Card Set Information

2015-08-23 16:08:25

Show Answers:

  1. Fail soft
    • Can either fail safe or fail secure depending on the level of sensitivity of the data and whether people are working in the area
    • Fail safe = safe for people = doors unlocked
    • Fail secure = doors secured = doors locked
  2. Audit and access logs
    Detective control (not preventive)
  3. Glass-clad polycarbonite window
    strongest window available; resistant to fire, chemicals, breakage and other threats
  4. Shallow depth of focus
    • also means depth of field
    • shallow = greater detail closer in
  5. Focal length
    • normal
    • wide angle - short focal length
    • telephoto - long focal length
  6. Best to use for a large area?
    • Wide angle lens (short focal length) and SMALL lens opening to cover a large area
    • Depth of field INCREASES as size of lens opening decreases; subject distance increases; or focal length of the lens changes
  7. Controls (5)
    • Deterrence = fences, warning signs, guards and dogs (warn an attacker)
    • Delaying = locks, access controls, rebar (slow an attacker down)
    • Detection = sensors (external and internal)
    • Assessment = guard
    • Response = response force, emergency response procedures, fire, police
  8. Proximity or capacitance detector
    • Used to protect specific objects such as artwork, cabinets or a safe
    • emits and measures a magnetic field
  9. CPTED (3)
  10. Crime Prevention thru Environmental Design:
    • Natural access control = entering and leaving; guided by doors, fences, lighting, landscaping, bollards
    • Natural surveillance = organized means plus lines of sight, landscaping, raised entrances, stairwell etc.
    • Territorial reinforcement = create a sense of community and ownership
  11. Types of fires (5)
    • A = common combustibles (paper)
    • B = liquid (gas, oil)
    • C= computer (electrical)
    • D= metals (magnesium)
    • K= kitchen (oil, grease etc.)
  12. Delaying
    • DeLaying = locks
    • vs. Deterrence = fences and signs
  13. Delayed loss
    can be exceptionally damaging as negative effects are felt over a long period of time
  14. L2TP
    • tunneling protocol that can work over many types of protocols such as X25, ATM, and frame relay.
    • L2TP does not provide any encryption and must be used with IPSEC if encryption is required.
    • Combines best of L2F and PPTP.
  15. Privileged mode
    • Also called supervisory mode; used to run high privilege commands such as communicating with hardware
    • compared to user mode
  16. SET
    • secure electronic transactions
    • new standard proposed by credit card companies but because of required overhead, software and infrastructure it has not been fully adopted
  17. Variance detection tool
    focuses on computer and resource usage; looks for trends and variances
  18. Council of Europe Convention on Cybercrime
    • First international treaty seeking to address computer crimes and improve investigative techniques
    • created a framework for extradition
  19. Risk analysis (4)
    • 1. Identify assets and assign values
    • 2. Perform a threat analysis
    • 3. Derive an overall loss potential per threat
    • 4. Develop remedial measures to counteract each threat
  20. Hybrid cryptography
    Uses a SYMMETRIC key to encrypt the message and an asymmetric ALGORITHM to encrypt the symmetric key. I.e. the Symmetric key is encrypted with the PUBLIC key of the recipient
  21. Disk shadowing versus disk mirroring vs. electronic vaulting
    • Disk shadowing = same data is written simultaneously to multiple disks (can be more than two); good for fault tolerance; can boost read performance
    • Disk mirroring = exact copy of a disk (1 to 1)
    • Electronic vaulting = makes copies of files and transmits to a remote site; similar to remote journaling (but this uses transaction logs)
  22. CER, Type 1, Type 2
    • Type I error: biometric system REJECTS an authorized individual (false rejection rate)
    • Type II error: biometric system ACCEPTS an unauthorized individual (false acceptance rate);┬ámost dangerous
    • CER = crossover rate where these 2 errors are equal; want this to be low as possible;
  23. Transport layer
    • Handshake
    • handles error detection, recovery and flow control
    • TCP (connection); UDP (connection-less); SSL (secure socket layer) AND SPX (sequenced packet exchange)
    • NOTE: IPX = IP = Network layer
  24. Data link layer
    • divided into 2 subsets:
    • Logical Link Layer (LLC)
    • Media Access Control (MAC)

    • LLC is defined by IEEE 802.2; communicates in connection or connectionless mode
    • MAC sublayer:
    • - Ethernet = 802.3
    • - Token Ring = 802.5
    • - Wireless = 802.11
    • - 802.16

    all of these work at the MAC sublayer of the data link layer
  25. 802.1 (MAC layer of data link layer)
    • 802.1AR unique ID per device
    • 802.1 AE data encryption
    • 802.1 AF key agreement
    • 802.1X EAP-TLS = port authentication
  26. 3 DES Modes
    • DES-EEE3 = 3 keys
    • DES-EDE3 = 3 keys to encrypt, decrypt and encrypt
    • DES-EDE2 = 2 keys but first & third operation uses the same key
    • DES-EEE2 = 2 keys first & third operation uses the same key

