Udemy Sections 7-8 Supply Chain Management and Virtualization

Question 1

Ensuring that the operation of every element (hardware, firmware, driver, OS, and application) is consistent and tamper resistant establishes a what?

Answer 1

Trusted computing environment

Question 2

A legal principle identifying a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system

Answer 2

Due diligence

Question 3

Properly resourced cybersecurity program

Security assurance and risk management processes

Product support life cycle

Security controls for confidential data

Incident response and forensics assistance

General and historical company information

You must consider all of these things in order to do what?

Answer 3

Due diligence

Question 4

A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function)

Answer 4

Trusted Foundry

Question 5

Who operates the Trusted Foundry Program?

Answer 5

DoD

Question 6

What does the Trusted Foundry do?

Answer 6

Ensures that microprocessors in a supply chain are secure. It is run by the DoD.

Question 7

The process of ensuring that hardware is procured tamper-free from trustworthy suppliers

Answer 7

Hardware source authenticity

Question 8

ROT stands for

Answer 8

Root of Trust

Question 9

A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics

Answer 9

ROT (Root of Trust)

Question 10

Hardware that is used to scan the boot metrics and OS files to verify their signatures, which we can then use to sign a digital report

Answer 10

Hardware root of trust

Question 11

What is the most common ROT?

Answer 11

TPM (Trusted Platform Module)

Question 12

A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information

Answer 12

TPM (Trusted Platform Module)

Question 13

Which part is the part of your system that ensures when your computer is booted up, it does so securely?

Answer 13

TPM (Trusted Platform Module)

Question 14

What is the program name to manage the TPM in your Windows computer?

Answer 14

tpm.msc

OR you can manage the TPM through group policy

Question 15

An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage

Answer 15

HSM (Hardware Security Module)

Question 16

Methods that make it difficult for an attacker to alter the authorized execution of software

Answer 16

Anti-tamper

Question 17

FPGA stands for

Answer 17

Field programmable gate array

Question 18

PUF stands for

Answer 18

Physically unclonable function

Question 19

What type of mechanisms are FPGA and PUF?

Answer 19

Anti-tamper mechanisms

Question 20

What do FPGA and PUF do?

Answer 20

When an attacker attempts to tacker with a system, these mechanisms zero out your cryptographic key, which wipes out the info on that system. That way, you know the system has been tampered with.

Question 21

A type of exploit that gives an attacker an opportunity to run any code at the highest level of CPU privilege

Answer 21

Firmware exploit

Question 22

A type of system firmware providing support for 64-bit GUI operation at boot, full GUI and mouse operation at boot, and better boot security

Answer 22

UEFI (Unified Extensible Firmware Interface)

Question 23

A feature of UEFI that prevents unwanted processes from executing during the boot operation. Checks each process for digital signatures. If a process does not have a legitimate digital signature, it will not be loaded.

Answer 23

Secure boot

Question 24

A UEFI feature that gathers secure metrics to validate the boot process in an attestation report. How much time each process takes to load, etc.

Answer 24

Measured boot

Question 25

A claim that the data presented in the report is valid by digitally signing it using the TPM's private key

Answer 25

Attestation

Question 26

A means for software or firmware to permanently alter the state of a transistor on a computer chip. It uses one-time programming to secure cryptographic keys and other security information during the development process. If someone attempts to tamper with the firmware, this triggers, and the system that had been tampered with will no longer be trusted.

Answer 26

eFUSE

Question 27

A hardware component in a computer microchip that acts as a switch, letting current through to represent the binary digit 1, or cutting it off to represent 0

Answer 27

Transistor

Question 28

A firmware update that is digitally signed by the vendor and trusted by the system before installation

Answer 28

Trusted firmware update

Question 29

A disk drive where the controller can automatically encrypt data that is written to it. It also decrypts the data when it is being read from the drive. Encryption and decryption is done at the hardware level because of the function of the firmware.

Answer 29

SED (Self-Encrypting Drives)

Question 30

A mechanism for ensuring the confidentiality, integrity, and availability of software code and data as it is executed in volatile memory

Answer 30

Secure processing

Question 31

Low-level CPU changes and instructions that enable secure processing

Answer 31

Processor security extensions

Question 32

What is SME?

Answer 32

Secure Memory Encryption Processor security extension for AMD processor

Question 33

What is SEV?

Answer 33

Secure Encrypted Virtualization Processor security extension for AMD processor

Question 34

2 names for the processor security extension for AMD processors

Answer 34

SME (Secure Memory Encryption) SEV (Secure Encrypted Virtualization)

Question 35

What is TXT?

