209
Q

Type of sprinkler system always filled with water up to the sprinkler head. Plastic holding back the water in the nozzle melts and releases the water under pressure

A

wet pipe suppression system

210
Q

Type of sprinkler where water is held back at a distance from the sprinkler head by a valve. When temp hits 165 F the valve opens and water flows

A

dry pipe suppression system

The delay of the water surge allows computer systems to power down to avoid water damage

211
Q

Unique key for every single message

A

one-time pad; the key has the same length as the message

212
Q

Verifying that the data values are correct e.g. if a name, make sure it’s letters, if zip code, ensure it’s numbers

A

Semantic integrity

213
Q

Visible data hiding (hidden in the file but visible on the file) is ___.

A

digital watermarking

embedding information in a file to show ownership; if removed it destroys the file

214
Q

Water draining away from the building is __ drain. Similarly HVAC pushing air out of the building is __ pressure.

A

Positive drain, positive pressure

215
Q

We are using both ESP and AH to communicate between client and server. How many SAs do you need?

A

Four
If the AH protocol is used and bi-directional communication is required two SAs must be established. If both the AH and ESP protocols are to be employed bi-directionally, four SAs are needed.

216
Q

What are all the integrity-focused security models

A

Biba, Clark-Wilson, Non-Interference, Chinese Wall

217
Q

What are all the security-relevant parts of a system called?

A

TCB (Trusted Computing Base)

218
Q

What are examples of encryption algorithms that are based on the difficulty of solving the discrete logarithm problem as applied to elliptic curves?

A

Elliptic curve El Gamal encryption and signature schemes, Elliptic curve D-H key agreement scheme, Elliptic curve Schnorr signature scheme, ECDSA (Elliptic Curve Digital Signature Algorithm)

219
Q

What are the 4 different types of data models?

A

hierarchical, mesh, object-oriented, relational

For exam don’t need to know details, just generally know them

220
Q

What are the Digital Signature steps?

A
  1. Sender creates plaintext and generates a message digest
  2. Sender encrypts the message digest with his private key, creating a digital signature
  3. Sender attaches the digital signature to the document
    Digital signatures alone do not provide confidentiality. The message is still in plaintext. Another form of encryption must also be used.
221
Q

What are the goals of cryptography

A

Confidentiality uses Symmetric - requires a secure key distribution channel: Pre-shared key, asymmetric, Diffie Hellman key exchange; attacks focused on plaintext and encryption process
Data Integrity uses Hashing; collision OK if no way to predict, similar items will not collide
Authentication uses Asymmetric - public keys are sent via digital certificates; private keys kept private; attacks focused on ciphertext and decryption process
Non-repudiation (Integrity/Authentication) uses Digital Signatures (Hash+Asymmetric) - Message hash encrypted with senders private key

222
Q

What are the three most important smart phone security considerations?

A

Unlock code should be required
Encryption
Remote wiping capabilities and procedure

223
Q

What asymmetric encryption algorithms are based on the difficulty of solving the discrete logarithm problem for finite fields?

A

El Gamal (main one), Diffe-Hellman key agreement scheme, Schnorr signature scheme, NIST’s DSA (Digital Signature Algorithm)

224
Q

What class does petroleum fall under?

A

Class A: ALL common combustibles e.g. wood products, laminates (suppress with water or soda acid)
Class B: BOTTLE, you put liquids in a bottle e.g.gas petroleum, coolants (gas [Halon], CO2, soda acid)
Class C: CIRCUIT/CURRENT e.g. electrical, wires (suppress with gas, CO2)
Class D: Metals (suppress with DRY powder)

225
Q

What controls the flow of execution in a program?

A

CPU control unit

226
Q

What coordinates system activities during execution of code?

A

CPU control unit

227
Q

What describes the amount of randomness or disorder per bit?

A

Entropy

228
Q

What enables concurrent execution of multiple instructions?

A

Superscalar processor

229
Q

What encryption algorithm is synonymous with Rijndael?

A

AES (Advanced Encryption Standard)

230
Q

What encryption is based on factoring large integers into their two prime factors?

A

RSA

231
Q

What entails ensuring that if a session key is compromised previously captured communications may not also be decrypted?

A

PFS (Perfect Forward Secrecy)

232
Q

What government security model deals with government labels and confidentiality?

A

BLP (Bell-LaPadula) uses government labels e.g. top secret

233
Q

What is a bunch of DBMS’s together?

