CISSP - Review Items.txt

  1. Statement that outlines how entities acess each other, what they can carry out, what level of protection is required, and what actions should be taken if those requiremetns aren't met.
    Security Policy
  2. I/O Procedures
    When the CPU sends data to a resource and polls for acceptance of more data is called ___________.
    Programmable I/O
  3. I/O Procedures
    When the CPU sends data to an I/O device and the device returns an ackowledgement it is complete is called ___________.
    Interrupt-Driven I/O
  4. I/O Procedures
    When a controller is used to send memory maping data directly to the I/O device for use without CPU consent is called ___________.
    I/O using Direct Memory Access (DMA)
  5. I/O Procedures
    When the CPU trusts the I/O to physically read memory via DMA is called ___________.
    Premapped I/O
  6. I/O Procedures
    When the CPU acts as a broker, sending logical memory addresses to I/O resources is called ___________.
    Fullymapped I/O
  7. Multi-level security policy providing confidentiality only
    1. Simple Security rule
    2. *-property rule
    3. Strong Star Property rule
    Bell-LaPadula Model
  8. Security model addressing integrity only
    Biba Model
  9. Security model based on based on using well formed transactions and separation of duties
    Clark-Wilson Model
  10. Access decisions are made based on an objects Access Control List and subjects capability table
    Access Control Matrix
  11. Model states that commands and activities of one level should not impact or affect subjects or objects at a different level.
    Noninference Model
  12. Model allows for dynamically changing access controls that protect against confilcts of interest. AKA Chinese Wall
    Brewer Nash Model
  13. This model identifies the way subjects and objects should be created and deleted and how to assign specific access rights.
    Graham-Denning Model
  14. A security mode that can handle a single classification and requires all users have a clearance and a formal need to know about ALL data within a system.
    Dedicated Security Mode
  15. This mode requires all data within a system be of a single classification but all users do not have a need to know about all the data within a system.
    System-High Security Mode
  16. This mode requires ALL users to have a clearance level equal to or higher thatn the highest classification of data contained within the system.
    Comparmented Security Mode
  17. This mode permits two or more classification levels of information to be processed at the same time.
    Multi-Level Security Mode
  18. Orange Book Level providing discretionary access control only
  19. Orange Book Level providing auditing and a higher level of access control procedures (commercial applications)
  20. Orange Book Level based on Bella-LaPadula enforced through the use of labels
  21. Orange Book Level requiring each object must contain a classification label, each subject must possess a clearance label
  22. Orange Book Level requiring no covert channels, trusted path during log on and authenticaiton
  23. Orange Book Level requiring system protection from startup to intiation through secure states
  24. Orange Book Level requiring formal methods used for design
  25. Common Criteria
    7 Evaluation Assurance Levels
    • 1. Functionaly Tested
    • 2. Structurally Tested
    • 3. Methodically Tested and checked
    • 4. Methodically Designed, tested and reviewed
    • 5. Semi-formally design and tested
    • 6. Semi-formally verified design and tested
    • 7. Formally verified design and tested
  26. Security model addressing all three integrity goals
  27. Used to restrict access to one network from another
  28. What generation is a Packet Filtering firewall
    First generation
  29. What generation is a Proxy Level Firewall
    Second generation
  30. Proxy Firewall required for every service
    Application Level

    • Proxy firewall that creates a circuit between application and clients
    • Circuit Level
  31. What generation is a Stateful Firewall
    Third generation
  32. What generation is a Dymnamic Port Filtering
    Fourth generation
  33. What generation is a Kernel Proxy
    A fifth generation
  34. A type of routing that discovers routes and builds routing tables
    Dynamic Routing
  35. A type of routing that requires an administrator to manually configure the route statements
    Static Routing
  36. A type of routing that makes decision on routes based on distance and direction
    Distance Vector Routing
  37. A type of routing that builds topology of networks to factor routes
  38. A type of routing protocol that is based on distance vector that calculates the shortest distance between two points
    Routing Information Protocol (RIP)
  39. A type of routing protocol that is based on Link-State allows hierachial routing
    Open Shortest Path First (OSPF)
  40. A type of Distance Vectoring routing protocol that is based on RIP on steroids and created by CISCO
    Interior Gateway routing protocol (IGRP)
  41. A combination of Distance Vectoring and Link State types of routing protocol
    Border Gateway Protocol (BGP)
  42. Wireless LAN authentication that requires you proves you know the the key
    Open System Authentication (OSA)
  43. Wireless LAN authenticaiton that uses a challenge response mechanism to prove you know the key
    Shared Key Authentication (SKA)
  44. Wireless authentication provides a way to prove to the AP the key is known and provides encryption too
    Wired Equivalency Privacy (WEP)
  45. A quality of service level offering no guarantee on throughput, delay or delivery (internet)
    Best Effort
  46. A quality of service level offering more bandwidth, shorter delays and fewer dropped frames
    Differentiated Service
  47. A quality of service level offering a specific throughput at a certain speed (voice)
    Guaranteed Service
  48. Capacity that allows a protocol to distinguish between classes of messages and establish priority
    Quality of Service (QoS)
  49. Type of Proxy firewall that has provides more intricate control but requires more processing per packet and is slower
    Application Level Proxy
  50. A type of proxy firewall that provides security for a wider range of protocols but not detailed access control
    Cicuit Level Proxy
  51. Firewall that maintains a high degree of security without the performance hit and is scalable and transparent to users by storing and updating the state and context of data within the packets.