Answer 35

Trusted eXecution Technology Processor security extension for Intel processor

Question 36

SGX stands for What is it?

Answer 36

Software Guard eXtensions Processor security extension for Intel processor

Question 37

2 names for the processor security extension for Intel processors

Answer 37

TXT (Trusted eXecution Technology) SGX (Software Guard eXtensions)

Question 38

This happens when the CPU's security extensions invoke a TPM and secure boot attestation to ensure that a trusted OS is running

Answer 38

Trusted execution

Question 39

The extension that allows a trusted process to create an encrypted container for sensitive data

Answer 39

Secure enclave

Question 40

Certain operations that should only be performed once or not at all, such as initializing a memory location. Extensions are in place to make sure that an attacker can't redo these operations to make your computer vulnerable (buffer overflow, race condition, etc.)

Answer 40

Atomic execution

Question 41

Data is encrypted by an app prior to being placed on the data bus. Ensures data being sent over the network or bus is encrypted. You must ensure that the device at the end of the bus/network is trusted to decrypt the data

Answer 41

Bus encryption

Question 42

Secured I/O, cryptographic processor, persistent memory, and versatile memory are all functions of what?

Answer 42

TPM

Question 43

The creation of a virtual resource

Answer 43

Virtualization

Question 44

A container that contains an emulated computer that can run an entire OS

Answer 44

Virtual machine

Question 45

2 main types of virtual machines

Answer 45

System VM Processor VM

Question 46

A VM that is a complete platform designed to replace an entire physical computer and includes a full desktop/server OS

Answer 46

System virtual machine

Question 47

A type of VM that is designed to only run a single process or app like a virtualized web browser or a simple web server

Answer 47

Processor VM

Question 48

Software that manages the distribution of the physical resources of a host machine (server) to the virtual machines being run (guests)

Answer 48

Hypervisor

Question 49

Other name for Type 1 hypervisor?

Answer 49

Bare metal

Question 50

Which of the 2 hypervisors is faster and more efficient?

Answer 50

Type I (bare metal) Because the type I hypervisor doesn't have to waste any of the host computer's resources by running a full desktop OS first; a type I hypervisor acts as a stripped down, special OS to provide the physical resources to the VMs

Question 51

Other name for Type II hypervisor?

Answer 51

Hosted

Question 52

This type of hypervisor runs directly on the host computer's hardware and functions as an OS in and of itself

Answer 52

Type I (bare metal)

Question 53

This type of hypervisor runs within a normal OS

Answer 53

Type II (hosted)

Question 54

A virtualization method where a single OS kernel is shared across multiple VMs, but each VM receives its own user space for programs and data

Answer 54

Application containerization

Question 55

T/F: Application containerization is less efficient than Type I and Type II hypervisors

Answer 55

False. It is more efficient than both of them.

Question 56

Docker, Parallels Virtuozzo, and OpenVZ are examples of what type of software?

Answer 56

Application containerization

Question 57

An attack that allows an attacker to break out of a normally isolated VM by interacting directly with the hypervisor

Answer 57

VM escape

Question 58

How to reduce the risk of VM escape?

Answer 58

Virtual servers should be hosted on the same physical server as other VMs, on the same network (or network segment) based on its classification

Question 59

This word means it's easy for things to scale up or down to meet user demands

Answer 59

Elasticity

Question 60

Contents of a VM that exist as deleted files on a cloud-based server after deprovisioning of a VM

Answer 60

Data remnants

Question 61

Occurs when a user is able to grant themselves the ability to run functions as a higher-level user. This can be disastrous when a user does so for a hypervisor

Answer 61

Privilege elevation AKA privilege escalation

Question 62

Occurs when a VM is moved from one physical server to another over the network. Vulnerable to MITM attacks if the data is not encrypted

Answer 62

Live migration

Question 63

T/F: It is best security practice to limit the connectivity between the VM and the host by use of a virtualized network card or network shares

Answer 63

True This keeps malware from spreading between VMs

Question 64

T/F: When hosting a large amount of VMs, it is best security practice to spread them out over several separate, physical servers

Answer 64

True This prevents attackers from initiating a DoS attack that will take down all of your VMs at once

Question 65

Occurs when VMs are created, used, and deployed without proper management or oversight by the system admins. It essentially means losing track of the VMs, where they are, whether they need to be updated, etc.

Answer 65

Virtualization sprawl

Question 66

Which type of hypervisor is described in these layers: Guest VM Hypervisor Physical hardware

Answer 66

Type I (bare metal)

Question 67

Which type of hypervisor is described in these layers? Guest VM Hypervisor Host OS Physical hardware

Answer 67

Type II (hosted)