Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
156 Cards in this Set
- Front
- Back
Encryption that uses two keys: if you encrypt with one you may decrypt with the other |
Asymmetric encryption |
|
one-way encryption using an algorithm and no key |
Hash function |
|
Allows multiple virtual operating system guests to run on one host |
Hypervisor |
|
Preventive physical control with two doors. Each door requires a separate form of authentication to open |
Mantrap |
|
Following an authorized person into a building without providing credentials |
Tailgating |
|
TCSEC |
Trusted computer system evaluation criteria also known as the orange book |
|
Encryption that uses one key to encrypt and decrypt |
Symmetric encryption |
|
Domain 3 |
Security engineering |
|
What provides rules of the road for securely operating systems |
Security models |
|
Reading down and writing up |
If a subject with secret clearance uncovered a plot of top-secret importance they are writing up |
|
State Machine model |
Every possible state of a system is evaluated and if they are all secure the system is proving to be secure |
|
Belle - La Padula model |
State Machine model focused on maintaining the confidentiality of objects. Simple security property: no read up Star Security property: no write down The strong Tranquility property: states that security labels will not change while the system is operating Weak Tranquility property:that security labels will not change any way that conflicts with defined security parameters |
|
Allow security controls for complex environments. Subjects have a least upper bound LUB and greatest lower bound GLB access to the objects based on their position |
Lattice based access controls |
|
Confidentiality models versus Integrity models |
Models such as Bell La Padula focus on confidentiality which is a primary concern with government entities while the Biba model focuses on integrity which is more desirable for businesses |
|
Biba model |
The opposite of the Bell La Padula model in the Biba model there are two rules: the simple Integrity Axiom States no read down star Integrity Axiom States No wright up. The focus of this model is integrity |
|
Integrity model. Requires that users are authorized to access and modifying data. Requires data is modified in only authorized ways. The concept of separation of Duties and transformation procedures within the system. |
Clark - Wilson model |
|
Information flow model |
Both Bell lapadula and Biba use the information flow model |
|
Designed to address the risks inherent with employing Consultants working with in banking and financial institutions and having to do with conflicts of interest COI |
Chinese wall model. Also called Brewer-Nash. |
|
Non-interference model |
Data at different security domains remain separate from one another. a covert channel is a policy violating communication that is hidden from the owners of a data system |
|
Take- Grant protection model |
A complex model that contains rules that govern the interactions between subjects and objects and permissions subjects can grant to other subjects rules include: take, Grant, create, and remove |
|
Access Control matrix model |
Read, right, and execute Matrix |
|
Zachman framework for Enterprise architecture model |
A matrix of: what, how, where, who, when, and why map across rules including: planner, owner, designer, Builder, programmer, and user. |
|
A three-part model including objects, subject, and rules providing a granular approach for interactions between subjects and objects.There are 8 rules: 1.) Transfer access. 2.) Grant access. 3.) Delete access. 4.) Read object. 5.) Create object. 6.) Destroy object. 7.) Create subject. 8.) Destroy subject. |
The Graham - Denning model
|
|
A variation of the Graham Denning model with six primitive operations and it differs by considering subjects to also be objects |
Harrison - Ruzzo-Ullman model (HRU) |
|
These are the four what? 1.) Dedicated.-system contains objects of all one classification label. 2.) System High.-the system contains mix labels and all subjects must possess a clearance equal to the system's highest object. 3.) Compartmented.-formal need to know access is granted on specific objects which are placed into compartments. 4.) Multi-level.-the reference monitor mediates access between subjects and objects.-the reference monitor mediates access between subjects and objects. |
Modes of operation |
|
