CISSP Review

  1. What is the problem state for a CPU?
    can only execute non-privileged instructions
  2. What are the 4 states of a CPU?
    • Ready
    • Waiting
    • Problem
    • Supervisor
  3. What algorithm is AES based on and how many bits does it support?
    Rijndael and supports 128, 192, 256
  4. Where is CTR used?
    It's used for IPSec, encrypting ATM cells, and 802.11i.
  5. Performs arithmetic and logical functions
    Arithmetic logic unit (ALU)
  6. Extracts instructions from memory and decodes and executes the instructions
    The control unit
  7. What is the reference monitor's job?
    To validate access between a subject and object
  8. What does the TCB monitor?
    Monitors execution domain, process execution, IO operations, and memory protection
  9. What is the sum of all of the protection mechanisms in a computer? Includes HW, SW, controls and processes
    Trusted Computing Base
  10. What is responsible for enforcing the security policy?
  11. Attack that allows the attacker to decrypt ciphertext and encrypt plaintext and compare the results. Doing this at the same time reduces brute force efforts.
    Meet-in-the-middle attack
  12. Attack based on timing, sounds, or electromagnetic leaks. Attacker "watches" something.
    Side channel attack
  13. What is CTR?
    Counter mode. Uses an IV counter for each plaintext block that needs to be encrypted. Doesn't chain.
  14. What is OFB?
    Output feedback mode. Encrypts small blocks of plaintext and has less chance of errors.
  15. Where is IDEA used?
    In PGP
  16. What is IDEA?
    64-bit block cipher used by PGP. Divided into 16 smaller blocks that each have 8 rounds of math functions performed on it.
  17. Momentary low voltage
  18. Vernam Cipher
    One-time pad
  19. What type of mode uses the previous block of ciphertext in order to encrypt the next block?
    CBC - Cipher block chaining
  20. What bit is ECB?
  21. What is Electronic Code Book mode best used for?
    Best used to encrypt small bits of data like Pin numbers, CHAP values and encrypting keys
  22. Skipjack block and key size
    64-bit block and 80-bit key
  23. Who needs the symmetric key?
    Both sides need the same key
  24. What's the formula for calculating how many symmetric keys are needed?
  25. Where does the reference monitor operate at?
    The security perimeter
  26. What handles all user/app requests for access to system resources?
    The security kernel
  27. What layer is the least trusted layer in protection rings?
    Layer 3
  28. Asymmetric algorithm provides:
    1. Confidentiality
    2. Integrity - Authentication
    3. Non-Repudiation
    4. All of the above
    4. All of the above
  29. In an asymmetric algorithm, what is used to encrypt the actual message?
    A symmetric key
  30. How many usb devices can be chained together?
  31. How many types of ROM are there?
    4: EProm, EEProm, Programmable Logic Devices (PLD), Flash memory
  32. How many types of DRAM are there?
  33. What type of memory needs to be refreshed often?
  34. Session keys are valid for how long?
    a single session
  35. A symmetric key that is used to encrypt messages between 2 users is also known as a....
    session key
  36. Can perform 2 or more tasks or subtasks at the same time
  37. What is Diffie-Hellman?
    A way to exchange secret keys over a public connection
  38. How do you make sure that the person you send an email to is the only person that can open it?
    Encrypt the message with the user's public key.
  39. DES,3DES,Blowfish,IDEA,RC(4/5/6), AES are examples of ...
    Symmetric algorithms
  40. Symmetric keys provide:
    1. confidentiality
    2. integrity
    3. non-repudiation
    4. all of the above
    1. Confidentiality
  41. Asymmetric keys are composed of what?
    Public and private keys
  42. What does RSA provide?
    • Easy direction: Encryption and digital signature verification
    • Hard direction: Decryption and digital signature generation
  43. What 3 things does a fire need?
    Heat, Fuel, and oxygen
  44. What is MTTR?
    Mean time to repair is the amount of time a vendor states a device could be repaired or replaced.
