Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/448

Click to flip

448 Cards in this Set

  • Front
  • Back
Guideline
A recommendation, an administrative control
Procedure
Step by step guide for accomplishing a task, and administrative control
Standard
Describes the specific use of technology, often applied to hardware and software, an administrative control
Policy
High level management directives, an administrative control
Principle of least privilege
Granting subjects the minimum amount of authorization required to do their jobs, also know as minimum necessary access
Separation of duties
Dividing sensitive transactions among multiple subjects
Mandatory vacations (leave)
Forcing staff to take vacation or time away from the office, also known as forced vacation
Collusion
An agreement between two or more individuals to subvert the security of a system.
EF Exposure factor
The percentage of value an asset lost due to an incident.
AV Asset value
The value of a protected asset.
ARO Annualized rate of occurrence
The number of losses suffered per year.
Qualitative risk analysis
Risk analysis method that uses approximate values.
Quantitative risk analysis
Risk analysis method that uses hard metrics such as dollars.
XOR
Exclusive OR Binary operation that is true if one or two inputs (but not both) is true.
MD5
Message Digest 5 a hash function that creates a 128bit message digest.
Symmetric Key Algorithms
class of algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and decryption of cipher text. The keys may be identical of there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption, in comparison to publickey encryption.
Asymmetric Algorithms
public key cryptography/asymmetric cryptography are a class of cryptographic algorithms which require two separate keys, one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plain text or to verify a digital signature whereas the private key is used to decrypt cipher text or to create a digital signature.
OCSP (Online Certificate Status Protocol)
a client server method used for looking up revoked certificates
Web of Trust
concept used in PGP, GnuPG, and other OpenPGP compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority (or a hierarchy of such). As with computer networks there are many independent webs of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs.
GnuPG GNU Privacy Guard
or GPG is a GPL licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, with is the current IETF standards track specification of OpenPGP. Although the basic GnuPg program has a command line interface, there exist various front ends that provide it with a graphical user interface the most popular are for linux desktops. Hybrid encryption software program in that it uses a combination of conventional symmetric key cryptography for speed and public key cryptography (asymmetric) for ease of secure key exchange, typically by using the recipient’s public key to encrypt a session key which is only used once. This mode of operation is part of the OpenPGP standard and has been part of PGP from its first version. By default uses the CAST5 symmetrical algorithm.
PGP Pretty Good Privacy
Software that integrates symmetric, asymmetric and hash cryptography. Used for signing, encrypting, and decrypting texts, emails, files, directories and whole disk partitions and increase the security of email communications (Phil Zimmermann in 91).
OSI Model
A network model with seven layers:
Physical
describes units of data such as bits represented by energy (such as light, electricity, or radio waves) and the medium used to carry them (such as copper or fiber optic cables). WLANs have a physical layer, even though we cannot physically touch it. Cabling standards such as Thinnet, Thicknet, and Unshielded Twisted Pair exist at Layer1. Devices include hubs and repeaters.
Data link
handles access to the physical layer as well as local area network communication. An Ethernet card and its MAC address are at layer 2, as are switches and bridges. Layer 2 is divided in two sub layers: Media Access Control (MAC) and Logical Link Control (LLC). The MAC layer transfers data to and from the physical layer, and the LLC layer handles LAN communications. MAC touches layer 1 and LLC touches layer 3.
Network
describes routing: moving data from a system on one LAN to a system on another. IP addresses and routers exist at layer 3. Layer 3 protocols include IPv4 and IPv6, among others.
Transport
handles packet sequencing, flow control, and error detection. TCP and User Datagram Protocol (UDP) are layer 4 protocols. Layer 4 makes a number of features available, such as resending or re sequencing packets. Taking advantage of these features is a protocol implementation decision. As we will see later, TCP takes advantage of these features, at the expense of speed. Many of these features are not implemented in UDP, which chooses speed over reliability.
Session
manages sessions, which provide maintenance on connections. Mounting a file share via a network requires a number of maintenance sessions, such as Remote Procedure Calls (RPCs), which exist at the session layer. A good way to remember the function of the Session Layer is “connections between applications.” The Session Layer users simplex, half-duplex, and full-duplex communication.
Presentation
presents data to the application (and user) in a comprehensible way. Presentation Layer concepts include data conversion, characters sets such as ASCII, and image formats such as Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format (TIFF).
Application
where you interface with your computer application. Your web browser, word processor, and instant messaging client exist at layer 7. The protocols Telnet and FTP are application layer protocols.
IGMP Internet Group Management Protocol
is a communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships. It is an integral part of IP multicast. IGMP can be used for one to many networking applications such as online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications. IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast listener Discovery (MLD) which uses ICMPv6 messaging in contrast to IGMPs bare IP encapsulation. IGMP operates between the client computer and the local multicast router.
ICMP Internet Control Message Protocol
used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached. ICMP can also be used to relay query messages. It is assigned protocol number 1. ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, not is it regularly employed by end user network application, with the exception of some diagnostic tools like ping an traceroute. Part of the Internet Protocol Suite as defined in RFC 792. Messages are typically used for diagnostic or control purposed or generated in response to errors in IP operations. Errors are directed to the source IP address of the originating packet. IE, every device forwarding an IP datagram first decrements the time to live (TTL) filed in the IP header by one. If the resulting TTL is 0, the packet is discarded and the ICMP time to live exceeded in transit message is sent to the datagram’s source address.
Multicast
one to many network traffic, where the “many” is preselected. Most common protocol is UDP but that is sometimes unreliable so Pragmatic General Multicast (PGM) have been developed. IGMP is used to route via IPv4 networks and MLD on IPv6 networks
EMI External Machine Interface
and extension to Universal Computer Protocol (UCP), is a protocol primarily used to connect to short message service centers (SMSCs) for mobile telephones. The protocol was developed by CMG Wireless Data Solutions.
EMI/RFI
Electromagnetic Interference/Radio Frequency Interferenc
RFI Remote File Inclusion
altering web URLs to include remote content usually done through a PHP (Hypertext Preprocessor) attack. This is a web attack. Done through a legitimate site attacker will force down a file like something.php to client computer and it will launch stealing info, create a backdoor or other nefarious things.
