














Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A detailed overview of the osi (open systems interconnection) model, which is an abstract framework for how protocols should function in an ideal world. It covers the seven layers of the osi model, including the physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer. The document also discusses various network protocols and their associated tcp/udp ports, such as telnet, ftp, tftp, smtp, pop3, imap, dhcp, http, ssl, lpd, nfs, snmp, icmp, and igmp. Additionally, it covers concepts related to network security, including firewalls, endpoint security, and network devices like brouters and gateways. The document also touches on wireless communication technologies like frequency hopping spread spectrum (fhss), direct sequence spread spectrum (dsss), and orthogonal frequency division multiplexing (ofdm).
Typology: Exams
1 / 22
This page cannot be seen from the preview
Don't miss anything!















CIA Triangle Answer- Cornerstone of infosec. Confidentiality, Integrity, Availability Confidentiality (CIA Triangle) Answer- prevention of unauthorized disclosure of information; prevention of unauthorized read access to data Integrity (CIA Triangle) Answer- prevention of unauthorized modification of data; prevention of unauthorized write access to data Availability (CIA Triangle) Answer- ensures data is available when needed to authorized users Opposing forces to CIA Answer- DAD: disclosure, alteration, destruction identification Answer- the process by which a subject professes an identity and accountability is initiated; ex: typing a username, swiping a smart card, waving a proximity device (badging in), speaking a phrase, etc - always a two step process with authenticating authentication Answer- verification that a person is who they say they are; ex: entering a password or PIN, biometrics, etc - always a two step process with identifying authorization Answer- verification of a person's access or privileges to applicable data auditing (monitoring) Answer- recording a log of the events and activities related to the system and subjects accounting (accountability) Answer- reviewing log files to check for compliance and violations in order to hold subjects accountable for their actions non-repudiation Answer- a user cannot deny having performed a specific action subject Answer- an entity that performs active functions to a system; usually a person, but can also be script or program designed to perform actions on data object Answer- any passive data within the system ISC2 Code of Ethics Canons (4) Answer- 1. protect society, commonwealth, infrastructure
strictly applied in order; exam questions in which multiple canons could be the answer, choose the highest priority per this order policy Answer- mandatory high level management directives; components of policy
change management Answer- ensure that any change does not lead to reduced or compromised security; also responsible for roll backs; make all changes subject to detailed documentation and auditing data classification Answer- process of organizing items, objects, subjects, into groups, categories, or collections with similarities; formalize and stratify the process of securing data based on assigned labels of importance and sensitivity government/military classification Answer- TS > Sec > Confidential > sensitive > unclassified commercial/private section classifications Answer- confidential/private > sensitive > public senior manager role Answer- person who is ultimately responsible for the security and protection of an orgs assets; signs off on all activities and policy; overall success and failure rests on this role data owner Answer- responsible for classifying information for placement and protection within policy/solutions; often delegates actual management of the data to a custodian data custodian Answer- responsible for implementing the prescribed protection defined by the security policy and senior management; responsible for the day to day tasks of maintaining the data/system COBIT 5 (control framwork) Control Objectives for Information and Related Technology Answer- principles for governance and management of enterprise IT
spoofing Answer- goal of gaining access to a target system through the use of a falsified identity; can be used against IP addresses, MAC address, user names, system names, SSIDs, email addresses, etc tampering Answer- any action resulting in the unauthorized changes or manipulation of data repudiation Answer- the ability of a user or attacker to deny having performed a specific action or activity (plausible deniability) information disclosure Answer- distribution of private, confidential, or controlled information to external or unauthorized entities denial of service (DoS) Answer- attempts to prevent authorized use of a resource. can be accomplished through flaw exploitation, connection overloading, or traffic flooding elevation of privilege Answer- a limited user account is transformed into an account with greater privileges and access DREAD threat rating system Answer- damage potential, reproducibility, exploitability, affected users, discoverability security governance Answer- collection of practices related to supporting, defining, and directing the security efforts of an organization third party governance Answer- system of oversight that may be mandated by law, regulation, industry standards, contractual obligation, or licensing agreements compliance Answer- the act of conforming to or adhering to rules, policies, regulations, standards, or requirements documentation review Answer- the process of reading the exchanged materials and verifying them against standards and expectations business continuity planning (BCP) Answer- assessing the risks to organizational processes and crafting policies, plans, and procedures to minimize the impact of those risks quantitative decision making Answer- involves the use of numbers and formulas to reach a decision; often expressed in terms of dollar value qualitative decision making Answer- non numerical factors such as emotion, investor/customer confidence, workforce stability, etc into account; often results in categories of prioritization (high medium low) Computer Fraud and Abuse Act (1986) Answer- changed the scope of the CCCA to include all "federal interest" computers; all government and financial systems
