-
What is the problem state for a CPU?
can only execute non-privileged instructions
-
What are the 4 states of a CPU?
- Ready
- Waiting
- Problem
- Supervisor
-
What algorithm is AES based on and how many bits does it support?
Rijndael and supports 128, 192, 256
-
Where is CTR used?
It's used for IPSec, encrypting ATM cells, and 802.11i.
-
Performs arithmetic and logical functions
Arithmetic logic unit (ALU)
-
Extracts instructions from memory and decodes and executes the instructions
The control unit
-
What is the reference monitor's job?
To validate access between a subject and object
-
What does the TCB monitor?
Monitors execution domain, process execution, IO operations, and memory protection
-
What is the sum of all of the protection mechanisms in a computer? Includes HW, SW, controls and processes
Trusted Computing Base
-
What is responsible for enforcing the security policy?
TCB
-
Attack that allows the attacker to decrypt ciphertext and encrypt plaintext and compare the results. Doing this at the same time reduces brute force efforts.
Meet-in-the-middle attack
-
Attack based on timing, sounds, or electromagnetic leaks. Attacker "watches" something.
Side channel attack
-
What is CTR?
Counter mode. Uses an IV counter for each plaintext block that needs to be encrypted. Doesn't chain.
-
What is OFB?
Output feedback mode. Encrypts small blocks of plaintext and has less chance of errors.
-
Where is IDEA used?
In PGP
-
What is IDEA?
64-bit block cipher used by PGP. Divided into 16 smaller blocks that each have 8 rounds of math functions performed on it.
-
Momentary low voltage
sag
-
Vernam Cipher
One-time pad
-
What type of mode uses the previous block of ciphertext in order to encrypt the next block?
CBC - Cipher block chaining
-
-
What is Electronic Code Book mode best used for?
Best used to encrypt small bits of data like Pin numbers, CHAP values and encrypting keys
-
Skipjack block and key size
64-bit block and 80-bit key
-
Who needs the symmetric key?
Both sides need the same key
-
What's the formula for calculating how many symmetric keys are needed?
N(N-1)/2
-
Where does the reference monitor operate at?
The security perimeter
-
What handles all user/app requests for access to system resources?
The security kernel
-
What layer is the least trusted layer in protection rings?
Layer 3
-
Asymmetric algorithm provides:
1. Confidentiality
2. Integrity - Authentication
3. Non-Repudiation
4. All of the above
4. All of the above
-
In an asymmetric algorithm, what is used to encrypt the actual message?
A symmetric key
-
How many usb devices can be chained together?
127
-
How many types of ROM are there?
4: EProm, EEProm, Programmable Logic Devices (PLD), Flash memory
-
How many types of DRAM are there?
4: SDRAM, DDR, DDR2, RDRAM
-
What type of memory needs to be refreshed often?
DRAM
-
Session keys are valid for how long?
a single session
-
A symmetric key that is used to encrypt messages between 2 users is also known as a....
session key
-
Can perform 2 or more tasks or subtasks at the same time
Multitasking
-
What is Diffie-Hellman?
A way to exchange secret keys over a public connection
-
How do you make sure that the person you send an email to is the only person that can open it?
Encrypt the message with the user's public key.
-
DES,3DES,Blowfish,IDEA,RC(4/5/6), AES are examples of ...
Symmetric algorithms
-
Symmetric keys provide:
1. confidentiality
2. integrity
3. non-repudiation
4. all of the above
1. Confidentiality
-
Asymmetric keys are composed of what?
Public and private keys
-
What does RSA provide?
- Easy direction: Encryption and digital signature verification
- Hard direction: Decryption and digital signature generation
-
What 3 things does a fire need?
Heat, Fuel, and oxygen
-
What is MTTR?
Mean time to repair is the amount of time a vendor states a device could be repaired or replaced.
-
Noise disturbances for a short duration
Transient
-
Interference on the line
Noise
-
RSA One way function:
Easy Direction =
Hard Direction =
- Easy: Encryption & signature verification
- Hard: Decryption & signature generation
-
What keeps cryptographic session and secret keys in Kerberos?
The KDC
-
CAST Block Size
128 or 256-Bit
-
SAFER block and key size
64-bit block and 128-bit key
-
RC5 block and key size
- Block: 32, 64, and 128-bit
- Key: up to 2040 Bits
- Rounds: up to 255
-
RC4: Stream or Block
Stream
-
Rijndael Block and Key size
- Block: Multiple but fixed at 128 for AES
- Key: 128, 192, or 256 bit
-
IDEA Block and key size
- Block: 64-bit
- Key: 128 bit
-
Twofish block and key size
- Block: 128 bit
- Key: up to 256
-
Blowfish block and key size
- Block: Variable
- Key: Up to 448
-
Momentary loss of power
Fault
-
How many rounds does AES or Rijndael use?