The orange book, is the granddaddy of evaluation models it uses a letter number combination with D as the lowest Security and A is the highest |
Trusted computer system evaluation criteria TCSEC |
|
TNI the red book |
Trusted Network interpretation brings tcsec Concepts to network systems |
|
The first successful International evaluation model. |
Information Technology security evaluation criteria (ITSEC) |
|
An internationally agreed-upon standard for describing and testing the security of it products it is designed to avoid requirements beyond the current state-of-the-art |
The international common criteria |
|
Common criteria terms: Target of evaluation |
The system or product that is being evaluated |
|
Common criteria terms: Security Target |
The documentation describing the target of evaluation including the security requirements and operational environment |
|
Common criteria terms: protection profile |
An independent set of security requirements and objectives for a specific category of products or systems, such as firewalls or intrusion detection systems |
|
Common criteria terms: Evaluation assurance level EAL |
The evaluation score of the tested product or system |
|
Common criteria: levels of evaluation |
EAL 1: functionally tested. EAL 2: structurally tested. EAL 3: methodically tested and checked. EAL 4: methodically designed, tested, and reviewed EAL 5: send semi-formaly designed and tested EAL 6: semi - formally verified, designed, and tested. EAL 7: formally verified, designed, and tested. |
|
"Vanderpool" & "Pacifica" |
The names of Intel and AMD virtualization Technologies |
|
CISC & RISC |
Complex instruction set computer and reduced instruction set computer. X86 vs ARM |
|
Common modes of memory addressing |
Direct, indirect, register direct, register indirect |
|
This prevents one process from affecting the CIA of another it's a requirement for secure multi-user and multi-tasking systems |
Memory protection |
|
Techniques such as using virtual memory, object encapsulation, and time multiplexing to prevent interference attacks is called... |
Process isolation |
|
This takes process isolation one step further by mapping processes to specific memory locations |
Hardware segmentation |
|
What provides functions including multi-tasking, allowing multiple processes to access the same shared library in memory, and swapping |
Virtual memory |
|
BIOS |
Firmware that runs post, then finds the boot sector, loads the kernel and Boots the operating system |
|
WORM storage |
Write once read many CD-R/DVD-R, and some digital linear tape drives |
|
A hardware chip on the motherboard that can do functions such as random number generation, symmetric, asymmetric, and hashing algorithms, storage of cryptographic keys and message Digest as well as ensuring boot integrity. |
Trusted platform module TPM |
|
What is the function of: Data execution prevention DEP and address space location randomization ASLR |
Both try to make it more difficult to perform exploits that try to corrupt the memory with system via stack or Heap based buffer overflow conditions |
|
Monolithic kernel vs. microkernel |
The monolithic kernel cannot add functionality while micro-kernel can add modules in user mode instead of supervisor mode. |
|
What runs the reference Monitor and what are its functions? |
A core function of the kernel is running the reference monitor which mediates all access between subjects and objects. The reference monitor is always enabled and cannot be bypassed. |
|
Transparent virtualization vs paravirtualization |
Transparent also called Full virtualization is what I normally run paravirtualization requires the guest operating systems to be changed to work |
|
Type 1 hypervisor vs Type 2 |
Type 1 is a bare metal hypervisor like ESX type 2 is like VMware workstation |
|
An attack that exploits the host OS the virtualized environment to gain access to other resources |
VMEscape |
|
Iaas |
Infrastructure-as-a-service for example: Linux server hosting |
|
Paas |
Platform-as-a-service for example: web service hosting |
|
Saas |
Software-as-a-service for example: webmail |
|
An approach of Distributed Computing that typically leverages spare CPU cycles of devices not currently needed |
Grid computing |
|
Large-scale parallel Data Systems |
Increased performance through economies of scale with Integrity challenges |
|
What control do you use to ensure you are receiving legitimate data through peer-to-peer Networks |
Cryptographic hashes |
|
The term for energy that escapes an electronic system which may be remotely monitored and protected by a government standard for shielding codename TEMPEST |