  45. Noise disturbances for a short duration
  46. Interference on the line
  47. RSA One way function:

    Easy Direction =
    Hard Direction =
    • Easy: Encryption & signature verification
    • Hard: Decryption & signature generation
  48. What keeps cryptographic session and secret keys in Kerberos?
    The KDC
  49. CAST Block Size
    128 or 256-Bit
  50. SAFER block and key size
    64-bit block and 128-bit key
  51. RC5 block and key size
    • Block: 32, 64, and 128-bit
    • Key: up to 2040 Bits
    • Rounds: up to 255
  52. RC4: Stream or Block
  53. Rijndael Block and Key size
    • Block: Multiple but fixed at 128 for AES
    • Key: 128, 192, or 256 bit
  54. IDEA Block and key size
    • Block: 64-bit
    • Key: 128 bit
  55. Twofish block and key size
    • Block: 128 bit
    • Key: up to 256
  56. Blowfish block and key size
    • Block: Variable
    • Key: Up to 448
  57. Momentary loss of power
  58. How many rounds does AES or Rijndael use?
    • 10 rounds for 128 bit
    • 12 rounds for 192 bit
    • 14 rounds for 256 bit
  59. This can use Tokens, capability list, security labels
    Reference monitor
  60. This:
    Cannot be bypassed and controls all access
    Cannot be altered and is protected from change
    Can be verified and tested
    Reference monitor
  61. Prolonged High Voltage
  62. What is passive infrared IDS sensitive to?
    Heat change
  63. What is the WAIT state for a CPU?
    It's waiting for a task to finish executing
  64. In common criteria, what document is used as the basis for testing?
    Security target and it's provided by the developer of the product
  65. What is EAL 0?
    Inadequate assurance
  66. What is a system known as that's being evaluated for an EAL certification?
    Target of Evaluation (TOE)
  67. What utility does the FBI have that is allowed to pass through an antivirus and act as a keylogger to get passwords and such to allow the FBI to decrypt any encryption that may be on the computer?
    Magic Lantern
  68. What encrypts all data from a specific communication device to another communications device?
    Link encryption
  69. Where is a Key backup and recovery used?
    In a PKI environment
  70. Where is a CRL used?
    In a PKI environment
  71. What is Diffie Hellman algorithm vulnerable to?
    Man in the middle attack because the initial key exchange has no authentication
  72. Name the 4 types of MACs
    • unconditionally secured
    • Hash function based
    • stream cipher-based
    • block cipher-based
  73. What is Haval-3-128 and Haval-4-256?
    • Haval-3 makes 3 passes and produces 128-bit hash
    • Haval-4 makes 4 passes and produces 256-bit hash
  74. What does SHA2 include?
    SHA-224, 256, 386, 512
  75. What is the effective bits in SHA-1
    111 bits are effective with a 160-bit hash
  76. Algorithms that function in a discrete logarithm in a finite field
    • Diffie Hellman
    • El Gamal
  77. What is an extension of Diffie Hellman?
    El Gamal
  78. What is CFB?
    Counter Feedback Mode - a block cipher that emulates a stream cipher
  79. Define "one way function"
    A mathematical calculation that easy done in one direction but hard in the opposite direction
  80. Power degradation that is low and less than normal
  81. Prolonged loss of power
  82. Types of fire detectors
    • Heat - works by rate of rise temps
    • Smoke - works by photoelectronics
    • Flame - most expensive. works from infrared
  83. Class A fire
    Paper/wood products : use soda acid or water to put out
  84. What is the key size for RSA
    Up to 2048 bits
  85. What other name is TCSEC known by?
    The orange book
  86. What are the two security requirements for the common criteria?
    Functionality and assurance
  87. What is a protection profile?
    Protection profiles describe the functionality and assurance that a system provides