A

Data warehouse

234
Q

What is a digital signature that uses a pre-shared key?

A

HMAC (Hashed Message Authentication Code). The message and a pre-shared key are combined and hashed multiple times e.g. DNS TSIG (transaction signature) which uses HMAC-MD5 to verify integrity and authenticity of DNS transfers such as zone transfers. It serves similar role to digital signature, using symmetric instead of asymmetric encryption. Used when complexity of PKI is not needed

235
Q

What is a good resource to help you understand and identify issues, determining the top exposures in web apps?

A

OWASP (Open Web Application Security Project) e.g. the OWASP Top 10

236
Q

What is a set of memory addresses managed by the OS that don’t correspond directly to physical memory?

A

Virtual memory

237
Q

What is a top priority when working with physical security?

A

Safety

238
Q

What is an attack from VM to host OS or VM to another machine?

A

VMEscape; the attack is against the hypervisor or virtual devices controlled by the hypervisor

239
Q

What is an exception that results in copying memory data to and from the hard disk?

A

Page fault

240
Q

What is another name for UI redressing where a user is tricked into taking harmful action?

A

Click-jacking e.g. the user is tricked into clicking on a malicious link; a frame with a transparent window is overlaid on top of another; a user may think they are clicking Yes to Close Window but it’s really disabling the firewall

241
Q

What is combining different instructions?

A

Pipelining

242
Q

What is executing multiple HWPs at the same time on one CPU?

A

Multi-tasking; a task I sa HWP (Heavy Weight Process)

243
Q

What is executing multiple LWPs at the same time on one CPU?

A

Multi-threading; a thread is a LWP (Light Weight Process)

244
Q

What is executing multiple programs at the same time on multiple CPUs?

A

Multiprocessing

245
Q

What is it called when a digital signature is applied to an application?

A

Code signing. When the program is run the digital signature validates the integrity of the executable, and authenticates the executable creator.
E.g. Microsoft hashes the application (piece of code) and distributes it with the code; your system runs original execurtable through a hash with public key and tells you if it matches.

246
Q

What is it called when an adversary achieves read/write access to the data tier by sending commands via the web server?

A

SQL injection, can be solved by input validation otherwise an adversary could put a script in there to end the command and then delete a table, run any type of payload, etc

247
Q

What is it called when something has to occur immediately like a mouse click and regular CPU execution is temporarily put on hold?

A

Interrupt

248
Q

What is one way to protect from an SSL attack?

A

never click through the SSL warning you get on a webpage

249
Q

What is responsible for data transfer operations, arithmetic operations, data editing and decision making?

A

ALU (Arithmetic/logic unit)

250
Q

What is the best way to stop web-based attacks such as buffer overflows, SQL injecting and XSS?

A

input validation - make sure it meets the requirements of letters, numbers, special characters

251
Q

What is the best way to view access and verify least privilege?

A

Answer in general will be Access Control Matrix

252
Q

What is the class of a factory gate?

A

Class III Industrial gate (or link gate) e.g. loading dock, factory

253
Q

What is the computers capability to execute instructions in parallel due to the usage of multiple CPUs?

A

Multi-processing

254
Q

What is the CPUs capability to process more than one program at the same time?

A

Multi-tasking

255
Q

What is the formal acceptance of certification?

A

Accreditation

256
Q

What is the most critical part / weakest link / biggest exposure with cryptography?

A

Managing and keeping the secret key (with symmetric) and private key (with asymmetric) private.

257
Q

What is the primary goal of HMAC? Authenticity, Integrity or Confidentiality

A

Integrity

Can also be used to provide authentication e.g. if you know my pre-shared key you must have been given access to it

258
Q

What is the process of moving data to and from the hard drive, either writing to RAM or the physical disk?

A

Paging

259
Q

What is the simplest form of memory addressing?

A

Direct addressing

260
Q

What is used to define the database schema/environment?

A

DDL (Data Definition Language)

261
Q

What object-oriented programming technology does not use sandboxing?

A

ActiveX

262
Q

What object-oriented programming technology uses sandboxing?

A

Java

263
Q

What performs the calculations or operations based on program calls?

A

CPU arithmetic logic unit (ALU)

264
Q

What prevents certain information from ever being paged?

A

Locked memory

265
Q

What prevents one process from affecting the confidentiality, integrity or availability of another?

A

process isolation

266
Q

What provides non-repudiation?