    Stateful Inspection firewalls
  52. Term used to describe a momentary loss of power
  53. Term used to describe a momentary drop in voltage
  54. A term used to describe a prolonged drop in voltage
  55. A term used to describe a momentary rush of power
  56. A term used to describe a prolonged rush of power
  57. Transponder
    A type of smart card that transmits an interrogating signal causing the card to transmit an access code
  58. Passive Card
    A type of card that contains no battery but uses electromagnetic fields transmitted by the reader to transmit access information.
  59. Field-Powered
    A device that contain active electronics, an RF transmitter and apower supply
  60. A type of alarm that is sounded on the local premises only
    Local System
  61. A type of alarm that is monitored and operated by a commercial entity connected to the protected site directly
    Central Station System
  62. A type of alarm that is monitored and operated on the local premises only
    Proprietary Systems
  63. A type of alarm that is sounded on the local premises and require a dedciated cicuit to transmit an alarm to the appropriate agency
    Auxillary Station Systems
  64. A type of alarm that makes a call to the local agency switchbox replaying a certain recording for a certain event
    Remote Station Systems
  65. Ping of Death
    Oversized ICMP packets
    Malformed packets that can't be re-assembled
    Provider charges without consent
    Billed for services not requested
  69. LOKI Attack
    Writing data inside the ICMP packet
  70. Post Office Protocol (POP)
    Internet mail server protocol where all mail is sent at check in then deleted.
  71. Term used to describe an action used to protect a symol, name, color or image used to identify a company from its competitors
    Trade Mark
  72. Term used to protect the expression of ideas instead of the ideas themselves
  73. Term used to grant ownership to a company or individual that enables the owner to exclude others from use
  74. A type of law that covers standards of perfromance for companies, industries and officials
    Administrative or Regulatory Law
  75. Type of law that protects an individual or company. Breaking this type of law results in injuries or damages which result in financial restitution for punishment.
    Civil Law
  76. A type of law deals with an individual's conduct made to protect the public
    Criminal law
  77. Type of law derived from religious beliefs addressing an individuals religious responsibilities.
    Religious Law
  78. A legal system where two or more law systems are used
    Mixed Law System
  79. Type of law system that addresses personal conduct and uses religious traditions and customs as the foundation of laws. Customary Law System
  80. Law system developed in England made of criminal, civil and adminstrative laws based on interpretations of laws using a judge, jury and lawyers
    Common Law System
  81. A law system that uses pre-written rules that are not based on precedent, lower courts are not compelled to follow higher decisions. This type is the most comon type in use today.
    Civil Law System
  82. Internet Messaging Access Protocol (IMAP)
    Mail function where the user is able to choose what to read/delete at will
  83. The ISO standard that identifies the security controls of best practices in INFOSEC and provides step by step guidance on how to setup and maintain a security program.
    ISO 27002
  84. The ISO standard for information security management measurements
    ISO 27004
  85. ISO standard that illustrates how to protect personal health information
    ISO 27799
  86. Standards that defines the goals for the controls that should be used to manage IT and ensure it maps to business needs
    Open Standards for Control Objectives for Information and related Technology (COBIT)
  87. The ISO standard that establishes, implements and controls the information security management system
    ISO 27001
  88. Determines liability in court with regards to acting responsibly reducing the potetnial of negligence and reducing risks.