top secret Answer- applied to information, the unauthorized disclosure of which reasonable could be expected to cause exceptionally grave damage to national security secret Answer- applied to information, the unauthorized disclosure of which reasonable could be expected to cause serious damage to national security confidential Answer- applied to information, the unauthorized disclosure of which reasonable could be expected to cause damage to national security unclassified Answer- refers to any data that doesn't meet one of the descriptions for an escalated classification government/military data classifications Answer- top secret, secret, confidential, unclassified civilian data classifications Answer- confidential/proprietary, private, sensitive, public marking sensitive data Answer- when users know the value of the data, they are more likely to take care of it
destruction (of data) Answer- final stage in the life cycle of media and the most secure method of sanitizing media; incineration, crushing, shredding, disintegration, dissolving using caustic/acidic chemicals record retention Answer- involves retaining and maintaining important information as long as it's needed and destroying it when it is no longer needed system owner Answer- person who owns the system that processes sensitive data; develops the system security plan, maintains the plan, ensures proper security training, updates documentation as needed; typically the same person as the data owner, but not always data processors Answer- any system used to process data; EU Data Protection Law defines as a natural or legal person which processes personal data solely on behalf of the data controller Safe Harbor Program Answer- regulatory program that includes a set of overarcing principles; notice, choice, onward transfer, security, data integrity, access, enforcement administrators Answer- responsible for granting appropriate access to personnel, assigning permissions is the key function; typically use a role based control model security baselines Answer- provide a starting point and ensure a minimum security standard; often a standardized control framework scoping Answer- refers to reviewing baseline security controls and selecting only those that are applicable to the system you are trying to protect tailoring Answer- refers to modifying the list of security controls within a baseline so that they align with the mission of the organization data at rest Answer- stored data, resides in a permanent location awaiting access data in motion Answer- "on the wire", data being transmitted across a network between two systems cryptographic key Answer- the object in which crypto algorithms rely on to maintain their security; usually a large number (often binary), key space is the range of numbers the binary can represent defined by its bit size AND operation Answer- AND requires both inputs to be true, represented with the ^ symbol OR operation Answer- OR requires one or both inputs to be true, represented with the v symbol XOR operation Answer- XOR requires only one or the other input to be true, but cannot be both; represented with the plus sign enclosed in a circle
digital signature standard Answer- various specifications for a digital signature infrastructure as directed by NIST; SHA-2 for hashing - DSA, RSA, Elliptic Curve DSA for encryption digital certificates Answer- provide assurance that the people they are communicating with are who they claim to be, endorsed copies of an individual's public key (verified by a certificate authority), governed by the international standard X. digital certificate standard X.509 Answer- certificates contain the following:
Pretty Good Privacy Answer- secure email system created by Phil Zimmerman in 1991; centered around the 'web of trust' concept Secure Multipurpose Internet Mail Extensions (SMIME) Answer- protocol that uses RSA encryption and relies on X.509 certificates; already integrated into Outlook and Outlook Web Access, Mozilla Thunderbird, and Mac OSX Mail secure sockets layer (SSL) Answer- developed by Netscape; used in conjunction with HTTP over port 443 to negotiate encrypted communications between servers/clients; hybrid of asymmetric and symmetric transport layer security (TLS) Answer- proposed replacement for SSL (1999); uses TCP over port 443; based on SSL but with enhancements link encryption Answer- protects an entire comm circuit; creates a secure tunnel between two points using either a hardware or software solution that encrypts all traffic before routing and decrypts traffic as it arrives; all data encrypted (header, trailer, address, routing data); usually used in lower OSI layers end to end encryption Answer- only protects comm between two parties; performed independently of link encryption; does not encrypt header, trailer, routing info so it is faster but more susceptible to attacks; usually implemented at the higher OSI layers IP Sec Answer- architecture that supports secure communications set forth by the Internet Engineering Task Force between two entities; generally to connect 2 networks; modular framework, primary use is