  88. What is EAL?
    Evaluation Assurance Level
  89. What is EAL1?
    Functionally tested
  90. What is EAL2?
    Structurally tested
  91. What is EAL3?
    Methodically tested and checked
  92. What is EAL4?
    Methodically designed, tested, and reviewed
  93. What is EAL5?
    Semiformally designed and tested
  94. What is EAL6?
    Semiformally verified design and tested
  95. What is EAL7?
    Formally verified design and tested
  96. What's used in the trap door's inverse/reverse direction?
    Someone using the private key function decryption, generation of signatures and transmission of symmetric keys
  97. What is used in the trap doors forward direction?
    Someone using the public key function verification of signatures and receipt of symmetric keys
  98. Another name for a one way function?
  99. What is one of the largest barriers in symmetric encryption?
    Key distribution
  100. How large is the IV in:

    64-Bit WEP
    128-Bit WEP
    • 24 bits in 40-bit wep giving 64-Bit WEP
    • 24 bits in 104 bit giving 128-Bit WEP
  101. What are the 3 layers of transformation that Rijndael performs?
    • Linear transform
    • Non-Linear transform
    • Key addition transform
  102. What is the standard that a CA uses when creating a certificate?
  103. What is RSA?
    Rivest-Shamir-Aldir - used for digital signatures, key exchange, and encryption
  104. Momentary High Voltage
  105. What is a birthday attack?
    A statistical attack used to create a collision between hashes
  106. What is Tiger?
    Hasing algorithm for use on 64-Bit systems; 192-bit
  107. What is PKI
    Public Key Infrastructure
  108. What is HAVAL?
    Variable bit length hashing algorithm
  109. How many blocks of data does HAVAL process at a time?
  110. What is 3-DES effective key length?
    112 or 168 (64 * 3 = 192 - 24 = 168 )(8 bits of parity per key)
  111. What 2 modes in DES emulate a stream cipher
    CFB and OFB
  112. How is CBC accomplished?
    By XOR'ing the previous ciphertext with the next block
  113. How many blocks of data does MD4 and MD5 process at a time?
    512-bit blocks
  114. What is the weakest form of DES encryption
    ECB - Will always generate the same ciphertext for a given plaintext.
  115. What is the effective key length of DES
    56-bit (8 bits are used for parity)
  116. How many modes can DES operate in?
    4: ECB, OFB, CBC, CFB
  117. Formula for calculating the amount of keys needed in a symmetric encryption scenario
  118. Encryption that only provides confidentiality
  119. Class C Fire
    Electronics - CO2 or Halon
  120. What are pressure sensitive IDSs sensitive to?
    Weight change
  121. What replaced Halon?
    • FM-200
    • CEA-410
    • NAF-S-III
    • FE-13
    • Argon
    • Argonite
  122. What is MTBF?
    Mean time between failure - vendor's estimated time before a device needs to be replaced
  123. Kind of fuel standby generators can use?
    • Diesel fuel
    • Natural gas
  124. What are 2 categories of UPSs and define them:
    • Online - Batteries charge while connected to power; switches to battery power when needed; good for short outages
    • Standby - Require backup power such as generators; good for longer outages
  125. How many rounds of transposition and substitution for DES?
    16 rounds
  126. Difference between Halon 1211 and 1301? Where are they found?
    • 1211 can be found in portable fire extinguishers; stored as a liquid
    • 1301 can be found in fire systems; stored as a gas
  127. Water sprinkler system types
    • Wet pipe : always water; can freeze during winter
    • Dry pipe: water is not in pipe until needed
    • Preaction: combination of wet and dry pipe. Water is not in pipe until needed, but then another action, like temperature melting fuse, needs to be done before the water is released
    • Deluge: Dry pipe, but when activated, a large volume of water is released
  128. Class K fire
    Kitchen fires - needs saponification agents (saponification are agents that turn into soap)
  129. Algorithm that functions by fixed weights
    Merkle-Hellman Knapsack
  130. Algorithm that functions by using large prime numbers
  131. What does a certificate include?
    serial number, username, validation from/to dates, issued date, organization, signature of issuing authority
  132. How many bits is DES?
    64-bit (56-bit for key, 8-bit for parity)
  133. Class B fire
    Gas/Oil - CO2, soda acid, Halon or alternative
  134. How does CBC work with XOR functions?
    Previous ciphertext is XOR'd with next block
  135. Number generated as randomly as possible
  136. Why use CTR mode?
    Speed; other end can use immediately because there's no chaining involved and they don't have to wait for the whole message.