Emanations |
|
Definition of covert Channel and two specific types |
Any communication that violates security policy. Storage channels and timing channels |
|
Using shared storage to relay a hidden message utilizing file size as the message. |
Covert storage Channel |
|
Using the system clock to infer sensitive information such as a possible good username by the delay of the system checking the cryptographic hash |
Covert timing channel |
|
A type of back door installed by designers and programmers to allow developers to bypass normal system checks |
Maintenance hooks |
|
5 Types of computer viruses |
Macro virus, boot sector virus, stealth virus, polymorphic virus, multipartite virus |
|
Packers |
A type of malware used to shrink the size of an executable to evade signature-based malware detection |
|
Remote file inclusion attack |
Taking advantage of a back-end software such as PHP to have the server download of malicious file and run it by manipulating the URL |
|
A collection of some of the best application security resources many of them free for improving organizations application security posture known for their top 10 security risks |
The open web application security project (OWASP) |
|
An attempt to reduce application architecture down to the function unit of a service. XML or JSON for the data structures, soap or rest for the connectivity and WSDL provides details on how to invoke |
Service-oriented architecture (SOA) |
|
SOAP |
Simple object access protocol |
|
REST |
Representational State transfer |
|
WSDL |
Web services description language:. Provides details about how web services are to be invoked. |
|
This mean the database will create two entries with the same primary key possibly one labeled secret and one labeled top secret |
Poly instantiation |
|
Asking every single question to a database so you can infer the answer you're looking for though you might not have clearance for that data. Controls for this include poly instantiation as well as query limiting |
Inference and aggregation |
|
Network access control NAC and network access protection NAP |
Both verify current patches and or antivirus signatures. NAC is a Cisco product and NAP is an operating system based Solution by Microsoft |
|
Cryptology, cryptoanalysis, and cryptography |
Cryptography creates messages whose meaning is hidden, cryptanalysis is the science of breaking encrypted messages, and cryptology encompasses both it is the science of secure Communications |
|
Diffusion |
Means the order of the plaintext should be dispersed in the cipher text |
|
Confusion |
Means that the relationship between the plaintext and ciphertext should be as confused as possible |
|
The father of information security |
Claude Shannon with his paper: communication theory of secrecy systems, first defined the terms confusion and diffusion in 1949 |
|
Replacing one character for another providing confusion |
Cryptographic substitution |
|
Provides diffusion by rearranging the characters of the plaintext anagram style |
Permutation, also called transposition |
|
Describes how long will take to break a crypto system without the key |
The work Factor |
|
Monoalphabetic and polyalphabetic Ciphers |
Monoalphabetic Cipher uses one alphabet this makes it susceptible to a frequency analysis. Polyalphabetic Cipher use a different alphabet each round |
|
True if and only if one or the other is true not both. This is the basis of modern encryption. |
Exclusive or (XOR) |
|
Truecrypt and PGP |
Two common forms of whole disk encryption for encrypting data at rest |
|
Protocol governance |
The process of selecting the right method(Cypher), and implementation for the right job. Factors such as speed, strength, cost, complexity should be weighed. |
|
Spartan scytale |
Strip of parchment wrapped around a rod then written on downwards unraveled and sent to someone with a similar rod |
|
Caesar Cipher |
Monoalphabetic rotation Cipher used by Gaius Julius Caesar |
|
Vigenere Cypher |
A polyalphabetic Cipher consisting of grid of the alphabet across the top and a rotating alphabet down and the repeating key for look up. |
|
Cipher desk |
Can be monoalphabetic or polyalphabetic. Two parties agree on a fixed offset and if polyalphabetic encryption is desired they also agree on when they turn the inner disc. |
|
Jefferson discs |
The Cipher wheel had 36 wooden discs each with 26 letters in random order along the edge like The Ridges of a coin. Must be decrypted with an identical set of discs |