A

Digital signatures
Combination of authentication and integrity; proves a document was signed by the owner and has not changed; digital signatures use both asymmetric encryption and a hash algorithm e.g. RSA and SHA-1

267
Q

What security model includes No Read Down and No Write Up?

A

Biba
No Read Down (the Simple Integrity Property) ensures a user does not receive inaccurate data from a lower level that is less trustworthy
No Write Up (the Integrity * Property) protects someone from overwriting data at a higher security level with false information

268
Q

What security model includes No Read Up and No Write Down?

A

BLP (Bell-LaPadula)
No Read Up (Simple Security Property), obvious for information leakage
No Write Down (* Property) to prevent write-down trojans from declassifying information

269
Q

What security model includes the Simple Integrity Property and the Integrity * Property?

A

Biba
No Read Down (the Simple Integrity Property) ensures a user does not receive inaccurate data from a lower level that is less trustworthy
No Write Up (the Integrity * Property) protects someone from overwriting data at a higher security level with false information

270
Q

What security model includes the Simple Security Property and the * Property?

A

BLP (Bell-LaPadula)
No Read Up (Simple Security Property), obvious for information leakage
No Write Down (* Property) to prevent write-down trojans from declassifying information

271
Q

What stores instructions and data for current programs in use

A

Primary storage memory unit

272
Q

What two encryption protocols might IPsec use?

A

AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels. ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, integrity and authentication. ESP used when data needs to be encrypted over untrusted network.

273
Q

What type of crypto attack uses physical data, such as monitoring CPU utilization, to break a cryptosystem?

A

Side-channel attack

274
Q

What type of encryption is Blowfish and Twofish?

A

Symmetrical
Blowfish: considered unbreakable using current technology
Twofish: adaptive version of blowfish

275
Q

What type of encryption is Chor Rivest Knapsack?

A

Asymmetric

276
Q

What type of encryption is Diffie-Hellman?

A

Asymmetric
Provides a method for exchanging symmetric keys via a public channel; symmetric keys may then be used to provide confidentiality

277
Q

What type of encryption is ECC?

A

Asymmetric

computing elliptic curves over finite fields

278
Q

What type of encryption is El Gamal?

A

Asymmetric

solving the discrete logarithm problem over finite fields

279
Q

What type of encryption is IDEA?

A

Symmetric, IDEA (International Data Encryption Algorithm), symmetric algorithm using a 128-bit key

280
Q

What type of encryption is LUC?

A

Asymmetric

281
Q

What type of encryption is Merkle-Hellman Knapsack

A

Asymmetric

282
Q

What type of encryption is RC4?

A

Symmetric

283
Q

What type of encryption is RC5?

A

Symmetric. Block cipher of variable block length (typically 32,64,128 bits)
RC3, RC4, RC5, RC6, etc are all symmetric. Key size can range from 0 to 2048 bits, patented by RSA data security in 1997

284
Q

What type of encryption is RIPEMD?

A

Hashing

285
Q

What type of encryption is RSA?

A

Asymmetric

factoring large integers into their two prime factors

286
Q

What type of encryption is SHA?

A

Hashing

287
Q

What type of gate is a loading dock gate?

A

Class III Industrial gate (or link gate) e.g. loading dock, factory

288
Q

What type of model shows you what info can and cannot be accessed based on graphical information flow.
It is graphical representation (with directed arrows) of what the reference monitor will enforce.

A

Lattice model
Requires that every subject and object be labeled with a security designation, access is based on comparison of those labels e.g. personnell with confidential clearance can access only resources labeled confidential or unclassified

289
Q

What type of system is typically used to control industrial equipment including power plants, elevators, prison doors, pipelines and HVAC

A

SCADA (Supervisory Control and Data Acquisition) systems

290
Q

What was the first common European standard to delineate between functionality and assurance. It’s also known as the flexible version of orange book.

A

ITSEC (Information Technology Security Evaluation Criteria) classes
They later realized it was too complicated and didn’t work so ISO started Common Criteria.
So it was Orange Book (TCSEC, Trusted Computer Security Evaluation Criteria), then ITSEC classes, then Common Criteria.

291
Q

What would ROT-3 on Y would be __.

A

B since it wraps around, Z would wrap around to C, etc

292
Q

What would we use in the early stages of designing out the databases?

A

DDL (Data Definiation Language)

293
Q

When a CPU can process more than one user program at the same time (or virtually the same time) it is called _____.

