Card Set Information

2015-08-23 15:22:37

smaller set
Show Answers:

  1. RISC
    • Reduced Instruction set
    • simpler instructions using fewer cycles
  2. CPU Terms
    • Scalar processor - one instruction at a time (older)
    • Superscaler processor - concurrent execution of multiple instructions (adds additional ALUs)
    • Pipelining - combines different instructions and sequencing; much faster
    • Multitasking - multiple tasks (Heavyweight process) (1 CPU)
    • Multithreading - multiple threads (Lightweight process)
    • Multiprocessing - multiple programs at the same time on multiple CPUs
    • - Windows NT/2000/XP are symmetrical multiprocessing (more than one cpu equally shared) (SMP)
    • - Asymmetrical Multiprocessing Systems (AMP) have multiple CPUs running different functions
    • multiprogramming
    • - similar to multiprocessing
    • - when an operating system and CPU can execute more than one program at a time
    • - different from multiprocessing as the OS has less control in releasing resources than in multiprocessing environments
  3. Memory Protection
    • Process Isolation
    • Address Space Layout Randomization (randomizes addresses)
    • Non executable stack (marks areas non-executable)
  4. Memory addressing
    • Direct addressing
    • Register direct addressing
    • Register indirect addressing (uses register to get main memory address)
    • Indirect addressing (uses memory to get address)
    • Indexed addressing (uses index register)
  5. OS Protection mechanisms (4)
    • Layering - organization of functions into separate components
    • Abstraction - looks for common functions to simplify
    • Process isolation
    • Hardware segmentation
  6. Ring Layer protection
    • Ring 3: Applications and programs
    • Ring 2: I/O drivers and utilities
    • Ring 1: Operating system (but not the kernel)
    • Ring 0: Operating system kernel
  7. Trusted Platform Module
    • hardware chip that stores encryption keys, passwords and certificates
    • ensures authentication and attestation
  8. Virtualization
    • invented by IBM in the 60's
    • hypervisor controls access to shared resources
    • protect the hypervisor
    • protect host to VM and VM to VM communications
    • hypervisor is not a firwewall

    VMEscape is a successful attack from VM to host or VM to VM; harden the host; segregate workloads with different security requirements
  9. Data definition language (DDL)
    defines the database schema
  10. Data manipulation language (DML)
    examines and manipulates contents of the database
  11. Database CIA
    • DBMS guards against concurrency with locking; enforces semantic integrity; enforces referential integrity
    • Referential integrity includes primary and foreign keys; commits; rollbacks; checkpoints
  12. Data models (4)
    • Hierarchical
    • Mesh
    • Object oriented
    • Relational
  13. Database vulnerabilities
    • Aggregation - putting information together
    • Inference - deducing information
    • - Inference controls
  14. Applets
    • small application programs in Java
    • provided by web pages to the user
  15. Database fault tolerance
    • Shadow database - 2ndcopy
    • Fail-over: second server; like load-sharing; clustering
  16. Java
    uses a sandbox and Java Virtual Machine but has not been able to ensure code stays in the sandbox

    untrusted Java applets are loaded from the web/Internet
  17. ActiveX
    • object oriented programming
    • downloads direct to hardrive, not a sandbox
    • uses certificates for security
  18. OWASP
    • Open Web Application Security Project
    • OWASP top 10 (10 most critical web app security risks)
  19. Click-jacking
    • UI redressing
    • hides a malicious window under a real window
  20. Cookies
    • holds session ID
    • 2 types:
    • - in memory
    • - persistent

    • may be intercepted and stolen
    • should be transmitted via SSL/TLS ONLY
  21. XSS Cross site scripting
    • Reflects a script via a trusted website; uses Javascript
    • attempts to bypass browser "same origin policy" and steal cookies

    same origin policy requires that protocol, host and port must match
  22. Input Validation
    • whitelisting is superior to blackilisting
    • whitelisting allows specific characters (accept known good); blacklisting blocks (reject known bad)
  23. SQL Injection
    • can occur when there is poor input validation
    • can delete tables and cause an availability attack
  24. Thin client risk
    • patches for OSs can't be applied as they are custom for thin clients; may take weeks or months to get a patch
    • embedded Linux; embedded MS XP for example
  25. NAC
    • attempts to improve laptop security by checking for patch and definition levels
    • possibly looks for other indicators
  26. Internet of things
    • default credentials are common
    • enterprise mgmt tools lacking
    • patching is difficult
  27. SCADA
    Supervisory Control and Data Acquisition

    • Remote Terminal Unit: converts analog to digital and connects device to the network
    • HMI - Human Machine interface: presents data to the operator

    SCADA systems are often older, use legacy communications (Modbus) with no security
  28. Distributed
    remote offices maintain / access data locally, via other offices or centrally