|
Book Cipher |
Use this whole words from a well-known text agreed upon ahead of time. It would it be in Cryptid by using page, column, offset. |
|
Running key Cipher |
Uses modulus math to add letters to each other from an agreed-upon text. |
|
Cipher for telegraphic correspondence |
Used by General Joseph Hooker during United States Civil War. each word in the code book has two code names the president was Adam or Asia the secretary of state was able or Austria |
|
One-time pad |
Identical paired pads of random characters that use modular addition for encrypting and subtraction for decrypting. The only encryption method that's mathematically proven to be secure. |
|
Vernam Cipher |
First known use of one-time pad an employee of AT&T Bell Laboratories in 1917 Gilbert Vernam |
|
Hebern machines |
Rotor machines such as enigma and sigaba. Enigma was critical in World War II and sigaba was never broken also called electronic code machine or ECM |
|
Purple |
A stepping switch device used by Japanese Axis powers during World War II. Successfully decrypting purple was responsible for a victory at the Battle of Midway Island. |
|
COCOM the wassenaar arrangement |
The Coordinating Committee for multilateral export controls restricted the export of cryptography to Iron Curtain countries during the Cold War; the wassenaar arrangement relaxed these restrictions |
|
The three types of cryptography |
Symmetric, asymmetric, hashing |
|
Stream and block ciphers |
Stream ciphers encrypt each bit individually. Block ciphers encrypt blocks of data each round. For example: 64 bits for DES |
|
Initialization vectors and chaining |
A message to prevent patterns do to letterhead in symmetric ciphers. Chaining is called feedback and stream modes and seeds the previous and encrypted block into the next block. |
|
DES |
The data encryption standard which actually describes the data encryption algorithm or DEA. 64 bit block size and 56 bit key. |
|
The five modes of DES |
Electronic code book (ECB) Cipher block chaining (CBC) Cipher feedback (CFB) Output feedback (OFB) Counter mode (CTR) |
|
Electronic codebook (ECB) |
The first and weakest form of Des it uses no initialization vector or chaining. Two plain texts with partial identical portions will have the same ciphertext portions |
|
Cipher block chaining (CBC) |
A form of Des that XORs the previous encrypted block of ciphertext to the next block of plain text. It uses random data for an initiation vector but the chaining causes an encryption error to Cascade and destroy the integrity |
|
Cipher feedback CFB |
Like Cipher block chaining but in stream mode using feedback (AKA chaining in stream mode) |
|
Output feedback OFB |
Similar to Cipher feedback but changes the way the feedback Works to not propagate errors |
|
Counter mode CTR |
Similar to output feedback but the feedback uses a counter which can be done in parallel. |
|
Triple Des |
Single Des 3 times per block. Slow and complex compared to newer symmetric algorithms such as AES or twofish. double Des is susceptible to meet in the middle attack |
|
Triple Des encryption order and keying options |
Encrypt decrypt encrypted EDE Basically this just described using one key to keys or three keys three keys being the most secure effective strength of 112 bits due to a partial meet in the middle attack |
|
International data encryption algorithm IDEA |
128 bit key 64-bit block size; patented and slow speed compared to AES |
|
Advanced encryption standard AES |
Symmetric block Cipher 128-bit keys 10 rounds 192 bit with 12 256-bit with 14 128-bit blocks of data. Vincent Rijmen and Joan Daemen |
|
AES functions |
Subbites, shiftrows, mixcolumns, and addroundkey provide confusion, diffusion, and XOR encryption to the state |
|
Blowfish and twofish |
Symmetric block ciphers created by teams led by Bruce schneier. GloFish uses 32 to 448 bit keys to encrypt 64 bits of data. Two fish was an AES finalist encrypting 128-bit blocks using 128 through 256-bit keys |
|
Rc5 and rc6 |
Symmetric block ciphers by RSA Laboratories. Rc6 encrypt 128-bit blocks using 128, 192, or 256-bit keys. Rc6 was an AES finalists |
|
Asymmetric methods-One Way functions |
Factoring prime numbers. Discrete logarithm. Diffie Hellman key agreement protocol which uses discrete logarithm. Elliptic curve cryptography ECC which also uses discrete logarithms. |
|
Hash functions |
Provide integrity Sha - 1 create a 160 bit hash Message digest 5 md5 creates a 128-bit hash |