- 10 rounds for 128 bit
- 12 rounds for 192 bit
- 14 rounds for 256 bit
-
This can use Tokens, capability list, security labels
Reference monitor
-
This:
Cannot be bypassed and controls all access
Cannot be altered and is protected from change
Can be verified and tested
Reference monitor
-
Prolonged High Voltage
Surge
-
What is passive infrared IDS sensitive to?
Heat change
-
What is the WAIT state for a CPU?
It's waiting for a task to finish executing
-
In common criteria, what document is used as the basis for testing?
Security target and it's provided by the developer of the product
-
What is EAL 0?
Inadequate assurance
-
What is a system known as that's being evaluated for an EAL certification?
Target of Evaluation (TOE)
-
What utility does the FBI have that is allowed to pass through an antivirus and act as a keylogger to get passwords and such to allow the FBI to decrypt any encryption that may be on the computer?
Magic Lantern
-
What encrypts all data from a specific communication device to another communications device?
Link encryption
-
Where is a Key backup and recovery used?
In a PKI environment
-
Where is a CRL used?
In a PKI environment
-
What is Diffie Hellman algorithm vulnerable to?
Man in the middle attack because the initial key exchange has no authentication
-
Name the 4 types of MACs
- unconditionally secured
- Hash function based
- stream cipher-based
- block cipher-based
-
What is Haval-3-128 and Haval-4-256?
- Haval-3 makes 3 passes and produces 128-bit hash
- Haval-4 makes 4 passes and produces 256-bit hash
-
What does SHA2 include?
SHA-224, 256, 386, 512
-
What is the effective bits in SHA-1
111 bits are effective with a 160-bit hash
-
Algorithms that function in a discrete logarithm in a finite field
-
What is an extension of Diffie Hellman?
El Gamal
-
What is CFB?
Counter Feedback Mode - a block cipher that emulates a stream cipher
-
Define "one way function"
A mathematical calculation that easy done in one direction but hard in the opposite direction
-
Power degradation that is low and less than normal
Brownout
-
Prolonged loss of power
Blackout
-
Types of fire detectors
- Heat - works by rate of rise temps
- Smoke - works by photoelectronics
- Flame - most expensive. works from infrared
-
Class A fire
Paper/wood products : use soda acid or water to put out
-
What is the key size for RSA
Up to 2048 bits
-
What other name is TCSEC known by?
The orange book
-
What are the two security requirements for the common criteria?
Functionality and assurance
-
What is a protection profile?
Protection profiles describe the functionality and assurance that a system provides
-
What is EAL?
Evaluation Assurance Level
-
What is EAL1?
Functionally tested
-
What is EAL2?
Structurally tested
-
What is EAL3?
Methodically tested and checked
-
What is EAL4?
Methodically designed, tested, and reviewed
-
What is EAL5?
Semiformally designed and tested
-
What is EAL6?
Semiformally verified design and tested
-
What is EAL7?
Formally verified design and tested
-
What's used in the trap door's inverse/reverse direction?
Someone using the private key function decryption, generation of signatures and transmission of symmetric keys
-
What is used in the trap doors forward direction?
Someone using the public key function verification of signatures and receipt of symmetric keys
-
Another name for a one way function?
Trapdoor
-
What is one of the largest barriers in symmetric encryption?
Key distribution
-
How large is the IV in:
64-Bit WEP
128-Bit WEP
- 24 bits in 40-bit wep giving 64-Bit WEP
- 24 bits in 104 bit giving 128-Bit WEP
-
What are the 3 layers of transformation that Rijndael performs?
- Linear transform
- Non-Linear transform
- Key addition transform
-
What is the standard that a CA uses when creating a certificate?
X.509
-
What is RSA?
Rivest-Shamir-Aldir - used for digital signatures, key exchange, and encryption
-
Momentary High Voltage
Spike
-
What is a birthday attack?
A statistical attack used to create a collision between hashes
-
What is Tiger?
Hasing algorithm for use on 64-Bit systems; 192-bit
-
What is PKI
Public Key Infrastructure
-
What is HAVAL?
Variable bit length hashing algorithm
-
How many blocks of data does HAVAL process at a time?
1024-bits
-
What is 3-DES effective key length?
112 or 168 (64 * 3 = 192 - 24 = 168 )(8 bits of parity per key)
-
What 2 modes in DES emulate a stream cipher
CFB and OFB
-
How is CBC accomplished?
By XOR'ing the previous ciphertext with the next block
-
How many blocks of data does MD4 and MD5 process at a time?
512-bit blocks
-
What is the weakest form of DES encryption
ECB - Will always generate the same ciphertext for a given plaintext.