A

Multitasking

294
Q

Which encryption protocol is part of IPsec and is used for internal tunnels only and protects the entire packet including headers?

A

AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels.
ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, in

295
Q

Which encryption protocol is part of IPsec, protects the payload only and provides confidentiality?

A

ESP (Encapsulating Security Payload): protects the payload only; provides confidentiality, in
AH (Authentication Header): protects entire packet including headers; provides authentication and integrity but no confidentiality. AH used for internal tunnels.

296
Q

Which integrity model focuses on internal consistency and external consistency?

A

Clark-Wilson. Deals with Integrity, focused on commercial application
Unauthorized users cannot make changes, authorized users cannot make unauthorized changes. Maintains internal and external consistency at the system level

297
Q

Which integrity model focuses on well-formed transactions and separation of duties?

A

Clark-Wilson. Integrity enforced through well-formed transactions (e.g. C-W verifies after selling an item that inventory is correct before proceeding) and separation of duties (dash should remind you of separation of duties)
It is application-oriented rather than a general model like BLP or BIBA

298
Q

Which is best asymmetric algorithm for mobile phones?

A

ECC (Elliptic Curve Crypto)

tighter, faster code

299
Q

Which memory ring do programs usually operate in?

A

Ring 3: User, applications, programs (least trusted)

300
Q

Which memory ring do the drivers and utilities operate in?

A

Ring 2: I/O drivers and utilities

301
Q

Which memory ring do the OS components that are not part of the kernel operate in?

A

Ring 1: OS components that are not part of the kernel

302
Q

Which memory ring does the kernel operate in?

A

Ring 0: Operating system kernel (most trusted)

303
Q
Which of following is NOT a method for locking down a smart phone? 
Make sure there is unlock code on device
Register device with HR
Encrypt the device
Have remote wiping capabilities
A

Register device with HR

304
Q

Which organization is responsible for creating RFCs?

A

IETF (Internet Engineering Task Force)

305
Q

Which security model deals wth CoI?

A

Brewer Nash (aka Chinese Wall Model) deals with potential Conflict of Interest

306
Q

Who creates encryption algorithms?

A

Cryptographers

307
Q

Who dedicates their lives to breaking ciphers?

A

cryptanalysts

308
Q

Why is 3DES used and not 2DES?

A

Double DES is vulnerable to meet-in-the-middle attack and only has effective key length of 57 bits

309
Q

Write cryptographic formula and explain

A
E(m,k)=c
Encryption transformation(plaintext message,key or cryptovariable)=ciphertext
Run message and key through encryption algorithm and put it into meaningless data
D(c,k)=m = D(E(m,k),k)=m since using substitution
310
Q

You are rolling out a new DBMS. Which is NOT a traditional data model: hierarchical, authenticated, mesh, object-oriented

A

authenticated; the other one is relational

311
Q

you can’t find out someone’s salary but you and this person are the only person in a zip code so you can deduce that person’s salary (information of higher sensitivity) from that lower sensitivity information

A

inference
e.g. if you know neighbor was in process of selling his business and all of a sudden you see ferrari in the driveway you can infer he sold the business for a lot of money

312
Q

You generate session keys for each session you create so now if someone intercepts communications and breaks the session key they just have one message (rather than months and years of data). What is this called?

A

PFS (Perfect Forward Secrecy)

313
Q

You have a database stored in a different location to take over if the primary fails. If you’re in the middle of transaction and the database fails, you’ve lost the transaction. What type of database backup is this?

A

Shadow database

314
Q

You have a portion of ciphertext and are attempting to obtain the corresponding plaintext. What type of crypto attack is this?

A

Chosen ciphertext

The cryptanalyst has ciphertext and plaintext for messages that he chooses.

315
Q

Your company is running McAfee Safeboot 8.1. You are in the process of upgrading to 9.3. Which does 9.3 use for authentication? IDEA, LUC, SHA, RIPEMD

A

LUC (or any other assymetric encryption listed)

If you see confidentiality pick symmetric, if you see integrity pick hashing

316
Q

Your organization is running a datacenter that has $5 billion worth of intellectual property and equipment. You are constantly targeted by adversaries and it’s a significant risk if the datacenter gets compromised. If there is a fire in the data center how should the exterior doors fail?
Always be locked, fail open, fail closed, doors should never be used

A

Doors for any facility during a fire should always fail open. Safety is always the golden rule.