    Due Care
  89. The act of investigating and understanding the risks a company faces.
    Due Diligence
  90. An email security program that provides integrity, encryption, authentication and key management that is compatible with PKCS
    Privacy Enhanced Mail (PEM)
  91. An email standard that indicates how multimedia and email are to be transferred and attachments are to be handled.
    Multipurpose Internet Mail Extension (MIME)
  92. Provides mail encryption through the use of PKI
    Secure MIME (S/MIME)
  93. An encryption that is decrypted at each hop, routing information read, and re-encrypted prior to transfer
    Link Encryption
  94. A type of encrptyion that has the message payload encrypted but not the header information.
    End-to-End Encryption
  95. A function that applies a secret key to a hash routine to prevent tampering
    Message Authentication Code (MAC)
  96. A MAC that has the secret key concatonated to the mesage prior to hashing
    Hash MAC
  97. A type of MAC that provides data origin and integrity by sending the plaintext message in addition to the output of the final block
  98. A MAC which is derived from a variation of the CBC-MAC which is more secure using 3DES and AES
    Cipher-based Message Authentication Code (CMAC)
  99. Block Cipher that contains a parameterized block, key and round size
  100. Stream cipher used in SSL and WEP with a variable key size
  101. Block cipher with a 64 bit block ize, 32-448 bit key length and 16 rounds of computations
  102. Patented block cipher operating on a 64 bit block size that is broken down into 16 smaller blocks with 8 rounds of computation and a 128 bit key
    International Data Encryption Algorithm (IDEA)
  103. A symmetric block cipher using the Rijndael Algorithm with the key and block sizes being the same, however, the rounds increase as key length goes up
    Advanced Encryption Standard (AES)
  104. A symmetric block cipher using a 64 bit block and key with 16 rounds of computation
    Data Encryption Standard (DES)
  105. DES mode that is the fastest and easiest encrypting all blocks with the same key and using only small amounts of data
    Electronic Code Book (ECB)
  106. DES Mode using the output of one block in the next block using an XOR with plaintext of next block prior to encrypting
    Cipher Block Chaining (CBC) Mode
  107. DES Mode using a combination of the block with an Initialization Vector and the key to produce a key stream
    Cipher Feedback Mode (CFB)
  108. Uses 16 bit block and key length but uses 48 rounds of encryption and is a perfromance hog
    Triple DES (3DES)
  109. DES Mode that reduces the errors in CFB
    Output Feedback Mode (OFB)
  110. DES Mode that increments the IV and can encypt blocks of data in parallel
    Counter Mode (CTR)
  111. A hashing algorithm producing a 160 bit message digest used in Digital Signature Architecture (DSA)
    Secure hashing Algorithm (SHA)
  112. Hashing algorithm that produces a variable length message digest based on MD5
  113. Hashing algorithm that produces a 128 bit message digest but very slow
  114. Hashing algorithm that produces a 128 bit message digest used for high speed encryption
  115. Newer version of the MD4 hashing algorithm but is suceptible to B-days attacks
  116. The act of performing a back up of ALL files and setting the Archive Bit to 0
    Full Backup
  117. Backs up changed files since last full backup and does not change the backup bit
    Differential Backup
  118. Backup that sets the archive bit to 0 to back up files that have changed since performing a full backup.
    Incremental Backup
  119. Distance for Alternate Sites
    5, 15 and 50
  120. An attack using User Datagram Protocol (UDP) to spoof user requests
    FRAGGLE Attack
  121. Continuous SYN with spoofed packets
    SYN Flood
  122. An attack that sends packets sithout them having any chance of being re-assembled
    TEARDROP Attack
  123. Type of antivirus protection that is fingerprint based and slow to respond.
    Signature Based
  124. Type of antivirus protection that is proactive through structure, code, data and packet analysis
    Huerstic Detection
  125. Type of antivirus protection that is based on actions and behaviors of known attacks
    Behavior Based Antivirus
  126. Capability Maturity Model Levels
    • 1. Initial - development is adhoc
    • 2. Repeatable - formal managaement, change control and quality assurance
    • 3. Defined - quantitaive process improvement
    • 4. Managed - fromal process to collect data and analyze the results
    • 5. Optimizing - budgeted for continual improvement
  127. Tasks assigned to assure the product meets specifications
  128. Tasks assisgned that ensure the software meets the real world problem
  129. Database ACID Test
    • 1. Atomicity - divides tranasctions into units of work where all commit or none commit
    • 2. Consistency - integrity is followed, data is consistent across databases
    • 3. Isolation - transactions execute in isolation w/out impacting other transactions
    • 4. Durability - once verified as accurate, commit is issued
  130. Listing of the three access control models
    • Discretionary - data owners dictate access
    • Mandatory - uses security labels
    • Non-discretionary - role-based
Card Set
CISSP - Review Items.txt
Cards for extended review