FDDI Fiber Distributed Data Interface
Legacy lab technology that uses light. Runs on a logical network ring via a primary and secondary counter-rotating fiber optic ring. Secondary ring was used for fault tolerance. Runs at 100 megabits and uses a “token bus” a different token passing mechanism that token ring. In addition to reliability another advantage of FDDI is light as fiber cable is not affected by electromagnetic interference.
DSSS Direct Spread Spectrum Sequence
A method for sending wireless traffic via a radio band. Uses the entire wireless band at once. Designed to maximize throughput while minimizing the effects of interference.
FHSS Frequency Hopping Spectrum Sequence
A method for sending wireless traffic via a radio band. Uses the a number of small frequency channels throughout the band and hops through them in pseudorandom order. Designed to maximize throughput while minimizing the effects of interference.
OFDM Orthogonal Frequency-Division Multiplexing
is a newer multiplexing method, allowing simultaneous transmission using multiple independent wireless frequencies that do not interfere with each other.
CDMA Code Division Multiple Access
this is an example of multiple access, which is where several transmitters can send information simultaneously over a single communication channel. This allows several users to a share a band of frequencies. Uses spread spectrum technology and special coding scheme. I would use the term modulation.
MPPE Microsoft Point-to-Point Encryption
encrypts data in point to point protocol (PPP) based dial up connections or point to point tunneling protocol (PPTP) virtual private network (VPN) connections. 128 bit key (strong), 56 bit key, and 40 bit key (standard) MPPE encryption schemes are supported. Provides data security for the PPTP connection that is between the VPN client and the VPN server. MPPE alone does not compress or expand data, but the protocol is often used in conjunction with Microsoft point to point compression which compresses data across PPP or VPN links.
L2F Layer 2 Forwarding
Designed to tunnel Point-to-Point Protocol (PPP). Developed by Cisco Systems. Does not provide encryption or confidentiality by itself, it relies on the protocol being tunneled to provide the privacy.
L2TP Layer 2 Tunneling Protocol
Combines PPTP and L2F. The entire L2TP packet, including payload and L2TP header, is sent within a User Datagram Protocol (UPD) datagram. It is common to carry PPP session within an L2TP tunnel. L2TP does not provide confidentiality or strong authentication by itself. IPsec is often used to secure L2TP packets by providing CIA. The combination of these two protocols is generally known as L2TP/IPsec.
PPTP Point-to-Point Tunneling Protocol
Uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
GRE Generic Routing Encapsulation
is a tunneling protocol developed by Cisco that can encapsulate a wide variety of network layer protocols inside virtual point to point links over an internet protocol internetwork..
IPsec Internet Protocol Security
A suite of protocols that provide a cryptographic layer to both IPv4 and IPv6. It uses Authentication Headers (AH) that provide integrity and origin authentication, Encapsulation Security Payloads (ESP) that provides confidentiality, data-origin authentication, connectionless integrity and Security Associations (SA) that provides a framework for authentication and key exchange with actual authenticated keying material provided wither by manual configuration with pre-shared keys, internet keyexhange, kerberixzed internet negotiation of keys or ipseckey dns records.
AH Authentication Header
guarantees connectionless integrity and data origin authentication of IP packets. Further, it can optionally protect against replay attacks by using the sliding window technique and discarding old packets.
Tunnel Mode
in IPsec in tunnel mode the entire IP packet is encrypted and or authenticated. It is then encapsulated into a new IP packet with a new IP header. Tunnel mode is used to create a virtual private networks for network to network communication (e.g. between routers to link sites), host to network communications (e.g. remote user access) and host to host communications (e.g. private chat). Tunnel mode support NAT traversal.
SOCKS Socket Secure
Popular circuit level proxy. Internet protocol that routes network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server practically, a SAOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. SOCKS performs at Layer 5 of the OSI model (session layer). De facto standard for circuit level gateways.
Beacon Frame
is one of the management frames in IEEE 802.11 based WLANs. It contains all the information about the network. Beacon frames are transmitted periodically to announce the presence of a Wireless LAN. Beacon frames are transmitted by the Access Point (AP) in an infrastructure basic service set (IBSS). In IBSS network beacon generation is distributed among the stations.
PRI Primary Rate Interface
Provides 23 64-K digital ISDN channels. It is a standardized telecommunication service level within the ISDN specification for carrying multiple DSO voice and data transmission between a network and a user. PRI is the standard for providing telecommunication services to offices. It is padded on the T-carrier (T1) in the US and Canada, and the E-carrier (E1) line in Europe. The T1 line consists of 24 channels, while and E1 has 32.
DOCSIS Data Over Cable Service Interface Specification
international telecommunications standard that permits the addition of high-speed data transfer to an existing cable tv (CATV) system. It is employed by many cable television operators to provide internet access over their existing hybrid fiber-coaxial infrastructure.
ActiveX
The functional equivalent of Java applets, they use digital certificates instead of a sandbox to provide security.
Jscript
Microsoft’s implantation of Java script in windows. Jscript is implemented as an Active Scripting engine, which means it can be plugged into OLE automation applications that support active scripting, such as Internet Explorer, Active server Pages and Windows Script Host. It also means such applications can use multiple active scripting languages (e.g. Jscript, VBScript, PerlScript,…).
Java
An object-oriented language used not only to write applets but also as a general-purpose programming language.
JavaScript
is a dynamic computer programming language, most commonly used as part of web browsers, whose implementations allow client side scripts to interact with the user, control the browser, communicate asynchronously, and alter the document content that is displayed. It is also being used in server side network programing with node.js. Big thing is to place the code into the sandbox to test and it does not affect the rest of the network.
Java Applet
small application which is written in java and delivered to users in the form of bytecode. The user launches the applet from a web page, and the applet is then executed within the java virtual machine (JVM) in a process separate from the web browser itself. Java applets are executed in a sandbox by most web browsers, preventing them from accessing local data like the clipboard or file system.
CMM - Capability Maturity Model
A maturity framework for evaluating and improving the software development process. There are five levels of the CMM.
1. Initial
The software process is characterized as ad hoc and occasionally even chaotic. Few processes are defined, and success depends on individual effort.
2. Repeatable
Basic project management processes are established to track cost, schedule, and functionality. The necessary process discipline is in place to repeat earlier successes on projects with similar applications.