-
What is the effective key length of DES
56-bit (8 bits are used for parity)
-
How many modes can DES operate in?
4: ECB, OFB, CBC, CFB
-
Formula for calculating the amount of keys needed in a symmetric encryption scenario
N(N-1)/2
-
Encryption that only provides confidentiality
Symmetric
-
Class C Fire
Electronics - CO2 or Halon
-
What are pressure sensitive IDSs sensitive to?
Weight change
-
What replaced Halon?
- FM-200
- CEA-410
- NAF-S-III
- FE-13
- Argon
- Argonite
-
What is MTBF?
Mean time between failure - vendor's estimated time before a device needs to be replaced
-
Kind of fuel standby generators can use?
-
What are 2 categories of UPSs and define them:
- Online - Batteries charge while connected to power; switches to battery power when needed; good for short outages
- Standby - Require backup power such as generators; good for longer outages
-
How many rounds of transposition and substitution for DES?
16 rounds
-
Difference between Halon 1211 and 1301? Where are they found?
- 1211 can be found in portable fire extinguishers; stored as a liquid
- 1301 can be found in fire systems; stored as a gas
-
Water sprinkler system types
- Wet pipe : always water; can freeze during winter
- Dry pipe: water is not in pipe until needed
- Preaction: combination of wet and dry pipe. Water is not in pipe until needed, but then another action, like temperature melting fuse, needs to be done before the water is released
- Deluge: Dry pipe, but when activated, a large volume of water is released
-
Class K fire
Kitchen fires - needs saponification agents (saponification are agents that turn into soap)
-
Algorithm that functions by fixed weights
Merkle-Hellman Knapsack
-
Algorithm that functions by using large prime numbers
RSA
-
What does a certificate include?
serial number, username, validation from/to dates, issued date, organization, signature of issuing authority
-
How many bits is DES?
64-bit (56-bit for key, 8-bit for parity)
-
Class B fire
Gas/Oil - CO2, soda acid, Halon or alternative
-
How does CBC work with XOR functions?
Previous ciphertext is XOR'd with next block
-
Number generated as randomly as possible
Nonce
-
Why use CTR mode?
Speed; other end can use immediately because there's no chaining involved and they don't have to wait for the whole message.
-
What is MAC?
Hashing algorithm; Message Authentication Code
-
What does HMAC require the sender and receiver to have?
The same symmetric key
-
What is work factor?
The time it takes for an attacker to break encryption
-
When is an IV used in CBC?
The first block of the message uses a 64-bit IV
-
A set of rules to encrypt and decrypt data
Algorithm
-
This encompasses a combination of threats, security objectives, assurances, functional requirements, development assurance requirements, and rationales that describes the real-world problem to be solved.
Protection profile
-
Difference between MD2, 4, or 5, and SHA
MDx is 128-bit, and SHA is 160-bit
-
How many rounds does 3DES use?
48 rounds
-
What is a collision in cryptography?
Two different plaintext create the same hash
-
Initial surge of power at startup
Inrush current
-
What causes electronics to corrode?
Humidity
-
What causes electronics to create static electricity?
Dry air
-
What is El Gamal?
A public key algorithm. Can be used for signatures, encryption, and key exchange
-
What is positive pressurization and where is it used?
It's used in HVAC units and prevents airflow from coming back into the building
-
What is the ideal temp and humidity for a data center?
- Temp: around 70%
- Humidity: around 35% - 45%
-
How often should fire drills be practiced?
Periodically and random
-
Where is ECC used?
Wireless and handheld devices
-
How many bits does the first part of CFB use for its first IV?
8-bits
-
What does RC5-32/12/16 mean?
RC5-32(word size)/12 (rounds)/16-bytes (8*16 = 128-bit key)
-
What is:
DES-EEE3
DES-EDE3
DES-EEE2
DES-EDE2
- DES-EEE3 - encrypt * 3, 3 keys
- DES-EDE3 - encrypt, decrypt, encrypt, 3 keys
- DES-EEE2 - encrypt * 2, 2 keys
- DES-EDE2 - encrypt, decrypt, encrypt, 2 keys
-
What is multiparty control for emergency key recovery?
At least 2 people need to supply their private key for key recovery
-
What layer does link-to-link encryption use?
Layer 1
-
What can be used to defeat an inference attack?
Traffic padding
-
What's responsible for negotiations during the client/server handshake?
ISAKMP
-
Open Message Format
Encrypted with sender's private key; no confidentiality
-
RSA, ECC, Diffie-Hellman, El Gamal, DSA, Knapsack are examples of what?
Asymmetric Algorithms
-
How many protocols does IKE have?
2: ISAKMP and Oakley
-
What's responsible for creating the SA in an IPSEC connection?
