Shared Flashcard Set

Details

CISSP: Security Architecture and Design
CISSP
151
Computer Science
Professional
09/09/2012

Additional Computer Science Flashcards

 


 

Cards

Term
What does the acronym DSL stand for as it relates to security design?
Definition
Defense in depth, Reducing single points of failure, reducing weakest links
Term
________ sets a standard for addressing security throughout the development, deployment, and implementation schedule.
Definition
ISMS
Term
What does ESA stand for?
Definition
Enterprise Security Architecture
Term
What does ISA stand for?
Definition
Information Security Architecture
Term
What is a best practice?
Definition
A well-recognized and accepted approach
Term
___________ is a high level perspective of how business requirements are to be structured.
Definition
Architecture
Term
____________ is a defined approach to the process used to achieve the goals of an architecture.
Definition
Framework
Term
____________ refers to the integrated building blocks that support the goals of the architecture.
Definition
Infrastructure
Term
A security ___________ outlines how security is to be implemented within the organization.
Definition
Model
Term
What is the difference between strategic and tactical?
Definition
Strategic is a long-range perspective and tactical is short range
Term
What are the four computer architecture layers?
Definition
Applications, Utilities, Operating Systems, and Hardware
Term
A __________ is a large, fault tolerant, multiuser computer engineered to run without interruption for long periods of time.
Definition
Mainframe
Term
____________ is a smaller system architected into a centralized model.
Definition
Minicomputer
Term
__________ are also kn own a desktops.
Definition
Microcomputers
Term
A __________ is the interface device that enables a computer to communicate over various media.
Definition
NIC
Term
A ____________ connects a wired network to a wireless network.
Definition
Wireless Ethernet Bridge
Term
A ____________ is a bridge that connects to nodes wirelessly.
Definition
Wireless Access Point
Term
A ______________ is a device that integrates a wireless access point with an IP Router and an Ethernet Switch.
Definition
Wireless Router
Term
A _____________ can increase the range of an existing wireless network.
Definition
Wireless Range Extender
Term
_____________ is software that is permanently embedded in hardware and typically provides low-level services and/or control of hardware.
Definition
Firmware
Term
What are the two main components of a CPU?
Definition
Control Unit and Arithmetic Logic Unit.
Term
What does a CPU's control unit do?
Definition
Handles instructions, handles I/O, and handles clock cycles
Term
_____________ refers to the concurrent performance/interleaved execution of two or more tasks.
Definition
Multitasking
Term
___________ refers to the interleaved execution of two or more programs by a processor.
Definition
Multiprogramming
Term
______________ refers to the simultaneous execution of two or more programs by a computer. Generally refers to parallel processing by two or more processors of a multiprocessor.
Definition
Multiprocessing
Term
___________ refers to two or more processors on a single chip.
Definition
Multi Core
Term
______________ allows several processors to share the same resource.
Definition
Multithreading
Term
____________ allows a hardware device to access system memory without having to go through a CPU.
Definition
Direct Memory Access
Term
_______________ are systems that support mission critical services such as flight controls.
Definition
Real Time Systems
Term
What are the two types of Virtual Machine Architecture?
Definition
Hypervisor and Host OS
Term
The ___________ state is used to execute a system's programs. In this state, a program can access the entire system and execute both privileged and non-privileged instructions.
Definition
Supervisor
Term
The __________ state, sometimes called the user state or program state, is intended for programs which execute non-privileged instructions.
Definition
Problem
Term
What state is the CPU in when it is executing instructions?
Definition
Running
Term
What state is the CPU in when it is idle because there is either no input or it is waiting for another process to run?
Definition
Ready
Term
A ______ state is unable to until an external event occurs.
Definition
Blocked
Term
The ___________ is responsible for moving data in and out of memory.
Definition
I/O Controller
Term
The ___________ consists of several components - software, firmware, and hardware, and represents all the security functionality of the OS.
Definition
Security Kernel
Term
_________ are the interface between the equipment and the system or application that is using the equipment.
Definition
System Drivers
Term
_____________ are used for system maintenance and operation.
Definition
System Utilities
Term
Unless a product is explicitly used for security, it will first be devoted to _____________.
Definition
Functionality
Term
What are Open Systems?
Definition
Standards-Based interfaces that support standard protocols
Term
What are closed systems?
Definition
Proprietary Interfaces
Term
__________ systems only allow a single level of processing.
Definition
Dedicated Systems
Term
____________ systems permit users to execute any instruction available.
Definition
Single Level
Term
_____________ systems allow processing at two levels is permitted through some form of user authentication and authorization.
Definition
Multilevel
Term
___________ systems are single purpose computers designed to perform a dedicated function.
Definition
Embedded
Term
A _____________ architecture refers to a system where a central server or group of servers provides service to a user who accesses the server(s) over the network.
Definition
Client/Server
Term
A _____________ architecture refers to an architecture permitting centralized control and enforcement of security policies.
Definition
Centralized
Term
A _____________ architecture refers to an architecture with no centralized command and control.
Definition
Distributed
Term
