Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
31 Cards in this Set
- Front
- Back
|
Name 6 Memory Addressing Methods
|
1. Absolute Addressing - primary memory
2. Direct Addressing - uses actual data location as part of address 3. Implied Addressing - only for internal processing 4. Indexed Addressing - capable of accessing a range of memory addresses. 5. Indirect Addressing - uses a program address scheme. 6. Register Addressing - assigns to the registers with the cpu |
|
|
Bell-LaPadula Model (BLP)
|
users can't access data above their classification level.
users can't alter data in lower classification levels. Users can have read/write access to only user's classification level |
|
|
Take-Grant Model
|
Allows users to grant permissions to others.
|
|
|
Biba Integrity Model
|
read data at their integrity level and higher.
write data at their integrity level and lower |
|
|
Clark-Wilson Integrity Model
|
can only perform authorized functions through apps, transactions, etc. Ensures both integrity and proper transaction performance.
|
|
|
Chinese Wall
|
For working with consultants. A/K/A Brewer Nash Model
|
|
|
Lattice Model
|
Higher security requiring more controls and lower security requiring less controls. Uses Bell-LaPadula structure of access.
|
|
|
Non-interference
|
Data manipulated at one classification level cannot affect the data at any other level.
|
|
|
Trusted Computer Base
|
Any hardware, software, or process that enforces the computer system security policy. Uses and maintains a separate domain.
|
|
|
Reference Monitor
|
A policy that monitors all access in the computer system. Must be unchangeable, verified, and always running.
|
|
|
Security Perimeter
|
The security kernal plus any other TCB security measures isolating it from the rest of the system. Anything outside is not withing the TCB.
|
|
|
Layering
|
Separates data into functional areas. They communicate with each other.
|
|
|
Data hiding
|
Data layers that are separated and told not to communicate with each other.
|
|
|
Covert Channel TCB Vulnerability
|
Unauthorized access through a shared communication, often access through storage areas.
|
|
|
Maintenance Hook TCB Vulnerability
|
A trap door allowing unauthorized access.
|
|
|
Parameter Checking TCB Vulnerability
|
Fooling the buffer overflow to allow unauthorized access.
|
|
|
Time of Check to Time of Use (TOC/TOU)
|
Takes advantage of when the security controls are implemented
|
|
|
Name 5 Data Recovery Levels
|
1. Cold start - The TCB or media fails and is unable to restart within a secure state.
2. Fail soft or resistant - Computer continues to run when noncritical computer processes fail. 3. Fail over - Computer activates an alternate process when one fails. 4. Fail safe - Computer processes stop and system reamins protected. 5. Fault Tolerant - Computer fails but still runs. |
|
|
Compartmented Security Mode
|
Allows multiple layers of classification. Handles only users w/ same clearance but requiring access to only segments of data
|
|
|
Dedicated Security Mode
|
Allows single layer classification. Handles only users w/ same clearance and ability to perform the same processes. Military
|
|
|
Multi-Level Security Mode
|
Allows multiple layer classification. Multiple level clearance, and multiple access and functionality requirements.
|
|
|
System High Security Mode
|
Allows single layer classification at the highest level. Handles only the highest level clearance, but requiring access to only segments of data.
|
|
|
What 3 items are used to define the security mode?
|
1. Sensitivity of data
2. Clearance level of data 3. Functions users perform on the data. |
|
|
Trusted Computer System Evaluation Criteria (TCSEC)
|
Part of rainbow series(orange book). It does not handle system integrity.
|
|
|
Name the TCSEC Security Layers
|
D - Minimal protection, C1 - access is determined by each user, C2 - Security controlled via logon authentication(COTS), B1 - Requires policy for labeling & access control, B2 - Strict authentication and covert channel security, B3 - Resistant to intrusion and capable of trusted recovery., A1 - verified protection
|
|
|
Trusted Network Interpretation(TNI)
|
U.S. Dept. of Defense's implementation of TCSEC. Red book. Biba model recommended.
|
|
|
IT Security Evaluation Criteria (ITSEC)
|
European Counterpart to TCSEC. Requirements for integrity and Availability.
|
|
|
Common Criteria
|
Combination of TCSEC, ITSEC, and CTCPEC. Uses EALs.
|
|
|
Defense IT Security Certification & Accreditation Process (DITSCAP)
|
U.S. Government standard. Certified and Accredited.
|
|
|
National Information Assurance Certification & Accreditation Process (NIACAP)
|
U.S. government standard. Certified and Accredited. Must meet requirements throughout its entire lifecycle.
|
|
|
Evaluation Assurance Level (EAL)
|
7 levels of assurance w/in the Common Criteria. EAL1(Functionally tested)to EAL7(Formally verified design and tested)
|