3. Defined
The software process for both management and engineering activities is documented, standardized, and integrated into a standard software process for the organization. Projects use an approved, tailored version of the organization’s standard software process for developing and maintaining software.
4. Managed
Detailed measures of the software process and product quality are collected, analyzed, and used to control the process. Both the software process and products are quantitatively understood and controlled.
5. Optimizing
Continual process improvement is enabled by quantitative feedback from the process and from piloting innovative ideas and technologies.
SDLC - System Development Life Cycle
This system is broader than other life cycle plans and it focuses on security in every phase.
• Prepare a Security Plan
Ensure that security is considered during all phases of the IT system life cycle, and that security activities are accomplished during each of the phases.
• Initiation
the need for a system is expressed and the purpose of the system is documented.
o Conduct a Sensitivity Assessment
Look at the security sensitivity of the system and the information to be processed.
• Development/Acquisition
The system is designed, purchased, programmed, or developed.
o Determine Security Requirements
Determined technical features (e. g., access controls), assurances (e.g., background checks for system developers), or operational practices (e.g., awareness and training).
o Incorporate Security Requirements into Specifications
Ensure that the previously gathered information is incorporated in the project plan.
o Obtain the System and Related Security Activities
May include developing the system’s security features, monitoring the development process itself for security problems, responding to changes, and monitoring threats.
• Implementation
The system is tested and installed.
o Install/Turn-On controls
a system often comes with security features disabled. These need to be enabled and configured.
o Security Testing
Used to certify a system; may include testing security management, physical facilities, personnel, procedures, the use of commercial or in-house services (such as networking services), and contingency planning.
o Accreditation
The formal authorization by the accrediting (management) official for system operation and an explicit acceptance of risk.
• Operations/Maintenance
The system is modified by the addition of hardware and software and by other events.
o Security Operations and Administration
Examples include backup, training, managing cryptographic keys, user administration, and patching,
o Operational Assurance
Examines whether a system is operated according to its current security requirements.
o Audits and Monitoring
a system audit is a one-time or periodic event to evaluate security. Monitoring refers to an ongoing activity that examines either the system or the users.
• Disposal
The secure decommission of a system.
o Information
Information may be moved to another system, archived, discarded, or destroyed.
o Media Sanitization
There are three general methods of purging media: (1) overwriting, (2) degaussing (for magnetic media only), and (3) destruction.

Waterfall Method

An application development model that uses rigid phases; when one phase ends, the next begins. It is linear and was first used in manufacturing. Consists of the following 7 phases, system requirements, software requirements, analysis, program design, coding, testing, operations. The modified model allowed a return to the previous phase for verification or validation.

Spiral Method
Software development model designed to control risk. Boehm created the model. This process repeats steps of a project starting with modest goals and expanding outwards in ever wider spiral called rounds. These round consist of Concept of Operations (COOP), Software Requirements, Software Product Design, Detailed Design and at each of these a risk analysis. When a failure of lack of value was identified earlier it was easier and cheaper to mitigate.
Exploratory Model
when a domain is not very well understood or open-ended, or it's not clear what algorithms and data structures might be needed for an implementation, it's useful to be able to interactively develop and debug a program without having to go through the usual constraints of the edit-compile-run-debug cycle
Method
a function performed by an object. Is a subroutine (procedure or function) associated with an object, and which has access to its data, its member variables.
Behavior
any action of a system that changes to its environment. Behavior provides outputs from the system to the environment.
Coupling and Cohesion
coupling - Object Oriented Programing concept that connects objects to others; highly coupled objects have low cohesion. Cohesion OOP concept that describes an independent object; objects with high cohesion have low coupling. You could have high cohesion and low coupling.
Polymorphism
based on the Greek poly and morph meaning many and forms respectively. For instance the ability to overload the plus (+) operator performing different methods depending on the context of the input message number + number or string + string.
Polyinstantiation
means many instances, two instances with the same names that contain different data. This may be used in different environments to keep top secret and secret data separate, database polyinstantiation means two rows have the same primary key but different data
Security Kernel
central part of a computer of communications system hardware, firmware, and software that implements the basic security procedures for controlling access to system resources. A self-contained usually small collection of key security-related statements that (a) works as a part of an operating system to prevent unauthorized access to, or use of, the system and (b) contains criteria that must be met before specified programs can be accessed.
Security Policy
definition of what it means to be secure for a system, organization or other entity. For an organization, it addressed the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and wall. For systems, the security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people.
Change Management
the process of understanding, communicating, and documenting changes.
Stealth Virus
a virus that hides itself from the OS and other protective software, such as antivirus software.
Polymorphic Virus
A virus that changes its signatures upon infection of a new system, attempting to evade signature-based antivirus software.
Oligomorphic Virus
An encrypted virus that has several forms of its decrption code, selecting between them (usually randomly) when writing its decryptor ta new replicant.
Candidate Key
Any attribute (column) in the table with unique values.
Primary Key
Unique attribute in a relational database table, used to join tables
Attribute
A column in a relational database table.
Foreign Key
A key in a related database table that matches a primary key in the parent database.
Concurrency
is a property of systems in which several computations are executing simultaneously, and potentially interacting with each other. The computations may be executing on multiple cores in the same chip, preemptively time-shared threads on the same processor, or executed on physically separated processors. A number of mathematical models have been developed for general concurrent computation including Petri nets, process calculi, the parallel random access machine model, the actor model, and the reo coordination language. Because computation in a concurrent system can interact with each other while they are executing, the number of possible execution paths in the system can be extremely large, and the resulting outcome can be indeterminate. Concurrent use of shared resources can be a source of indeterminacy leading to issues such as deadlock and starvation.
Deadlocking
is a situation in which two or more competing action are each waiting for the other to finish, and thus neither ever does. In a transaction database, a deadlock happens when two processes each within its own transaction updates two rows of information but in the opposite order. For example process A updates row 1 then row 2 in the exact timeframe that process B updates row 2 then row 1. Process A can’t finish updating row 2 until process B is finished, but it cannot finish updating row 1 until process A finishes. No matter how much time is allowed to pass, this situation will never resolve itself and because of this database management systems will typically kill the transaction of the process that has done the least amount of work. In an operation system a deadlock is a situation which occurs when a process or thread enters awaiting state because a resource requested is being held by another waiting process, which in turn is waiting for another resource. If a process is unable to change its state indefinitely because the resources requested by it are being used by another waiting process, then the system is said to be in a deadlock.
