Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
16 Cards in this Set
- Front
- Back
|
Chapter 3 Security Models and
Architecture Name four methods for isolating CPU processes. C3-1 |
1) Encapsulation of objects
2) Time multiplexing of shared resources 3) Naming distinctions 4) Virtual memory mapping C3-1 |
|
|
What are protection rings and what do they do?
C3-2 |
Protection rings separate processes based on levels of trust. The OS Kernel is the most trusted, followed by the OS, then File System Drivers and OS Utilities, then finally, End-user Application processes.
|
|
|
Define:
Trusted Computing Base (TCB) C3-3 |
The combination of all security mechanisms within a computer:
1) I/O operations 2) Process activation 3) Domain switching 4) Memory protection 5) Hardware management C3-3 |
|
|
Define:
Bell-LaPadula Model C3-4 |
Concerned with protecting confidentiality, not integrity of data. Lattice-based. No read-up or write-down. Used primarily with military-based operating systems.
C3-4 |
|
|
Define:
Biba Model C3-5 |
Model that addresses INTEGRITY of data.
- Integrity Star Property- A subject cannot write up. - Simple Integrity Property- A subject cannot read down. It addresses only the first of the three Integrity goals. C3-5 |
|
|
Define:
Clark-Wilson Model C3-6 |
Another INTEGRITY model, it is latice-based, and dictates that subjects must access data through an APPLICATION, separation of duties must be enforced, and auditing is required. Unlike Biba which addresses only one Integrity Goal, Clark-Wilson addresses all three. Used in commercial industry mainly.
C3-6 |
|
|
Define:
Brewer and Nash Model C3-7 |
Also called the Chinese Wall model, protects against actions that would pose a conflict of interests.
C3-7 |
|
|
Define TCSEC
C3-8 |
TCSEC = Trusted Computer System Evaluation Criteria. It was developed from Bell-LaPadula, so it focuses on confidentiality instead of integrity. Also called the ORANGE BOOK. It has four ratings: A = Verified protection, B = Mandatory protection, C = Discretionary protection, D = Minimal security.
C3-8 |
|
|
Define the Red Book
|
Guidance intended to include networking components, since the Orange Book (TCSEC) was interested in stand-alone systems.
|
|
|
Define ITSEC.
|
Infromation Technology Security Evaluation Criteria is a European standard as opposed to the TCSEC, which was American. TCSEC was very rigid, so the ISO developed ITSEC, which is more flexible. Both are being phased out in favor of the Common Criteria.
|
|
|
How are appliations and IT resources classified in the Common Criteria?
|
The Common Criteria uses 7 EALs or evaluation assurance levels, 1 being lowest, 7 highest. Several criterion went into developing the Common Criteria, including TCSEC, ITSEC, CTCPEC, and the Federal Criteria.
|
|
|
Which of the following best describes the security kernel and reference monitor relationship?
A. The SK holds the access rules, and the RM enforces them. B. The RM holds the access ruels, and the SK enforces them. C. The RM is a core piece of the OS, and the SK is an abstract machine. D. The SK is trusted and within the TCB, and the RM is untrusted. |
B. The RM is an abstract machine that holds the access permissions and ensures that the security policy of that system is supported and enforced. The SK enforces the RM's rules and must be invoked for each access request.
|
|
|
Which of the following is the total combination of protection mechanisms within a computer system?
A. TCB B. Security perimeter C. Security kernel D. Security policy |
A. The trusted computing base (TCB) encompasses every component that enforces the stated security policy, including software, hardware, and firmware.
|
|
|
Which of the following does not describe the Bib Model?
A. Integrity odel that addresses the first goal of integrity. B. Has a "no write up" rule. C. Uses a lattice of integrity levels. D. Has a "no read up" rule. |
D. The Biba model is an integrity model that addresses the first goal of integrity (Do not allow unauthorized users to make modifications). It has a "no write up" rule and a "no read down" rule and makes access decisions based on the integrity levels of the subjects and objects.
|
|
|
Which of the following accurately characterize the Bell-LaPadula model?
A. Uses "no write up" and "no read down" rules B. Uses "no read up" and "no write down" rules C. Integrity model enforcing the separation of duties D. Mathematical theory used to address dynamically changing permissions. |
B. The Bell-LaPadula model deals with confidentiality and dictates the subjects cannot write data down to objects of lower security levels and cannot read data that has a higher classification.
|
|
|
In the Orange Book, which of the following ratings is the first to require security labels?
A. B3 B. B2 C. C2 D. D |
B. In TCSEC ratings, the B classification deals with mandatory access control models, thus requiring security labels.
|