IKE
-
What layer does IPSEC live at in the TCPIP Model?
Internet layer
-
What is the gap in wap?
The point at which a cell tower needs to decrypt a WTLS packet and reencrypt with TLS
-
Type of memory used for cache
SRAM
-
What type of memory prevents other programs or processes from gaining access or modifying the contents of the address space that has been assigned to another active program?
Protected memory
-
What is the only device that can access memory directly?
CPU
-
This interrupt method uses a special class of instruction that can read and write a single byte to an IO device
Port Mapped IO
-
What interrupt method requires the CPU to reserve space for IO functions and make use of address for both memory and IO devices?
Memory mapped IO
-
What interrupt method is used to transfer data between CPU and peripheral device
Programmed IO
-
What interrupt method can bypass the processor and write information directly to memory?
IO using DMA
-
What does a device use to get the attention of a CPU?
Interrupts
-
How are programs tracked by the CPU?
Process ID (PID)
-
What processor mode can set the priority so one application can have priority and gain control over one of the processors?
Asymmetric mode
-
What processor mode shares resources equally among programs
Symmetric mode
-
Supports one or more CPUs
Multiprocessor
-
Can interleave two or more programs at the same time
Multiprogramming
-
What is a dual-use key?
Symmetric key
-
What is a digital watermark
A digital fingerprint using steganography that can prove ownership to a file
-
Cryptography that encrypts by hiding information in another message
Steganography
-
What is used when a user's message is signed with their private key?
Digital signature
-
What is required to participate in a PKI?
Digital certificate
-
What is the difference between RC4, 5, and 6?
- RC4 - Stream cipher
- RC5 - Block cipher
- RC6 - Block cipher submitted as AES candidate
-
Where is RC4 used?
WEP and SSL
-
What is Blowfish?
Block cipher; using 64-bit blocks and up to a 448-bit key; goes through 16 rounds
-
Cryptography based on light
Quantum cryptography
-
Name the two layers for TLS
- TLS Record Protocol
- TLS Handshake Protocol
-
What does end-to-end encryption encrypt?
The data only; headers and ip are unencrypted
-
What layer does SSL, TLS, and WTLS work at in the TCPIP model?
Host-to-Host
-
What is SKIP?
Simple Key-management internet protocol. Replaced by IPSec
-
What is an HMAC used for in integrity verification
integrity, data origin authentication
-
Which version of SSL provides for mutual authentication and compression?
Version 3
-
How many blocks of ciphertext come out with DES
64-bit blocks
-
Class D fire
Combustible metals; suppress with dry powders, special techniques
-
Attacker intercepts cryptographic keys and reuses them to get access to messages they shouldn't have.
Replay attack
-
What are checksums used for in integrity verification?
redundancy check, weak integrity
-
What are digital signatures used for in integrity verification?
Integrity verification, data origin authentication, non-repudiation
-
What is hashing used for in integrity verification?
Integrity
-
What is parity used for in integrity verification?
simple error checking
-
What are IPSec, PGP, SSL, SSH, SET, WPA2-Enterprise , and TLS examples of?
Hybrid cryptosystems
-
Algorithm that functions by elliptical curve
ECC
-
What is a CBC-MAC used for in integrity verification
integrity, data origin authentication
-
This cipher is best used for bulk data
symmetric
-
Initialization Vectors are...
Random values added to algorithms to ensure patterns aren't created during encryption
-
Keystream generators are used with this cipher
Stream
-
Cipher that uses stream of bits and then performs mathematical functions on each bit
Stream
-
Ciphers that use diffusion and confusion in their methods
block
-
What is the difference between superscalar and scalar processor?
Superscalar can execute multiple instructions at the same time whereas scalar can only execute a single instruction at a time
-
What is passed to the CPU for manipulation?
Data
-
What two things are required for a CPU
Instructions and data
-
What is RISC in CPU?
Reduced Instruction Set Computing :: Simple instructions that require a reduced number of clock cycles
-
What is CISC in CPUs?
Complex Instruction Set Computing :: Performs multiple operations for a single instruction
-
Attacker can encrypt plain messages and watch the ciphertext output
Chosen plaintext attack
-
Attacker can decrypt portions of a message and the the decrypted portion can be used to discover the key
Chosen ciphertext
-
Requires attacker to have several encrypted messages using the same algorithm. Looks for patterns using statistical analysis.
Cipher-text only attack
-
Requires the attacker to have plaintext and ciphertext of one or more messages
Known plaintext attack
-
Who stated "a cryptographic system should not require secrecy....Everything should be public except the key."
Kerckhoff's principle
-
This type cipher is divided into blocks of bits
Block cipher
-
What maintains the CRL?
The CA
|
|