    Decentralized - both local and centralized data
  29. Distributed environment
    • Allows sharing of information thru the network
    • uses agents (process or program)
    • needs strong integrity controls

    an agent is not the same as a proxy: a proxy will perform a task on behalf of a subject, but it hides the identity of the subject
  30. Distributed data processing (DDP)
    • synchronizes data across multiple sites
    • provides alternate processing sites if one site is down

    • can increase security challenges by increasing attack surface
    • may have less competent people at smaller sites
  31. Cryptology
    Includes the study of cryptography (using codes to hide data) AND cryptanalysis (breaking codes)

    Block cipher - segregates blocks of plaintext and applies an encryption algorithm to each block
  32. Crypto terms
    • Cipher - a cryptographic transformation that operates on characters or bits
    • Ciphertext - an unintelligible message
    • Clustering - uses different keys but produces the same ciphertext
    • Plaintext - a message in readable form
    • Cryptosystem - a set of transformations E(m,k) = c
    • Entropy - the amount of disorder (randomness) per bit - goal is to maximize entropy
  33. Basic encryption techniques
    • XOR : yields output=0 if inputs are the same; output=1 if inputs are different
    • Substitution
    • - Arbitrary
    • - Rotation
    • Permutation
    • Hybrid
  34. Symmetric
    single key
  35. Asymmetric
    2 keys - public and private
  36. Confusion vs Diffusion
    • Confusion - destroys patterns that associate the keys to the plaintext
    • Diffusion - destroys patterns connecting the plaintext to the ciphertext
  37. Rotation
    • ROT 3 - Caesar cipher A-->D
    • ROT 13 - usenet; A-->N (shifts by 13; shifts by 13 again and alphabet is normal (decodes)
  38. Polyalphabetic
    • Uses substitution but with multiple languages
    • was used in the German Enigma machine!
  39. Permutation
    • provides diffusion
    • dissipates the contents by rearranging the order (permuting)
    • RAIL Cipher

    modern ciphers use both substitution and permutation
  40. Cryptography lifecycle
    • Cryptography limitations
    • Algorithm slection
    • Protocol governance
    • Key Management
  41. 2 ways to encrypt
    Break data into blocks and encrypt each block (block cipher)

    Encrypt the entire stream bit by bit(stream cipher)
  42. Cryptography Goals (4)
    • CAIN
    • Confidentiality
    • Data Integrity
    • Authentication
    • Non-repudiation (proves authentication and integrity) Alice sent the message and the message was altered

    Digital signatures are a form of non-repudiation
  43. Types of crypto systems (3)
    • Symmetric
    • - secret key
    • - 1 key

    • Asymmetric
    • - public key
    • - private key

    • Hash
    • - one way transformation
    • - no key encryption
  44. Symmetric key examples
    • fast
    • single key to encrypt and decrypt
    • needs secure key exchange
    • DES
    • Triple DES
    • IDEA
    • AES
    • RC4
    • RC6
  45. Asymmetric key
    • slow
    • need private and public key pair
    • provides non-repudiation thru digital signatures
    • RSA
    • El Gamal
    • ECC
    • Merkle Hellman Knapsack
  46. Trapdoor function
    mathematical functions that are easy to calculate; where the inverse is difficult to calculate
  47. Hash functions
    • called message digests or one-way encryption
    • no key
    • used for message integrity (digital fingerprint)
    • can't determine the contents or length of plaintext from the hash
    • MD4; MD5
    • HMAC - hashed message authentication code
    • SHA1; SHA2 (Secure Hash algorithm)
  48. DES (Data Encryption Standard)
    • symmetric
    • released in 1975
    • defacto standard for commercial and non-classified
    • fast
    • 64 block cipher with 56 bit key
    • not secure today
  49. DES multiple modes (5)
    • ECB (electronic code book) - allows identical ciphertext
    • CBC (cipher block chaining) - uses initialization vector with first block; inputs the previous block to the current block to reduce patterns; default for DES
    • CFB (cipher feedback) - stream; will propagate errors; ciphertext has same number of bits as plaintext
    • OFB (output feedback) - stream; uses IV
    • CTR (counter mode) - used by ATM and IPSec; different counter for each block
  50. DES Weakness
    • crackable in short period of time
    • double DES can be broken with meet in the middle; key length of 57 bits
    • brute force attacks on short keys are effective

    DES is not a group; therefore multiple encryptions are stronger
  51. Triple DES
    • encrypt with Key 1; decrypt with Key 2; encrypt again with Key 1
    • well known and widely implemented
    • built in to IE, Netscape, SSLV3
    • (do not use SSLV2)
  52. AES
    • Advanced Encryption Standard
    • 1997; NIST approved in Dec 2001
    • block cipher that has replaced DES
    • developed from Rijndael block cipher
    • key lengths of 128, 192 or 256