for VPNs; commonly paired with Layer 2 Tunneling Protocol (L2TP); two main components - authentication header (AH), encapsulating security payload (ESP) IP Sec transport mode Answer- only the packet payload is encrypted; designed for peer to peer communciation IP Sec tunnel mode Answer- the entire packet, including header, is encrypted; designed for gateway to gateway communication wired equivalent privacy (WEP) Answer- provides 64 and 128 bit encryption over a wireless LAN; part of the IEEE 802.11 standard; this algorithm is no secure, however wifi protected access (WPA) Answer- improves on WEP by adding the Temporal Key Integrity Protocol (TKIP); further improvement in WPA2 which adds AES cryptography analytic attack Answer- algebraic manipulation that attempts to reduce the complexity of the algorithm; focus on the logic of the algorithm itself implementation attack Answer- exploits weaknesses in the implementation of the cryptography system; focuses on exploiting the software code statistical attack Answer- exploits statistical weakness such as floating point errors and inability to produce truly random numbers; vulnerability in hardware
rule based access control Answer- predefined rules state which subjects can access which objects discretionary access controls Answer- the subject has some ability to define the objects to access; within limits, the subject is allowed to define a list of objects to access as needed; more dynamic security token Answer- separate object that is associated with a resource and describes its security attributes capabilities list Answer- maintains a row of security attributes for each controlled object; not as flexible as a token, but provide for quicker lookups when a request is made security label Answer- permanent part of the object to which it's attached; once it's set, it cannot be altered trusted computing base (TCB) Answer- combination of hardware, software, an controls that work together to form a trusted base to enforce security policy reference monitor Answer- the part of the TCB that validates access to every resource prior to granting access requests security kernel Answer- the collection of components in the TCB that work together to implement reference monitor functions state machine model Answer- describes a system that is always secure no matter what state it is in; boots into a secure state, maintains a secure state through all transitions, and allows subjects to access resources only in a secure manner information flow model Answer- focuses on the flow of information based on a state machine model; ex: Bell-LaPadula and Biba models; designed to prevent unauthorized, insecure, or restricted information flow often between different levels of security noninterference model Answer- loosely based on the information flow model but instead is concerned how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level composition theories Answer- build on the notion of how inputs and outputs between multiple systems relate to one another cascading (composition theory) Answer- input for one system comes from the output of another system feedback (composition theory) Answer- one system provides input to another system, which reciprocates by reversing those roles (system A provides input for B and then B provides for A)
hookup (composition theory) Answer- one system send input to another system but also send input to external entities Take-Grant model Answer- employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object; a subject with the grant right can grant another subject or object any other right they possess access control matrix Answer- table of subjects and objects that indicates the actions or functions that each subject can perform on each object; each column is an access control list and each row is a capabilities list Bell-LaPadula Model Answer- developed in the 1970s; focused primarily on confidentiality; 3 principles
Red Book (Rainbow Series) Answer- applies to network based systems and context Green Book (Rainbow Series) Answer- password management and creation guidelines protection ring Answer- organize code and components in an OS into concentric rings; the deeper inside the circle, the higher the privilege level; innermost ring (level
inference Answer- using several pieces of nonsensitive information to gain access to information that should be classified at a higher level defense in depth Answer- security strategy used to provide a protective multilayer barrier against various forms of attack platform as a service (PaaS) Answer- concept of providing a computing platform and software solution stack as a virtual or cloud based service; provides all the aspects of a platform and offers avoidance of having to purchase and maintain high en hardware and software locally software as a service (SaaS) Answer- derivative of PaaS; provides on demand online access to specific software applications or suites without the need for local installation infrastructure as a service (IaaS) Answer- provides not just on demand operating solutions but complete outsourcing options grid computing Answer- form of parallel distributed processing that loosely groups a significant number of processing nodes to work toward a specific processing goal layering mechanism Answer- implemented structure similar to the ring model used for operating modes and is applied to each operating system process abstraction mechanism Answer- "block box" doctrine that says users of an object don't necessarily need to know the details of how the object works data hiding mechanism Answer- ensures the data existing at one level of security is not visible to processes running at different security levels process isolation mechanism Answer- requires that the operating system provide separate memory spaces for each process's instructions and data; OS enforces boundaries hardware segmentation Answer- prevents the access of information that belongs to a different process/security level; enforces these requirements through the use of hardware controls instead of the OS covert channel Answer- used to pass information over a path that is not normally used for communication; it may not be protected by the system's normal security controls data diddling Answer- known as an incremental attack; occurs when an attacker gains access to a system an makes small, random, or incremental changes to data technology convergence Answer- the tendency for various technologies to evolve and merge over time time of check (TOC) / time of use (TOU) Answer- TOC - subject checks on the status of a needed object