A _____________ architecture refers to an architecture which removes most client functions from the desktop and moves them to the server.
Definition
Thin Client
Term
__________ are a group of servers working together.
Definition
Clusters
Term
____________ is a software based architecture structure that provides translation or communication services between applications that were never designed to work directly together.
Definition
Middleware
Term
___________ memory addressing refers to a memory location that is independent of the current assignment of data to memory.
Definition
Logical
Term
___________ memory addressing refers to memory addresses expressed as a location relative to a known point.
Definition
Relative
Term
___________ memory addressing refers to memory addresses expressed as an actual value or location.
Definition
Physical
Term
As it relates to memory protection, what is the base value?
Definition
the lower limit of memory addressing that can be used
Term
As it relates to memory protection, what is the limit value?
Definition
the upper limit of memory addressing that can be used
Term
________ are very high speed storage structures built into the CPU chip set.
Definition
Registers
Term
____________ is the memory directly accessible to the CPU and with the highest response speed.
Definition
Primary Storage
Term
____________- is the very fast memory directly on the CPU chip body.
Definition
Cache
Term
___________ is the main memory of the system and is provided through chips inserted into slots on the motherboard.
Definition
RAM
Term
__________ is a simple, cost-effective storage solution that utilizes drives attached to the network.
Definition
NAS
Term
___________ is a complex, expensive solution to offer large capacity storage for servers over high-speed links.
Definition
SAN
Term
______________ isolation is accomplished through time limits.
Definition
Temporal
Term
_____________ isolation refers to separating out sensitive areas from common access.
Definition
Physical
Term
_____________ isolation protects against malicious activity by not permitting a process to execute outside of a strict set of boundaries.
Definition
Virtual
Term
What is layering?
Definition
Requiring processes that occur at different layers to communicate through interfaces
Term
_____________ means if a process does not have an interface with a process at a different layer, it cannot communicate and will, therefore, not have access to data on a different layer.
Definition
Data Hiding
Term
The __________ includes the reference monitor, hardware, software, inter-process communications, and human factors that make up a security solution.
Definition
Trusted Computing Base
Term
The Trusted Computer Base monitors what four functions?
Definition
Process Activation, Execution Domain Switching, Memory Protection, I/O Operations
Term
The _____________- enforces access relationships between all subjects and objects based on privilege and need to know
Definition
Reference Monitor
Term
According to the Abstract Machine concept, what are the three things that a reference monitor must be?
Definition
Tamperproof, Always envoked, and Verifiable
Term
What three things are the security kernel designed to do?
Definition
Check every access, enforce least privilege, Verify acceptable usage
Term
As it relates to a reference monitor, what is a subject?
Definition
Active Entity
Term
As it relates to a reference monitor, what is an object?
Definition
A Passive Entities
Term
The ideal location for security is at the _____________ level.
Definition
Lowest
Term
What does TPM stand for?
Definition
Trusted Protection Module
Term
___________ will ensure that the security of a system cannot be circumvented through just one vulnerability.
Definition
Defense in Depth
Term
Which Fundamental Model is designed to prevent data leakage?
Definition
Information-Flow Model
Term
A ___________ model tracks the movement of information from one object to another so that movement of sensitive data will be identified
Definition
Information-flow model
Term
Which fundamental model is concerned with logical separation and role based access control?
Definition
Non-Interference Model
Term
____________ is an abstract mathematical model where state variables represent the system state.
Definition
State-Machine Model
Term
__________ model is a hierarchical model defining access control privilege levels
Definition
Lattice Based Model
Term
What are fundamental models?
Definition
Building Blocks
Term
What does the Bell LaPadula model address?
Definition
Confidentiality
Term
What type of model is the Bell LaPadula Model?
Definition
State-Machine Model
Term
What are the three fundamental modes of access?
Definition
Read only, write only, or read and write
Term
In the Bell LaPadula model, you may read ______ and write ________.
Definition
Down, Up
Term
What does the Biba model address?
Definition
External Integrity
Term
What fundamental model is the Biba model based on?
Definition
Lattice Based Model
Term
With the Biba model, you may read ______ and write ________
Definition
Up, Down
Term
What does the Clark-Wilson Model Address?
Definition
All three integrity goals
Term
What are the three integrity goals addressed by the Clark-Wilson model?
Definition
Preventing unauthorized users from making changes, Preventing authorized users from making improper changes, and maintaining internal and external consistency
Term
What does internal consistency mean?
Definition
Transactions must fit internal rules of systems
Term
What does external consistency mean?
Definition
Transactions must fit reality
Term
What are the three components of the Clark-Wilson Model?
Definition
All three integrity goals, Defines Well Formed transactions, and Separation of Duties
Term
Which model uses the Chinese Wall security Policy?
Definition
Brewer and Nash Model
Term
What does the Brewer and Nash model allow?
Definition
Separation of competitors' data within the same integrated database
Term
What is the Brewer and Nash model designed to prevent?
Definition
Conflicts of Interest
Term
What mediates access from subjects to objects?
Definition
Monitors
Term
Who coined the term monitor?
Definition
Graham-Dening
Term
