Udemy Sections 7-8 Supply Chain Management and Virtualization Flashcards

1
Q

Ensuring that the operation of every element (hardware, firmware, driver, OS, and application) is consistent and tamper resistant establishes a what?

A

Trusted computing environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A legal principle identifying a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system

A

Due diligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Properly resourced cybersecurity program

Security assurance and risk management processes

Product support life cycle

Security controls for confidential data

Incident response and forensics assistance

General and historical company information

You must consider all of these things in order to do what?

A

Due diligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function)

A

Trusted Foundry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who operates the Trusted Foundry Program?

A

DoD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the Trusted Foundry do?

A

Ensures that microprocessors in a supply chain are secure. It is run by the DoD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The process of ensuring that hardware is procured tamper-free from trustworthy suppliers

A

Hardware source authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ROT stands for

A

Root of Trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics

A

ROT (Root of Trust)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Hardware that is used to scan the boot metrics and OS files to verify their signatures, which we can then use to sign a digital report

A

Hardware root of trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the most common ROT?

A

TPM (Trusted Platform Module)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information

A

TPM (Trusted Platform Module)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which part is the part of your system that ensures when your computer is booted up, it does so securely?

A

TPM (Trusted Platform Module)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the program name to manage the TPM in your Windows computer?

A

tpm.msc

OR you can manage the TPM through group policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage

A

HSM (Hardware Security Module)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Methods that make it difficult for an attacker to alter the authorized execution of software

A

Anti-tamper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

FPGA stands for

A

Field programmable gate array

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

PUF stands for

A

Physically unclonable function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What type of mechanisms are FPGA and PUF?

A

Anti-tamper mechanisms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What do FPGA and PUF do?

A

When an attacker attempts to tacker with a system, these mechanisms zero out your cryptographic key, which wipes out the info on that system. That way, you know the system has been tampered with.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A type of exploit that gives an attacker an opportunity to run any code at the highest level of CPU privilege

A

Firmware exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A type of system firmware providing support for 64-bit GUI operation at boot, full GUI and mouse operation at boot, and better boot security

A

UEFI (Unified Extensible Firmware Interface)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A feature of UEFI that prevents unwanted processes from executing during the boot operation. Checks each process for digital signatures. If a process does not have a legitimate digital signature, it will not be loaded.

A

Secure boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A UEFI feature that gathers secure metrics to validate the boot process in an attestation report. How much time each process takes to load, etc.

A

Measured boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A claim that the data presented in the report is valid by digitally signing it using the TPM’s private key

A

Attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A means for software or firmware to permanently alter the state of a transistor on a computer chip.

It uses one-time programming to secure cryptographic keys and other security information during the development process. If someone attempts to tamper with the firmware, this triggers, and the system that had been tampered with will no longer be trusted.

A

eFUSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A hardware component in a computer microchip that acts as a switch, letting current through to represent the binary digit 1, or cutting it off to represent 0

A

Transistor

28
Q

A firmware update that is digitally signed by the vendor and trusted by the system before installation

A

Trusted firmware update

29
Q

A disk drive where the controller can automatically encrypt data that is written to it. It also decrypts the data when it is being read from the drive.

Encryption and decryption is done at the hardware level because of the function of the firmware.

A

SED (Self-Encrypting Drives)

30
Q

A mechanism for ensuring the confidentiality, integrity, and availability of software code and data as it is executed in volatile memory

A

Secure processing

31
Q

Low-level CPU changes and instructions that enable secure processing

A

Processor security extensions

32
Q

What is SME?

A

Secure Memory Encryption

Processor security extension for AMD processor

33
Q

What is SEV?

A

Secure Encrypted Virtualization

Processor security extension for AMD processor

34
Q

2 names for the processor security extension for AMD processors

A

SME (Secure Memory Encryption)
SEV (Secure Encrypted Virtualization)

35
Q

What is TXT?

A

Trusted eXecution Technology

Processor security extension for Intel processor

36
Q

SGX stands for

What is it?