|
Collisions |
Because the possible plaintexts are far larger than the possible hash more than one document could have the same hash |
|
Secure hash algorithm sha-1 + sha-2 |
Sha - 1 creates a 160 bit hash value Sha - 2 create 224, 256, 384 , and 512 |
|
Hash of variable length HAVAL |
128, 160, 192, 224, or 256 Beth using three, four, or five rounds. Faster than md5 |
|
The term for having some information about a key to reduce number of characters to try to break the key |
Known key |
|
An attack that works on double Des to effectively make the number of attempts 2^57 and reducing the strength of the 168 bit triple DES to 112 Beth |
Meet in the middle attack |
|
Finding the difference between related plaintext that are encrypted and analyzing signs of non randomness |
Differential Crypt analysis |
|
Using large amounts of plain text flashlight for text Paris created with the same key |
Linear cryptanalysis |
|
Using physical data to break a crypto system such as monitoring CPU Cycles or power consumption used while encrypting or decrypting |
Side Channel attacks |
|
Exploiting a mistake in the implementation of an application such as plain text or keys left in virtual memory |
Implementation attack |
|
A probability-based attack for finding any input that creates a colliding hash with any other input |
Birthday attack |
|
When two symmetric Keys applied to the same plaintext produce the same ciphertext |
Key clustering |
|
A cryptographic algorithm |
Cipher |
|
What provides authentication and integrity Forming non-repudiation but not providing confidentiality |
Digital signature |
|
A hash function that uses a key |
Message application code Mac |
|
HMAC |
Hashed message application code. Using a pre-shared key along with hashing to provide non-repudiation |
|
The standard digital certificate format for pki |
X. 509 |
|
Nist special publication 800 - 15 describes five components of pki |
Certificate authorities Organizational registration authorities Certificate holders Clients that validate digital signatures Repositories that store certificates and certificate revocation lists |
|
Who authenticates the identity of an entity requesting a certificate |
Organizational registration authorities ORA |
|
The two primary Protocols of IPSEC |
Authentication header AH.Encapsulating security payload ESP Encapsulating security payload ESP |
|
ISAKMP |
Internet Security Association and Key Management protocol |
|
IKE |
Internet key exchange |
|
Provides authentication and integrity for ipsec traffic |
Authentication header AH |
|
Provides confidentiality for ipsec traffic |
Encapsulating security payload ESP |
|
The protocol that manages the SA creation process |
ISAKMP The Internet Security Association and Key Management protocol |
|
Tunnel mode vs transport mode |
Tunnel mode encrypts the header and data, whereas transport mode encrypts only the data. Transport mode is often used with AH |
|
The algorithm selection process for an ipsec tunnel |
Internet key exchange IKE |
|
Asymmetric encryption for the masses which uses a web of trust instead of a central certificate Authority |
Pretty good privacy PGP |
|
Provide the standard way to format email including characters sets and attachments |
Multipurpose internet mail extension (S/MIME) |
|
When a third party organization hold the copy of a public / private key pair |
Escrowed encryption |
|
An abandoned technology used in the escrowed encryption standard using the skipjack algorithm symmetric Cipher with an 80 bit key |
Clipper chip |
|
The act of hiding that communication is taking place at all such as Within a pictures pixels |
Steganography |
|
Strong post designed to stop a car |
Bollard |
|
The term for one Lumen per square meter |
Lux |
|
The type of light originally used in lighthouses |
Fresnell |
|
Class A fire |
Wood paper rubber plastic. Extinguished with water or soda acid |
|
Class B fire flammable liquids, in the US this includes flammable gases in Europe flammable gases are Class C |
Extinguished with Halon substitute CO2 or soda acid |
|
Class C fire electrical equipment,. Class E in Europe |
Halon substitute or CO2 |
|
Class D combustible metals |
Extinguished with dry powder |
|
Class K in US or F in Europe |
Kitchen oil or fat fires extinguished with wet chemicals |
|
Halon substitutes |
Argon FE-13 FM-200 Inergen |
|
The PASS method to extinguish a fire with a portable fire extinguisher |
Pull the pin. Aim low. Squeeze the pin. sweep the fire. |