  137. What is MAC?
    Hashing algorithm; Message Authentication Code
  138. What does HMAC require the sender and receiver to have?
    The same symmetric key
  139. What is work factor?
    The time it takes for an attacker to break encryption
  140. When is an IV used in CBC?
    The first block of the message uses a 64-bit IV
  141. A set of rules to encrypt and decrypt data
  142. This encompasses a combination of threats, security objectives, assurances, functional requirements, development assurance requirements, and rationales that describes the real-world problem to be solved.
    Protection profile
  143. Difference between MD2, 4, or 5, and SHA
    MDx is 128-bit, and SHA is 160-bit
  144. How many rounds does 3DES use?
    48 rounds
  145. What is a collision in cryptography?
    Two different plaintext create the same hash
  146. Initial surge of power at startup
    Inrush current
  147. What causes electronics to corrode?
  148. What causes electronics to create static electricity?
    Dry air
  149. What is El Gamal?
    A public key algorithm. Can be used for signatures, encryption, and key exchange
  150. What is positive pressurization and where is it used?
    It's used in HVAC units and prevents airflow from coming back into the building
  151. What is the ideal temp and humidity for a data center?
    • Temp: around 70%
    • Humidity: around 35% - 45%
  152. How often should fire drills be practiced?
    Periodically and random
  153. Where is ECC used?
    Wireless and handheld devices
  154. How many bits does the first part of CFB use for its first IV?
  155. What does RC5-32/12/16 mean?
    RC5-32(word size)/12 (rounds)/16-bytes (8*16 = 128-bit key)
  156. What is:
    • DES-EEE3 - encrypt * 3, 3 keys
    • DES-EDE3 - encrypt, decrypt, encrypt, 3 keys
    • DES-EEE2 - encrypt * 2, 2 keys
    • DES-EDE2 - encrypt, decrypt, encrypt, 2 keys
  157. What is multiparty control for emergency key recovery?
    At least 2 people need to supply their private key for key recovery
  158. What layer does link-to-link encryption use?
    Layer 1
  159. What can be used to defeat an inference attack?
    Traffic padding
  160. What's responsible for negotiations during the client/server handshake?
  161. Open Message Format
    Encrypted with sender's private key; no confidentiality
  162. RSA, ECC, Diffie-Hellman, El Gamal, DSA, Knapsack are examples of what?
    Asymmetric Algorithms
  163. How many protocols does IKE have?
    2: ISAKMP and Oakley
  164. What's responsible for creating the SA in an IPSEC connection?
  165. What layer does IPSEC live at in the TCPIP Model?
    Internet layer
  166. What is the gap in wap?
    The point at which a cell tower needs to decrypt a WTLS packet and reencrypt with TLS
  167. Type of memory used for cache
  168. What type of memory prevents other programs or processes from gaining access or modifying the contents of the address space that has been assigned to another active program?
    Protected memory
  169. What is the only device that can access memory directly?
  170. This interrupt method uses a special class of instruction that can read and write a single byte to an IO device
    Port Mapped IO
  171. What interrupt method requires the CPU to reserve space for IO functions and make use of address for both memory and IO devices?
    Memory mapped IO
  172. What interrupt method is used to transfer data between CPU and peripheral device
    Programmed IO
  173. What interrupt method can bypass the processor and write information directly to memory?
    IO using DMA
  174. What does a device use to get the attention of a CPU?
  175. How are programs tracked by the CPU?
    Process ID (PID)
  176. What processor mode can set the priority so one application can have priority and gain control over one of the processors?