A

Software Guard eXtensions

Processor security extension for Intel processor

37
Q

2 names for the processor security extension for Intel processors

A

TXT (Trusted eXecution Technology)

SGX (Software Guard eXtensions)

38
Q

This happens when the CPU’s security extensions invoke a TPM and secure boot attestation to ensure that a trusted OS is running

A

Trusted execution

39
Q

The extension that allows a trusted process to create an encrypted container for sensitive data

A

Secure enclave

40
Q

Certain operations that should only be performed once or not at all, such as initializing a memory location.

Extensions are in place to make sure that an attacker can’t redo these operations to make your computer vulnerable (buffer overflow, race condition, etc.)

A

Atomic execution

41
Q

Data is encrypted by an app prior to being placed on the data bus. Ensures data being sent over the network or bus is encrypted.

You must ensure that the device at the end of the bus/network is trusted to decrypt the data

A

Bus encryption

42
Q

Secured I/O, cryptographic processor, persistent memory, and versatile memory are all functions of what?

A

TPM

43
Q

The creation of a virtual resource

A

Virtualization

44
Q

A container that contains an emulated computer that can run an entire OS

A

Virtual machine

45
Q

2 main types of virtual machines

A

System VM
Processor VM

46
Q

A VM that is a complete platform designed to replace an entire physical computer and includes a full desktop/server OS

A

System virtual machine

47
Q

A type of VM that is designed to only run a single process or app like a virtualized web browser or a simple web server

A

Processor VM

48
Q

Software that manages the distribution of the physical resources of a host machine (server) to the virtual machines being run (guests)

A

Hypervisor

49
Q

Other name for Type 1 hypervisor?

A

Bare metal

50
Q

Which of the 2 hypervisors is faster and more efficient?

A

Type I (bare metal)

Because the type I hypervisor doesn’t have to waste any of the host computer’s resources by running a full desktop OS first; a type I hypervisor acts as a stripped down, special OS to provide the physical resources to the VMs

51
Q

Other name for Type II hypervisor?

A

Hosted

52
Q

This type of hypervisor runs directly on the host computer’s hardware and functions as an OS in and of itself

A

Type I (bare metal)

53
Q

This type of hypervisor runs within a normal OS

A

Type II (hosted)

54
Q

A virtualization method where a single OS kernel is shared across multiple VMs, but each VM receives its own user space for programs and data

A

Application containerization

55
Q

T/F: Application containerization is less efficient than Type I and Type II hypervisors

A

False. It is more efficient than both of them.

56
Q

Docker, Parallels Virtuozzo, and OpenVZ are examples of what type of software?

A

Application containerization

57
Q

An attack that allows an attacker to break out of a normally isolated VM by interacting directly with the hypervisor

A

VM escape

58
Q

How to reduce the risk of VM escape?

A

Virtual servers should be hosted on the same physical server as other VMs, on the same network (or network segment) based on its classification

59
Q

This word means it’s easy for things to scale up or down to meet user demands

A

Elasticity

60
Q

Contents of a VM that exist as deleted files on a cloud-based server after deprovisioning of a VM

A

Data remnants

61
Q

Occurs when a user is able to grant themselves the ability to run functions as a higher-level user.

This can be disastrous when a user does so for a hypervisor

A

Privilege elevation
AKA privilege escalation

62
Q

Occurs when a VM is moved from one physical server to another over the network.

Vulnerable to MITM attacks if the data is not encrypted

A

Live migration

63
Q

T/F: It is best security practice to limit the connectivity between the VM and the host by use of a virtualized network card or network shares

A

True

This keeps malware from spreading between VMs

64
Q

T/F: When hosting a large amount of VMs, it is best security practice to spread them out over several separate, physical servers

A

True

This prevents attackers from initiating a DoS attack that will take down all of your VMs at once

65
Q

Occurs when VMs are created, used, and deployed without proper management or oversight by the system admins.

It essentially means losing track of the VMs, where they are, whether they need to be updated, etc.

A

Virtualization sprawl

66
Q

Which type of hypervisor is described in these layers:

Guest VM
Hypervisor
Physical hardware

A

Type I (bare metal)

67
Q

Which type of hypervisor is described in these layers?

Guest VM
Hypervisor
Host OS
Physical hardware

A

Type II (hosted)