Inference
Deductive attack where a user is able to use lower level access to learn restricted information.
ACID Atomicity Consistency Isolation Durability
a set of properties that guarantee that database transaction are processed reliably. In the context of databases, a single logical operation on the data is called a transaction. For example, a transfer of funds from on bank account to another, even involving multiple changes such as debiting one account and crediting another, is a single transaction. Atomicity requires that each transaction is all or nothing. If one part of the transaction fails the entire transaction fails and the database state is left unchanged. Consistency property ensure that any transaction will bring the database from one valid state to another. (programing errors will not violate any defined rules). Isolation ensures that the execution of transitions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other. Durability means that once a transaction has been committed, it will remain so, even in the event of power loss, crashes, or errors.
Rollback
restores a database after a failed commit.
Two-Phase Commit
used during replication of databases to ensure integrity. Before committing the DBMS request a vote. If the DBMSs on each agree then the data is written and ensured, if not the vote fails and changes are not committed and not made permanent.
Asynchronous Dynamic Token
are not synchronized with the central sever. The most common variety is challenge-response token authentication systems produce a challenge, or input for the token device. The user then manually enters the information into the device along with the user’s PIN and the device produces an output. This output is then sent to the system. The system is assured the user is authenticated because the response is tied to the challenge, a specific token, the encryption algorithm used by the token, and the user’s PIN.
Synchronous Dynamic Token
use time or counter to synchronize a displayed token code with the code expected by the authentication server; the codes are synchronized. Time-based synchronous dynamic tokens display dynamic token does that change frequently, such as every 60 seconds. The dymanic code is only good during that window. The authentication server know the serial number of each authorized toke, the user it is associated with, and the time, It can predict the dynamic code on each token using these three pieces of information. Counter based are just that they increment by whatever.
Biometric Type I Error
when the biometric points are increased and authorized personnel are stopped from gaining access this is a False Reject Rate and is called a type I error.
Biometric Type II Error
when the data point are lowered in the biometric system this cause a False Accept Rate (FAR) allowing unauthorized personnel to gain access. This is a type II error.
The Key Distribution center (KDC)
a Kerberos service that authenticates principals.
Sesame Secure European system for Applications in a Multivendor Environment
is a single sign-on system that supports heterogeneous environments. Can be thought of as a sequel of sorts to Kerberos: Sesame add to Kerberos: heterogeneity, sophisticated access control features, scalability of public key systems, better manageability, audit and delegation. Of those improvements, the addition of public key (asymmetric) encryption is the most compelling. It addresses on of the biggest weaknesses in Kerberos: the plaintext storage of symmetric keys. Uses Privilege Attribute Certificates (PACs) in place of Kerberos’ tickets.
Kerberos
a third-party authentication service that may be used to support SSO (Single Sign On). Authentication, Authorization, and Accountability (AAA). The client, the key distribution center (KDC), and the server. Operational Steps 1. Kerberos principal Alice contact the KDC, which acts as an authentication server, to request authentication. 2. The KDC sends Alice a session key, encrypted with Alice’s secret key. The KDC also sends a TGT, encrypted with TGS secret key. 3. Alice decrypts the session key and uses it to reqest permission to print from the TGS. 4. Seeing Alice has a valid session key (and therefore has proven her identity claim) the TGS sends Alice a C/S session key (second session key) to use to print. The TGS also sends a service ticket, encrypted with the printer’s key. 5. Alice connects to the printer. The printer, seeing a valid C/S session key, knows Alice has permission to print and also knows that Alice is authentic.
LDAP Lightweight Directory Access Protocol
used for accessing and maintaining distributed directory information service over IP network. Vendor neutral. Uses TCP and UDP port 389.
MS-Chap
is used a one authentication option in Microsoft’s implementation of the PPTP protocol for VPNs. It also uses an authentication with RADIUS servers which are used for Wi-Fi security. It is further used as the main authentication option of the Protected Extensible Authentication Protocol (PEAP)
MAC - Mandatory Access Control
System enforced access control based on subjects’ clearances and objects’ labels.
DAC - Discretionary Access Control
Gives subjects full control of object they have been given access to, including sharing the objects with other subjects.
RBAC Role-Based Access Control
subjects are grouped into roles and each defined role has access permission based on the role, not the individual.
Rule-Based Access Control
Uses a series of defined rules, restrictions, and filters for accessing objects within a system. Made in the form of if/then statements.
IDS in Passive Mode NIDS
Network Intrusion Detection System Detects malicious traffic on a network. Usually require promiscuous network access in order to analyze all traffic including al unicast traffic.
Anomaly Detection
is the identification of items, events or observation which do not conform to an expected patern or other items in a dataset.
Signature-Based Detection
uses samples of code to identify the virus or malware. If this is not contained in the dictionary then it is not effective.
4 Types of IDS Events
False Positive User surf the web to an allowed site, and NIDS alerts. False Negative Conficker worm is spreading on a trusted network, and NIDS is silent. True Positive Conficker worm is spreading on trusted network, and the NIDS alerts. True Negative User surfs the Web to an allowed site, and NIDS is silent.
Forking Proxy
A Session Initiation Protocol (SIP) proxy servers that route messages to more than one destination are called forking proxies. Example of this would to have your desk phone and your cell phone ring at the same time so you could take the call at either device.
Volatile Memory
Ram is volatile memory used to hold instruction and data of currently running programs. It loses integrity after loss of power.
Non-Volatile Memory
Read-only memory (ROM) is nonvolatile: Data stored in ROM maintains integrity after loss of power. The basic input/output system (BIOS) firmware is stored in ROM.
SAM - Sequential Memory
is a class of data storage devices that read their data in sequence. This is in contrast to random access memory (RAM) where data can be accessed in any order. Sequential access devices are usually a for of magnetic memory. Examples of SAM devise still in use include hard disks, cd-roms and magnetic tapes.
Secondary Memory
flash memory, optical discs, magnetic disk, magnetic tapes.