    Asymmetric mode
  177. What processor mode shares resources equally among programs
    Symmetric mode
  178. Supports one or more CPUs
  179. Can interleave two or more programs at the same time
  180. What is a dual-use key?
    Symmetric key
  181. What is a digital watermark
    A digital fingerprint using steganography that can prove ownership to a file
  182. Cryptography that encrypts by hiding information in another message
  183. What is used when a user's message is signed with their private key?
    Digital signature
  184. What is required to participate in a PKI?
    Digital certificate
  185. What is the difference between RC4, 5, and 6?
    • RC4 - Stream cipher
    • RC5 - Block cipher
    • RC6 - Block cipher submitted as AES candidate
  186. Where is RC4 used?
    WEP and SSL
  187. What is Blowfish?
    Block cipher; using 64-bit blocks and up to a 448-bit key; goes through 16 rounds
  188. Cryptography based on light
    Quantum cryptography
  189. Name the two layers for TLS
    • TLS Record Protocol
    • TLS Handshake Protocol
  190. What does end-to-end encryption encrypt?
    The data only; headers and ip are unencrypted
  191. What layer does SSL, TLS, and WTLS work at in the TCPIP model?
  192. What is SKIP?
    Simple Key-management internet protocol. Replaced by IPSec
  193. What is an HMAC used for in integrity verification
    integrity, data origin authentication
  194. Which version of SSL provides for mutual authentication and compression?
    Version 3
  195. How many blocks of ciphertext come out with DES
    64-bit blocks
  196. Class D fire
    Combustible metals; suppress with dry powders, special techniques
  197. Attacker intercepts cryptographic keys and reuses them to get access to messages they shouldn't have.
    Replay attack
  198. What are checksums used for in integrity verification?
    redundancy check, weak integrity
  199. What are digital signatures used for in integrity verification?
    Integrity verification, data origin authentication, non-repudiation
  200. What is hashing used for in integrity verification?
  201. What is parity used for in integrity verification?
    simple error checking
  202. What are IPSec, PGP, SSL, SSH, SET, WPA2-Enterprise , and TLS examples of?
    Hybrid cryptosystems
  203. Algorithm that functions by elliptical curve
  204. What is a CBC-MAC used for in integrity verification
    integrity, data origin authentication
  205. This cipher is best used for bulk data
  206. Initialization Vectors are...
    Random values added to algorithms to ensure patterns aren't created during encryption
  207. Keystream generators are used with this cipher
  208. Cipher that uses stream of bits and then performs mathematical functions on each bit
  209. Ciphers that use diffusion and confusion in their methods
  210. What is the difference between superscalar and scalar processor?
    Superscalar can execute multiple instructions at the same time whereas scalar can only execute a single instruction at a time
  211. What is passed to the CPU for manipulation?
  212. What two things are required for a CPU
    Instructions and data
  213. What is RISC in CPU?
    Reduced Instruction Set Computing :: Simple instructions that require a reduced number of clock cycles
  214. What is CISC in CPUs?
    Complex Instruction Set Computing :: Performs multiple operations for a single instruction
  215. Attacker can encrypt plain messages and watch the ciphertext output
    Chosen plaintext attack
  216. Attacker can decrypt portions of a message and the the decrypted portion can be used to discover the key
    Chosen ciphertext
  217. Requires attacker to have several encrypted messages using the same algorithm. Looks for patterns using statistical analysis.
    Cipher-text only attack
  218. Requires the attacker to have plaintext and ciphertext of one or more messages
    Known plaintext attack
  219. Who stated "a cryptographic system should not require secrecy....Everything should be public except the key."
    Kerckhoff's principle
  220. This type cipher is divided into blocks of bits
    Block cipher
  221. What maintains the CRL?
    The CA
Card Set
CISSP Review
CISSP Review