What is the name of the concept that DOD uses in net defense?
defense in depth
What are some examples of computer security incedents?
comprimise of integrity, DOS, misuse, damage, intrusions, alterations
Where would a network monitoring device such as an ASIM be placed in relation to the network?
outside the boundary protection mechanism to monitor all attempted attacks
encapsulating a message inside a second message that will pass through the firewall
What kind of servers would typically be found in a DMZ?
web servers, smtp, dns, proxy, web mail, dial up
What is the simplest and least expensive type of firewall, and what is its purpose?
Packet filtering, accept/reject messages based on info in the messages header,source addy, destination addy, and the port
What type of firewall is used to separate secure sites, networks, or network segments from less secure areas?
Describe the two categories that security related access controls fall into
Technical controls-passwords/encryption. Admin controls-segregation of duties/screening of users
Regardless of the source of the threat, what is it usually targeting?
a vulnerability or weakness in the network
How does a virus activate?
when the infected program executes
a group of computers that have been infected by bots under the control of a person or group
How is a trojan different from a regular virus?
it acts as a cover or disguise for something else, it does not replicate itself
What step is taken before an IS is connected to the AFGIG?
a baseline configuration is applied to them
What does the PKI enable users of basically unsecured public networks to do?
to securely and privately exchange data through the use of public and private cryptographic key pairs obtained and shared through a TA
What are the components that compose a PKI?
A certificate policy mgmt system, registration authority verifies user requests for digital certs and tells the cert authority to issue them, a CA that is responsible for managing certs, one or more directories or repositories are created where the certs are held
Describe a symmetric central server architecture
each entity in the community shares a secret key with the central server
Why are PKI keys said to be asymmetric?
The keys for encryption and decryption were related but conspicuously different
How do digital signatures work?
a single entity can sign data but any number of entities can read the signature
What do users use to verify that a particular public key belongs to a particular user?
the pki cert
What is CA responsible for?
establishing, authenticating, maintaining, and revoking certs and hardware
What are the 2 ways that key establishment can occur?
key transfer and key agreement
Describe key transfer
one entiry generates the symmetric key and sends it to the other entity
Describe key agreement
both entities jointly contribute to the generation of the symmetric key
How long should ECDSA and ECDH keys be to provide adequate security for the medium to long term?
What was the fundemental premise in the original formulation of public key cryptography?
two strangers should be able to communicate securely
What does the PKI user population trust CA authorities to do?
to perform the binding of of a public key pair to a given identity
What are the 4 configurations for CA servers?
enterprise root ca, enterprise subordinate ca, stand alone root ca, stand alone subordinate ca
What happens when a certificate on a CRL is used?
it will be rejected
Describe a users key history
a collection of certs and corresponding private keys
What is the dif between a software token and a hardware token?
hardware tokens have built in security, software has no security other than what is provided by the host system
List 3 types of certs and waht they are used for
Identity-signing on to the network or signing a EPR, Email signing-used to sign email, Encryption-used to support data confidentiality
what does the global directory service provide for?
Provides for the ability to search for individuals, access contact infor about them