Supervisor State Supervisor Mode
is a hardware mediated flag which can be changed by code running in system level software. System tasks or threads will have this flag set while they are running, whereas user space application will not. This flag determines whether it would be possible to execute machine code operations such as modifying registers for various descriptor tables, or performing operations such as disabling interrupts. The idea aof having two different modes to operate in comes from with more control comes more responsibility a program in supervisor mode is trusted never to fail, since a failure may cause the whole computer system to crash.
Dedicated
Dedicated mode of operation means that the system contains objects of one classification label (e.g., secret) only. All subjects must possess a clearance equal to or greater than the label of the objects (a secret or higher clearance, using the previous example). Each subject must have the appropriate clearance, formal access approval, and need to know for all the information stored and processed on the system.
System High
In a system high mode of operation, the system contains objects of mixed labels (e.g. confidential, secret, and top secret). All subjects must possess a clearance equal to the system’s highest object (top secret, using the previous example).
Compartmented
In a compartmented mode of operation system, all subjects accessing the system have the necessary clearance but do not have the appropriate formal access approval, nor do they need to know for all the information found on the system. Objects are placed into “compartments” and require a formal (system-enforced) need to know to access. Compartmented mode systems use technical controls to enforce need to know (as opposed to a policy-based need to know).
Multi-Level
Multilevel mode of operation stores objects of differing sensitivity labels and allows system access by subjects with differing clearances. The reference monitor mediates access between subjects and objects: If a top secret subject (with a need to know) accesses a top secret object, access is granted. If a secret subject attempts to access a top secret object, access is denied.
Bell-LaPadula Model
It was developed for the U.S. Department of Defense. It is focused on maintaining the confidentiality of objects. Protecting confidentiality means not allowing users at a lower security level to access objects at a higher security lever. Bell-LaPadula operates by observing two rules: the Simple Security Property and the * Security Property.
Simple Security Property
States that there is no read up; that is, a subject at a specific classification level cannot read an object a a higher classification level. Subjects with a secret clearance cannot access top secret objects, for example.
* Security Property
States that there is no write down; that is, a subject at a higher classification level cannot write to a lower classification level. Subjects who are logged into a top secret system cannot send emails to a secret system, for example.
Biba Model
is the model of choice when integrity protection is vital. The Biba model has two primary rules: the simple Integrity axiom and the * Integrity Axiom.
Simple Integrity Axiom
is “no read down”; that is, a subject at a specific classification level cannot read data at a lower classification. This prevents subjects from accessing information at a lower integrity level. This protects integrity by preventing bad information from moving up from lower integrity levels.
* Integrity Axiom
is “no write up”; that is, a subject at a specific classification level cannot write to data at a higher classification. This prevents subjects from passing information up to a higher integrity level that they have clearance to change. This protects integrity by preventing bad information from moving up t higher integrity levels.
Clark-Wilson Model
is a real world integrity model that protects integrity by requiring subjects to access objects via programs. Because the programs have specific limitations to what they can and cannot do to objects, Clark-Wilson effectively limits the capabilities of the subject. Clark-Wilson uses two primary concepts to ensure that security policy is enforced: well-formed transactions and separation of duties.
Chinese Wall Model/ Brewer and Nash
is designed to avoid conflicts of interests by prohibiting one person, such as a consultant, from accessing multiple conflict of interest categories (CoIs). It is also called Brewer and Nash designed to address the risks inherent with employing consultants working within banking and financial institutions.
Graham Denning Model
has three parts: objects, subjects and rules. It provide a more granular approach for interactions between subjects and objects. There are eight rules: R1 Transfer Access, R2 Grant Access, R3 Delete Access, R4 Read Object, R5 Create Object, R6 Destroy Object, R7 Create Subject, R8 Destroy Subject.
Process Isolation
Process can’t interfere with other processes logical control
Common Criteria
The common Criteria uses specific terms when defining specific portions of the testing process.
Target of evaluation (ToE)
the system or product that is being evaluated.
Security Target (ST)
the documentation describing the ToE, including the security reqirements and operational environment.
Protection Profile (PP)
an independent set of security requirements and objectives for a specific category of products or systems, such as firewalls or intrusion detection systems.
Evaluation Assurance Level (EAL)
The evaluation score of the tested product or system. EAL1 Functionally tested. EAL2 Structurally tested. EAL3 Methodically tested and checked. EAL4 Methodically tested and checked and reviewed. EAL5 Semi-formally designed, and tested. EAL6 Semi-formally verified and designed, and tested. EAL7 Formally verified, designed and tested
TCSEC - Trusted Computer System Evaluation Criteria
Also known as The Orange Book. One of the first security standards implemented, and major portions of those standard are still used today in the form of U.S. government Protection Profiles within the International Common Criteria framework. Division D is the lowest form of security and A is the highest. The orange book was the first significant attempt to define differing levels of security and access control implementation within an IT system.
ITSEC
the European Information Technology Security Evaluation Criteria (ITSEC) was the first successful international evaluation model. It refers to TCSEC orange book levels, separating functionality from assurance. There are two types of assurance: effectiveness (Q) and correctness (E).
PCI-DSS Payment Card Industry Data Security Standard
is a security standard created by the payment card industry security standards council (PCI-SSC). The council is comprised of the four large credit card companies and others. They seek to protect credit cards by requiring vendors using them to take specific security precautions
Fault Tolerance
In order for systems and solution within an organization to be able to continually provide operational availability, they must be implemented with fault tolerance in mind. Availability is not solely focused on system uptime requirements but also requires that data be accessible in a timely fashion. Both system and data fault tolerance will be attended to within this section.
Full Backup
Is the easiest type of backup to understand; it simply is a replica of all allocated data on a hard disk. Most costly shortest amount of time to restore in catastrophe.
Incremental Backup
Only files that have changed since the last backup of any kind was performed.
Differential Backup
Only files that have changed since the last full backup has been performed.
RAID
Redundant Array of Inexpensive Disks
RAID0
employs striping to increase the performance of read and write. Offers no data redundancy.
RAID1
mirrored set, write performance decreased, read performance increased, half disks are dedicated to redundancy, cost is high.
RAID2
is not considered commercially viable for hard disks and is not used.
RAID3
striped set with dedicated parity, data at they byte level is striped across multiple disks, an additional disk is leveraged for storage of parity information in the event of a failure.