    no such thing as DES-EEE1
    Used in a stream cipher to produce a random stream of bits. Bits are XOR'd to the message.
  28. Key life cycle
    Includes key distribtuion, storage, backup and destruction
  29. Virtual firewalls
    Can be bridge mode products which monitor individual traffic links between virtual machines OR integrated with the hypervisor where it can monitor all activities taking place within the HOST
  30. AES (advanced encryption standard)
    • Developed to improve upon DES
    • uses 128 bit, 192 bit and 256 bit keys
    • uses the Rijndael block symmetric cipher
  31. LokI attack
    • ICMP
    • sets up a back door
    • client/server program that sets up a server portion to listen on a port
    • attacker sends commands inside on an ICMP packet
  32. TOGAF (4)
    • architecture framework used to develop:
    • - Business architecture
    • - Data architecture
    • - Applications architecture
    • - Technology architecture
  33. Source routing
    • uses the packet header information to determine destinations
    • can override the routes that routers are configured with so source routing packets should be identified and dropped
  34. Iris scan versus retina scan
    • Iris scan = colors and patterns around a person's eye
    • Retina scan = blood vessel patterns at the back of the eye
  35. Trapdoor function
    • one-way function that applies the concept of factoring prime numbers
    • one-way because it is simple to encrypt but need the private key to know the trapdoor to unencrypt
  36. Transposition cipher versus substitution cipher
    • Transposition cipher rearranges characters
    • Substitution cipher substitutes / replaces characters
  37. ESP (Encapsulating Security Payload)
    protocol within IPSEC that uses cryptography to provide confidentiality, message integrity and system authentication
  38. FDDI-2
    provides for fixed bandwidth on a fiber connection; works more like broadband allowing voice, data and video to travel over the same lines
  39. Change management (proper order)
    • Request
    • Approve
    • Document
    • Test
    • Implement
    • Report
  40. Cognitive passwords
    • questions such as life experience, mother's maiden name etc.
    • user does not have to remember a password; just answer questions
  41. Polymorphic virus
    Will reproduce like all viruses but will modify it's children so signatures will not be the same
  42. Running key cipher
    Uses clues in the outside world
  43. Phishing
    type of social engineering with the goal of obtaining personal information, credentials or financial data
  44. Pharming
    Uses DNS poisoning to redirect a victim to a fake web site
  45. TCP/IP Model (as compared to OSI)
    • Application = Application + Presentation + Session
    • Host to host = Transport
    • Internet = Network (all routing protocols like BGP)
    • Network access = Physical + Data Link
  46. Asymmetric encryption algorithms (6)
    • RSA
    • ECC
    • Diffie-Hellman
    • El Gamal
    • DSA
    • Knapsack
  47. Symmetric algorithms (6)
    • DES
    • 3DES
    • Blowfish
    • IDEA
    • RC4
    • SAFER
  48. Hashing Algorithms (6)
    • MD2, MD4, MD5
    • SHA
    • HAVAL
    • Tiger
  49. Birthday attack
    • Attempt to force a collision by brute force comparing hash values
    • Harder to be successful with longer keys; specific hash would be 2 to the n
  50. Smurf attack
    • attacker sends an ICMP Echo Request with a spoofed SOURCE address to the victim's network broadcast address; basically causes a denial of service
    • requires an attacker, victim and an amplifying network
  51. Fraggle attack
    Similar to a smurf but uses UDP to send the echo request
  52. IPV6 = IPng (3)
    • 128 bit address space
    • integrates IPSEC into the protocol
    • has auto-configuration

    DOES NOT require NAT
  53. IGMP
    protocol used to report MULTICAST groups to routers
  54. Federal Sentencing Guidelines
    • Were extended to hold senior corporate officers personally responsible in computer crimes if they did not comply with the laws
    • addresses white collar crimes
    • maximum fine of $290MM; but fines can be avoided by proving due diligence, due-care and company-wide security policies
  55. SLE
    • Asset value x exposure factor
    • AV x EF = SLE
  56. Internet Architecture Board (IAB)
    • independent board made up of researchers, engineers, executives etc.
    • not government affiliated
  57. Noninterference model
    no action or state in higher levels can impact or be visible in lower levels
  58. FDDI
    • Fiber Distributed Data Interface which uses a high-speed token-passing technology with speeds up to 100MBPS
    • Used as a metropolitan area network technology (MAN)
  59. Lighting - what type of control?
  60. ARP (Address Resolution Protocol)
    • helps the data link layer protocols to find the MAC address for the known IP address
    • RARP is the opposite - resolving MAC addresses to IP addresses
  61. El Gamal
    • asymmetric algorithm
    • also called public key
    • can be used for digital signatures, encryption and key exchange
    • NOT based on factoring large numbers but IS BASED on calculating discrete logarithms in a finite field
  62. 3DES compared to DES
    • 2 to the 56th power stronger than DES
    • uses three rounds of encryption
    • highly resistant to attacks, but has significantly more overhead

    NOTE: DES and 2DES use a 112 bit key so require the same work factor