Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/89

Click to flip

89 Cards in this Set

  • Front
  • Back
Organization of the fundamental elements comprising the computer
Main components
CPU – Central Processing Unit
Memory
Input / Output devices
Computer Architecture
is a framework for enterprise architecture, which provides a formal and highly structured way of viewing and defining an enterprise
Zachman Framework
is a framework and methodology for Enterprise Security Architecture and Service Management. It was developed independently from the Zachman Framework, but has a similar structure
SABSA (Sherwood Applied Business Security Architecture)
OSI second part, about secure communications, not an implementation
ISO 7498-2:1989
systems and software engineering; practice for architectural description of sotware intensice systems
ISO/IEC 42010:2007
is a reference model to organize the enterprise architecture (EA) and systems architecture into complementary and consistent views
Department of Defense Architecture Framework (DoDAF)
cpu is either idle because there is no input or its waiting for anothr process to run
ready state
cpu is executing
running
unable to run until an external event occurs, waiting for input
blocked
is a hardware interrupt that may be ignored by setting a bit in an interrupt mask register's (IMR) bit-mask
masked/inerruptable
is a device that modulates an analog carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information
Modem
is a computer hardware component designed to allow computers to communicate over a computer network
network interface controller (NIC)
is a network card which connects to a radio-based computer network
wireless network interface controller (WNIC)
a term sometimes used to denote the fixed, usually rather small, programs that internally control various electronic devices
firmware
permits multiple concurrent tasks to be performed within a single process
Multithreading
the apparent simultaneous performance of two or more tasks by a computer's central processing unit
multitasking
simultaneous execution if two or more programs by a computer; parallel processing by two or more processors of a multiprocessor
multiprocessing
computer with two or more processors having common access to main storage
multiprocessor
two processors on a single chip
multi core
standards-based interfaces
open systems
proprietary interfaces
closed systems
processing at two levels is permitted through some form of user authentication and authorization
multilevel systems
a single purpose computer typically program to perform a dedicated function
embedded systems
a software based architecture that provides translation or communication services for applications
middleware
very high-speed storage structures built into the CPU chip set and often used to stire timing and state information
registers
a very fast memory directory on the CPU chip body; not upgradeable
cache
the programmer does not know where the program will be placed in memory
relocation
processes should not be able to reference memory locations in another process without permission
protection
allows several processes to accesses the same portion of memory
sharing
references to a memory location that is independent on of the current assignment of data to memory
logical memory addressing
address expressed as a location relative to a known point
relative memory addressing
the absolute address or actual location
physical memory addressing
memory reference, different data classes, users can share access, and users cannot generate addresses
memory protection benefits
extends apparent memory; paging includes - splitting physical memory, spillting programs (processes), allocating the required number page files, swapping
virtual memory
mimic the architecture of the actual system system, provided by the operating system
virtual maachines
a simple, cost effective solution to the challenge of having limited hard drive space spread across many devices on the client network
nas
is a complex, expensive solution to offer large capacity storage for servers over high speed (usually fiber links)
san
a server chassis housing multiple thin modular electronic circuit boards
blade server
a global mesh of collaborative services; more flexible architecture, integration of existing applications, improved data intergration - must have high bandwith and availability
SOA Service Oriented Architecture
to much data in preallocated space
buffer overflow
based on the Honeywell Multics Operating System architecture, portrayed by a set of concentric numbered rings
ring protection
processes that operate at different layers within a system which must communicate through interfaces
layering
means the outside software components will not know how a process works and not be able to manipulate internal code
data hidiing
improves...
object's integrity, prevents interaction, independent states, allows independent states
process isolation
encapsulation of objects, time multiplexing if shared resources, naming distinctions, and virtual mapping
process isolation methods
enforces securtiy policy
Monitors: process activation, execute domain switching, memory protection, input/output operations
trusted computing base
abstract machine concept - must be tamperproof, always invoked, & verifiable
reference monitor concept
the hardware, firmware and software elements of a Trusted Computing Base the implement the reference monitor - Checks every process - Enforces least privilege - Verify acceptable
security kernel
active entities - includes users, programs, processes, logon identifiers
subjects
passive entities - inlcudes files, programs, instructions, data, hardware
objects
hierarchial state machine model, three fundamental modes, secure state, defines access rules; formed the basis for TCSEC Orange Book; addresses confidentiality, information flow, & non-interference
Bell-LaPadula Confidentiality Model
if you have read access you can only read at your classification level and below it; you cannot read data at a higher level
simple security model
a subject at a given security level must not write to any object at a lower security level (no write-down).
Bell LaPadula Star Property
subjects may write to objects with only a matching security level
Bell LaPadula Strong * Property
a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity.
Biba Integrity Model
states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
Biba Simple Integrity Axiom
states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up)
Biba * (star) Integrity Axiom
retricts the abilty of a user to request a service or execute a process which resides at a higher level of integrity than the user
Biba Invocation Property
addresses all three integrity goals; defines well-formed transactions; seperation of duties
Clark and Wilson Integrity Model
maintain external and internal consistency, prevents authorized people from making unathurorized modification, prevents unauthorized person from making unauthorized modification
triple access
states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
Clark Wilson Simple Integrity Axiom
states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).
Clark Wilson * (star) Integrity Axiom
flow model used to detect covert channels; how data goes and moves
Information Flow Model
model which isolates processes
non-interfernec model
variablely defined states model
graham-denning model
model proven that every possible combination of rules cannot break into an insecure state
harrison-ruzzo-ullman result
This security model, also known as the Chinese wall model, was designed to provide controls that mitigate conflict of interest in commercial organizations, and is built upon an information flow model; Chinesse Wall
brewer nash model
stars write simple people read
star & simple properties
don't drink and drive or you'll smash into the wall; introduced the idea of mutual exclusivity
Brewer-Nash Model
evaluates confidentiality USA centric; establishes different levels
TCSEC (Orange Book)
evaluates availabilty, functionality, & integrity
ITSEC
normal established level (secure) in Orange Book
Orange Book C2
origins, ISO, documents, EAL 1-7, PP, TOE, ST
Common Criteria
what the consumer wants; general set of security requirements
Protection Profile
the piece of equipment; a set of software, firmware and/or hardware to be evaluated
Target of Evaluation (TOE)
what the product will do; contains IT objectives and requirements of a specific TOE
Security Target
normal evaluated standard
EAL 4
a measure of the confidentiality, integrity, and availibilty that a system provides
Evaluation Assurance Level
framework about security management
ISO27001
framework about managing the quality or process;deliverables
ITIL
framework about indentifying and managing risk finance/fraud
COSO
framework about maturing these process; five levels of security; bottom level unreliable/initial
CMMI.
CMMI level procedure induced
CMMI 2
CMMI level project characterized for organization
CMMI 3
CMMI level process measured and controlled
CMMI 4
CMMI level focuses on continuous process improvement
CMMI 5
in software engineering and organizational development is a process improvement approach that provides organizations with the essential elements for effective process improvement. It can be used to guide process improvement across a project, a division, or an entire organization
Capability Maturity Model Integration (CMMI)
framework which identifies a business problem and then finds a solution;
SABSA
security target; pp
pp