RAID4
stripped set with dedicated parity at the block level just like level 3 but at block level.
RAID5
striped set with distributed parity, one of the most popular configurations, block level striping, parity is spread across multiple disks.
RAID6
stripped set with dual distributed parity, unlike raid 5, raid 6 allows for 2 disks to fail and still function. This redundancy is achieved by writing the same parity information to two different disks.
RAID10
is just raid0 and raid1 together. This makes it stripped and mirrored and encapsulated together.
Blackout
Total loss of electrical power.
Brownout
A perceptible reduction in the electrical line voltage supplied is usually caused by an excessive electrical demand on the electric utility or by an insufficient power-generation capability. This is also known as a brown down.
Sag
A temporary, usually very fast, drop in electrical voltage. It is usually associated with the supply voltage to the computer, not inside the computer. Sags are the opposite of spikes and are sometimes called brown downs when the sag is not momentary. They are very often damaging to computer equipment.
Static Electricity
A form of electrical voltage and current generated in usually an accidental action. This in not electricity from a battery or the normal house or office electrical supply. It is more like lightning in that it is a quick but substantial discharge that can do great damage. It is the same type of charge that happens when clothes have been dried in a dryer and they cling to themselves upon removal. It occurs more frequently in cold weather, often whil waling on carpet. It can destroy electrical components, disks, diskettes, tapes and other forms of magnetic storage media. It usually does this by demagnetizing the data and formatting markers on the media, and by over-charging electrical components capabilities.
BCP - Business Continuity Plan
provides long term continuity planning to ensure that in the wake of a disruption that the business can still perform the critical business functions.
DRP - Disaster Recovery Plan
Focuses on efficiently attempting to mitigate the impact of a disaster and the immediate response and recovery of a critical IT systems in the face of a significant disruptive event.
MTD - Maximum Tolerable Downtime
the total time a system can be inoperable before an organization is severely impacted. Also called Maximum Allowable Downtime (MAD), Maximum Tolerable Outage (MTO), and Maximum Acceptable Outage (MAO). RTO + WRT = MTD
RTO Recovery Time Objective
describes the maximum time allowed to recover business or IT systems. Is also called Systems Recovery Time.
WRT Work Recovery Time
describes the time required to configure a recovered system.
RPO - Recovery Point Objective
is the amount of data loss or system inaccessibility (measured in time) that an organization can withstand. NASDAQs RPO is the point when someone can make a trade. So that is almost never to be down. Some places may be a week of data.
Hot Site
Will have all necessary hardware and critical applications data mirrored in real time. A hot site will have the capability to allow the organization to resume critical operations within a very short period of time, sometimes in less than an hour.
Cold Site
Least expensive. Usually can be up within weeks and has a raised floor, power, utilities, and physical security but not much beyond that.
Warm Site
Can be up in some instances of 24 to 48 hours. Has some aspects of a hot site with readily accessible hardware and connectivity but will have to run backups in order to reconstitute a system
Mobile Site
this is just as it sounds. Provide power and network and it works.
CMP - Crisis Management Plan
is designed to provide effective coordination among the managers of the organization in the event of an emergency or disruptive event. The CMP details the actions management must take to ensure that life and safety of personnel and property are immediately protected in case of a disaster.
Real Evidence
the first and most basic category of evidence which consists of tangible or physical objects. Hard drives, DVDs, USB storage devices, or printed business records.
Best Evidence Rule
Courts prfer the best evidence possible. Original documents are preferred over copies; conclusive tangible objects are preferred over oral testimony. Recall that the five desirable criteria for evidence suggest that, where possible, evidence should be relevant, authentic, accurate, complete and convincing.
Secondary Evidence
class of evidence common in cases involving computers. Consists of copies of original documents and oral descriptions. Computer generated logs and documents might also constitute secondary rather than best evidence; however, Rule 1001 of the US federal rules of evidence can allow readable reports of data contained on a computer to be considered original as opposed to secondary evidence.
Direct Evidence
is testimony provided by a witness regarding what the witness actually experienced with his or her five senses. Witnesses must have experienced what they are testifying to, rather than having gained the knowledge indirectly through another person (hearsay).
Chain of Custody
requires that once evidence is acquired, who, what, when , and where with regard to the handling of evidence must be fully documented. Initials and/or signatures on the chain of custody form indicate that the signers attest to the accuracy of the information concerning their role noted on the chain of custody form.
Recovery
means that they system must be recovered (e.g. reinstalled from OS media or image, dat restored from backups).
Detective
controls that alert during or after a successful attack. Intrusion detection systems alerting after a successful attack, closed circuit television cameras (CCTV) that alert guards to an intruder, and a building alarm system that is triggered by an intruder are all examples of detective controls.
Corrective
Work by correcting a damaged system or process. Works hand in hand with the detective controls.
Deterrent
deter users from performing actions on a system. Examples include a beware of dog sign. A thief facing two building, one with a guard dogs one without he breaks into the one without.
Fiduciary Responsibility
have a trust and confidence to manage and protect property and or money or assets of business to the consumer or shareholder.
Due Diligence
is the investigation of a business or person prior to signing a contract, or an act with a certain standard of care. It can be a legal oblication, but the term will more commonly apply to voluntary investigations.
Due Care
The conduct that a reasonable man or woman will exercise in a particular situation, in looking out for the safety of others.
Liability
describes the condition of being actually or potentially subject to a legal obligation.
Locard’s Principle
holds that the perpetrator of a crime will bring something into the crime scene and leave with something from it, and that both can be used as forensic evidence.
Heisenberg’s Principle
has to do with disturbing cryptographic tapping and of encryption and the fact that it will cause a disturbance. His uncertainty principle applied to this.
Running State
Process being executed by the CPU. Page 263
Waiting State
the processor needs to access external memory, it starts placing the address of the requested information on the address bus. It then must wait for the answer, Each of the cycles spent waiting is called a wait state.
Stopped State
processor or service has stopped execution of the code.
Ready State
Process waiting to be executed by the CPU. Page 263
Pre-Emptive Multi-Tasking
a computer operating system uses some criteria to decide how long to allocate to any one task before giving another task a turn to use the operating system.