application layer (layer 7) Answer- interfaces user applications, network services, or OS with the protocol stack; TCP port 23 Answer- telnet - terminal emulation network application that supports remote connectivity for executing commands and running applications; does not support transfer of files TCP ports 20/21 Answer- file transfer protocol (FTP) - network application that supports the exchange of files that requires anonymous or specific authentication UDP port 69 Answer- trivial file transfer protocol (TFTP) - supports an exchange of files that does not require authentication TCP port 25 Answer- simple mail transfer protocol (SMTP) - used to transmit email from client to server TCP port 110 Answer- post office protocol (POP3) - pull email messages from an inbox on an email server to an email client TCP port 143 Answer- internet message access protocol (IMAP) - pull email messages from an inbox on an email server to an email client; more secure than POP UDP ports 67/68 Answer- dynamic host configuration protocol (DHCP) - uses port 67 for server point to point response and port 68 for client request broadcasts - used to assign TCP/IP settings to systems on bootup TCP port 80 Answer- hypertext transport protocol (HTTP) - used to transmit web page elements from a web server to web browser TCP port 443 Answer- secure sockets layer (SSL) - VPN like security protocol that operates at the transport layer; designed to support HTTPS but is capable fo securing any application layer protocol TCP port 515 Answer- line print daemon (LPD) - used to spool print jobs and send print jobs TCP ports 6000-6063 Answer- X Window - gui api for command line operating systems TCP port 2049 Answer- network file system (NFS) - used to support file sharing between dissimilar systems UDP port 161 Answer- simple network management protocol (SNMP) - used to collect network health and status information by polling monitoring devices from a central monitoring station Internet Control Message Protocol (ICMP) Answer- determines the health of a network or a specific link; utilized by ping, traceroute, pathping, and other network
management tools; IP header protocol field value is 1 (0x01); susceptible to ping DoS and floods resulting in limited use on networks Internet Group Management Protocol (IGMP) Answer- allows systems to support multicasting - the transition of data to multiple specific recipients; used by IP hosts to register their dynamic multicast group membership; via IGMP a server can transmit data for an entire group rather than a separate signal for each recipient; IP protocol field value is 2 (0x02) Address Resolution Protocol (ARP) / Reverse ARP Answer- ARP is used to resolve IP addresses into MAC addresses (while RARP is used to resolve MAC addresses into IP addresses); both function using caching and broadcasting; sometimes exploited using ARP cache poisoning - bogus info is inserted into the ARP cache to trigger default gateway transmission Wired Equivalent Privacy (WEP) Answer- designed to provide the same level of security and encryption on wireless networks as is found on wired networks; provides protection from packet sniffing and eavesdropping; uses a static shared key for encryption and a hash value is used to verify received packets weren't modified; cracked almost as soon as it was released Wi-Fi Protected Access (WPA) Answer- designed as a temporary replacement for WEP; the amendment to replace WEP took years, so WPA established itself in the marketplace and is still used today; based on the LEAP and TKIP cryptosystems and a secret static passphrase; 1 passphrase can be brute-forced and LEAP/TKIP can now both be cracked WPA2 Answer- unrelated to WPA (separate technologies) but was intended to be the original replacement for WEP, WPA2 was used instead; official amendment known as 802.11i; uses Counter Mode Cipher Block Chaining Message Authentication Code Protocol (based on AES encryption) Protected Extensible Authentication Protocol (PEAP) Answer- encapsulates EAP methods within a TLS tunnel that provides authentication and encryption; EAP is usually not encrypted, so this provides for that Lightweight Extensible Authentication Protocol (LEAP) Answer- Cisco alternative to TKIP for WPA; known exploit exists and should be avoided if possible; use EAP-TLS in lieu of Network Access Control (NAC) Answer- concept of controlling access to an environment through strict adherence to and implementation of security policy; reduce zero-day attacks, enforce policy, use identities to perform access control firewall Answer- essential for managing and controlling network traffic; block or filter traffic; unable to block viruses or malicious code static packet filtering firewall Answer- filters traffic by examining data from the packet header; unable to provide user authentication or tell where a packet originated from; known as first generation firewalls; easy to spoof