Who coined the term reference model?
Definition
James Anderson
Term
Who formalized Access control Methods?
Definition
Harrison-Ruzzo-Ullman(HRU) Result
Term
What does TCSec (Orange Book) test for?
Definition
Confidentiality
Term
What is the International Equivalent of of TCSec?
Definition
ITSec
Term
What does ISO 15408 refer to?
Definition
Common Criteria
Term
What does ISO 27001 refer to?
Definition
Compliance
Term
What does ISO 27002 refer to?
Definition
Best Practices
Term
A ____________ is a general set of security requirements and objectives for a category of products in Common Criteria.
Definition
Protection Profile
Term
____________ is a set of software, firmware, and/or hardware to be evaluated in Common Criteria
Definition
Target of Evaluation
Term
__________ contains the IT security objectives for a specific TOE in Common Criteria
Definition
Security Target
Term
What level of ITSec introduces discretionary access control and Identification/Authentication?
Definition
C1
Term
What level of ITSec introduces object reuse protection and Protected Audit trails?
Definition
C2
Term
What level of ITSec introduces mandatory access control and Labeled Protection?
Definition
B1
Term
What level of ITSec introduces Trusted Path and Covert Storage Channel Analysis?
Definition
B2
Term
What level of ITSec introduces Trusted Recovery and Covert Timing Channel Analysis?
Definition
B3
Term
What level of ITSec introduces formal design verification?
Definition
A1
Term
What did ISO 7498-2 define?
Definition
Secure Communications
Term
The ___________ framework is the de facto world standard for expressing the basic elements of an enterprise architecture.
Definition
Zachmann
Term
What is the Zachman framework used for?
Definition
To gather input for design requirements
Term
What framework was the follow on the Zachman framework which had an operational security focus?
Definition
SABSA
Term
The ___________ framework is a framework to provide a comprehensive approach to design, planning, implementation, and governance of an enterprise information architecture
Definition
The Open Group Architecture Framework (TOGAF)
Term
_____________ describes a unified approach for evaluation of internal control systems
Definition
Committee of Sponsoring Organizations (COSO)
Term
What does ISO 27001 cover?
Definition
Information Security Management Systems
Term
What is the CMM based on?
Definition
Total Quality Management concepts
Term
What does the CMM provide a framework for?
Definition
Improving processes
Term
_____________ sets the standard for the handling of credit card information.
Definition
PCI-DSS
Term
What are the following frameworks designed to help an organization do: Zachman, SASBA, TOGAF
Definition
Build Things
Term
What are the following frameworks designed to help an organization do: CMMI ITIL Six Sigma
Definition
Quality Controls
Term
What are the following frameworks designed to help an organization do: ISO 27001, ISO 27002, SASBA, ITIL, PCI-DSS
Definition
Security
Term
What are the following frameworks designed to help an organization do: COSO, ISO 27001, CoBIT
Definition
Internal Controls
Term
What type of CPU functionality allows simultaneous execution of two or more programs by one or more processors?
Definition
Multithreading
Term
What computer component organizes memory, logging, and error detection?
Definition
CPU
Term
What CPU operational mode processes data for an application and allows less access to some resources?
Definition
Problem State
Term
What type of system architecture supports standardized interfaces and protocols, rather than proprietary and customized applications?
Definition
Open
Term
What network architectural structure is more secure, removes client functions, and primarily supports processing and storage at a centralized location?
Definition
Thin client
Term
What type of software is best described as being distributed, providing translation or communications, and expanding applications and services?
Definition
Middleware
Term
The ___________ is the combination of all hardware, software, and firmware responsible for enforcing the security policy and serves as a protection mechanism within a computer system.
Definition
Trusted Computer Base
Term
Which security model addresses preventing unauthorized users from making modifications, preventing authorized users from making improper modifications, and maintaining internal and external consistency?
Definition
Clark-Wilson
Term
What Lattice Model is characterized by read down and no write down?
Definition
Bell LaPadula
Term
Which security model primarily protects confidentiality?
Definition
Brewer and Nash
Term
What fundamental security model is based on rules to prevent subjects that are operating in different domains from affecting each other?
Definition
Non-Interference
Term
What type of memory storage is the fastest, highest cost and lowest capacity?
Definition
CPU Registers
Term
What cloud computing service offers support to business operations without the organization building their own servers and networks?
Definition
Infrastructure as a Service
Term
A framework that provides a comprehensive approach to the design, planning, implementation, and governance of an enterprise and typically modeled at four levels - business, application, data, and technology
Definition
TOGAF
Term
An international information security standard and framework that addresses security throughout all phases is called what?
Definition
Information Security Management System
Term
Which of the Common Criteria components outlines a general and industry set of security requirements for a category of products?
Definition
Protection Profile
Term
What Ring provides access to the system components and contains utilities and file system drivers?
Definition
Ring 2
Term
To create a virtual memory on a computer, two different types of memory must be combined. What are they?
Definition
RAM and secondary storage
Term
What type of memory addressing uses absolute addresses?
Definition
Physical
Term
What are the four Reference Monitor Design Rules?
Definition
Mediate all access, tampering protection, verifiable, always on
Supporting users have an ad free experience!