Cooperative Multi-Tasking
a method where multiple tasks are performed during the same period of time they are executed concurrently (in overlapping time periods, new tasks starting before others have ended) instead of sequentially (one completing before the next starts). The tasks share common processing resources, such as a CPU and main memory.
Multi-Threading
the ability of a program or an operating system process to manage its use by more than one user at a time and to even manage multiple requests by the same user without having to have multiple copies of the programming running in the computer.
Static Token
the device which does the authentication does not compute anything, it has a set value stored on the device.
Cost/Benefit risk analysis
ALE (before safeguard)-ALE (after safeguard)-Annual cost of safeguard = value of safeguard. Is it worth it to mitigate threat?
Job rotation
rotation of responsibilities, build skill redundancy, administrative control
Project Initiation
Systems development life cycle, first phase.
Message
how objects communicate
Damage Assessment Team
perform damage assessment as prescribed in the operations briefing and in accordance with the teams’ prioritized list of sites.
Backup Activation Team
Emergency Response Team: retrieve offsite records and recovery information from offsite storage, report to the alt site execute the business recovery procedures in prioritized order, communicate status, identify issues and establish shifts, identify replacement equipment/software needed for recovery.
Common Law
Criminal Law “protect people”, Civil Law (Tort Law) “wrongs inflicted on people or business
Patents
Good for 20 years, invention must be new, useful. Inventor granted exclusive rights during patent period. It is an intellectual property right granted by the Government of the United States of America to an inventor “to exclude others from making, using, offering for sale, or selling the invention throughout the United States or importing the invention into the United States” for a limited time in exchange for public disclosure of the invention when the patent is granted.
Trade Secrets
Intellectual property that is absolutely critical to a business. Protection is solely the responsibility of the business. Commonly protected by non-compete or non-disclosure agreements. Lasts forever or until it becomes public knowledge by legal means.
Safe harbor
allows US companies to pass data without prosecution as long as they comply with regulations. EU citizen personal data can not be transmitted, even with permission of the individual, outside the EU.
Negligence
opposite of due care. Can be legally found if the due care was not performed.
Legal Responsibility
requirements by law, legal obligation
Prudent Man Rule
directs trustees "to observe how men of prudence, discretion and intelligence manage their own affairs, not in regard to speculation, but in regard to the permanent disposition of their funds, considering the probable income, as well as the probable safety of the capital to be invested."
Evidence To Be Admissible
must be legally obtained to be considered in court of law.
Corrosion
the gradual destruction of materials (usually metals) by chemical reaction with its environment.
Smoke/Fire Detectors
heat, flame and smoke detectors. Ionization (smoke), Heat (rate of rise), Photoelectric (Smoke), Ultaviolet//Infared (flame).
Fire Extiguisher classes
A : common comustibles, B: Liquids, C: Electrical, D: Metal, K: Kitchen Fires.
Turnstile
personnel entries, one at a time. Designed to prevent tailgating.
Gate
vehicular gates: Class I - residential, Class II - commercial, Class III - Industrial, Class IV - restricted access requiring security personnel (prison, airport)
Bollard
pillars placed to prevent vehicular access
Mantrap
a double-door single-person access control space, first door must close and lock prior to the second opening. Each door requires different form of authentication to open.
Pan/Tilt/Zoom
closed circuit television, change view of camera
Drill frequency
how often procedures are practiced
Security Requirements Profile
a document used as part of the certification process. a combination of threats, security objectives, assumptions, security functional requirements (SFRs), security assurance requirements (SARs) and rationales.
Crime Prevention Through Environmental Design
a multi-disciplinary approach to deterring criminal behavior through environmental design. the ability to influence offender decisions that precede criminal acts.
Data Center/Server Room
physically secured room which houses servers and data storage devices. Located in core area of facility, not directly accessible from public areas, not located on top floors, on a different electrical grid from building.
Timing and Storage Covert Channels
the two types of covert channels The Orange book requires protection against
Change Control Process
One of the key security aspects of revision control and configuration management is the capability to track changes. If problems occur, administrators can examine the system in the context of the software and other installed components to see what might have caused the problem. The first step in creating these traces is to have a policy that mandates a formal change control procedure for all hardware and software systems. This policy should provide for written requests to perform system changes that can include a review for security. Using the policy as the base, the standards and procedures can be written to support the processes that log every change to any information component.
Problem Management
process of tracking an event back to its root cause to discover and address the underlying cause
Archive Bit
Used to mark a backup state - ALL data is backed up and saved - the archive bit is cleared; The differential does not change the archive bit value; an incremental backup changes the archive bit to ZERO
Vulnerability Scanner
A process to discover poor configurations and missing patches in an environment (use a vulnerability scanner to determine vulnerabilities)
Port Scanner
A port scan is a method used by hackers to determine what ports are open or in use on a system or network. By using various tools a hacker can send data to TCP or UDP ports one at a time. Based on the response received the port scan utility can determine if that port is in use. Using this information the hacker can then focus their attack on the ports that are open and try to exploit any weaknesses to gain access.
Packet Sniffer
Packet sniffing is the act of capturing packets of data flowing across a computer network. The software or device used to do this is called a packet sniffer. Packet sniffing is to computer networks what wire tapping is to a telephone network. Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems with network communications. However, it is also widely used by hackers and crackers to gather information illegally about networks they intend to break into. Using a packet sniffer it is possible to capture data like passwords, IP addresses, protocols being used on the network and other information that will help the attacker infiltrate the network.
Conclusive Evidence
nonrefutable evidance aka.. the smoking gun
European Union Privacy
The 1995 Directive was established to provide a regulatory framework to guarantee secure and free movement of personal data across the national borders of the EU member countries, in addition to setting a baseline of security around personal information wherever it is stored, transmitted or processed.
Backup Operations Team
Team that takes over the more routine operations of the processes while restoration proceedures are initated.
Joint Application Development Model
Collective activity involving users and top management IT professionals. Centers on a structured workshop. Results in a final document containing definitions for data elements, work flows, screens, reports, and general system specifications.
The Delphi technique
a group process that anonymously generates ideas or judgments from physically dispersed experts. Brainstorming
Plan Test Methods
???
Guideline
a recommendation, administrative control
Procedure
a step by step guide for accomplishing a task, administrative control
Standard
describes the specific us of technology, often applied to hardware and software, administrative control
Policy
high-level management directives, administrative control
Job rotation
rotation of responsibilities, build skill redundancy, administrative control
Principle of least privilege
only has privileges needed for job, administrative control
Separation of duties
critical functions are broken up among multiple subjects, prevents authorized subjects from making improper modifications to objects, administrative control
Mandatory vacations
forced vacations or time away from the office, usually suspected of abuse of authority, administrative control.
Collusion
an agreement between two or more individuals to subvert the security of a system
Exposure factor
the percentage of value an asset lost due to an incident
Asset value
the value of a protected asset
Annualized rate of occurrence
the number of losses suffered per year
Qualitative risk analysis
Risk analysis method which uses approximate values. Brainstorming, storyboarding, focus groups, Delphi technique, surveys/questions, checklists, interviews, 1-on-1 meetings
Quantitative risk analysis
RA method which uses hard metrics such as dollars. 6 steps or phases, Asset valuation, threat identification, threat analysis, derive overall loss potential, research countermeasures, perform cost/benefit analysis
Cost/benefit risk analysis
ALE (before safeguard) - ALE (after safeguard) - Annual cost of safeguard = value of safeguard. Is it worth it to mitigate threat?
Delphi technique
anonymous feedback & response process, elicits honest and uninfluenced responses, virtual meetings
XOR
binary mathematical operation which adds 2 bits together. If values are same, result is 0, if values are different, result is 1
MD5
hashing algorithm, 512 bit blocks, digest size: 128 bits, 4 rounds, 32 character output
Symmetric algorithms
1 shared key, n*(n-1)/2, stream cipher, block cipher, DES, Triple DES, blowfish, twofish, IDEA, AES, CAST, SAFER, RC4, RC5, RC6
Asymmetric algorithms
uses different key for encryption and decryption, 2 key pair, public and private, RSA, Diffie-Hellman, Elliptical Curve, ElGamal, digital signature
Online certificate status protocol (OCSP)
is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate.
Web of trust
all parties involved trust each other equally. No CA to certify certificate owners.
GNU privacy guard
a version of pretty good privacy cryptographic software
Pretty good Privacy
is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. It was created by Phil Zimmermann in 1991
OSI model
1 physical, 2 data link, 3 network, 4 transport, 5 session, 6 presentation, 7 application
IGMP
multicast control protocol, 1 signal to be sent to multiple addresses. Network layer protocol.
ICMP
protocol, IP’s toolbox, ping, traceroute, network layer protocol
Multicast
one to many, controlled by group management protocols
EMI
electromagnetic interference, generated by electrical impulses. Noise on a wire
RFI
radio frequency interference, wireless interference.
Fiber
Fiber optics, light transmitted thru glass fibers in a cable.
DSSS
wireless transmission large band, small amplitude
FHSS
Wireless transmission rapidly changes frequencies
OFDM
wireless transmission multiplexes sub-frequency bands
FDMA
wireless transmission each call has separate frequency
CDMA
wirelss transmission unique code to each call and spreads it over the available frequencies
MPPE
microsoft point-to-point encryption, data encryption protocol
L2F
tunneling protocol by cisco, VPN
L2TP
tunneling protocol for VPNs by ISPs.
PPTP
point to point tunneling protocol. VPNs
IPSec
a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session
Tunnel Mode
Gateway-to-gateway, Server-to-gateway, Server-to-server
AH
encapsulates an IP packet with an Authentication Header and IP header and signs the entire packet for integrity and authentication.
SOCKS
SocketSecure. Circuit proxy server. Layer 5 of OSI. a Internet protocol that routes network packets between a client and server through a proxy server
Beacon Frame
transmitted periodically to announce the presence of a Wireless LAN, It contains all the information about the network, SSID.
Primary rate interface (PRI)
a standardized telecommunications service level within the Integrated Services Digital Network (ISDN) specification for carrying multiple DS0 voice and data transmissions between a network and a user. PRI is the standard for providing telecommunication services to offices. It is based on the T-carrier (T1) line in the US and Canada, and the E-carrier (E1) line in Europe. The T1 line consists of 24 channels, while an E1 has 32.
Data over cable service interface specification (DOCSIS)
an international telecommunications standard that permits the addition of high-speed data transfer to an existing cable TV (CATV) system. It is employed by many cable television operators to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure.
ActiveX
a software framework created by Microsoft which adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly in the context of the World Wide Web
Jscript
Active Scripting engine, microsoft
JavaScript
a dynamic computer programming language. It is most commonly used as part of web browsers, whose implementations allow client-side scripts to interact with the user, control the browser, communicate asynchronously, and alter the document content that is displayed
Java Applet
a small application which is written in Java and delivered to users in the form of byte-code.
Capability maturity model
a development model created to improve existing software-development processes, but it can also be applied to other processes.
Systems development life cycle
Planning, Analysis, Design, Implementation, Maintenance.
Waterfall method
a sequential design process, often used in software development processes, in which progress is seen as flowing steadily downwards (like a waterfall) through the phases of Conception, Initiation, Analysis, Design, Construction, Testing, Production/Implementation, and Maintenance.
Spiral Method
a risk-driven process model generator for software projects. Based on the unique risk patterns of a given project, the spiral model guides a team to adopt elements of one or more process models, such as incremental, waterfall, or evolutionary prototyping.
Project Initiation
Systems development life cycle, first phase.
Joint Application Development
management process that allows developers to work directly with users.
Exploratory Model
requirements built on what is available, on assumptions as to how the system might work, planning and trying different designs before development, not cost effective, results in less than optimal systems.
Message
how objects communicate
Method
functionality an object can carry out
Behavior
results or output of an object
Coupling and Cohesion
coupling: level of interaction between objects, low coupling means less interaction and easier to troubleshoot. Cohesion: degree to which an object depends on other objects, high cohesion has low dependence on other objects and is easier to troubleshoot.
Polymorphism
how different objects respond to the same command
Polyinstantiation
creating 2 versions of the same object, versions are distinguished by security levels, prevents inference attacks, enables a relation to contain multiple rows with the same primary key.
Security Kernel
ring level 0, reference monitor. All access to information must go through the kernel, kernel must be protected from any type of unauthorized access or modification.
Security policy
set of rules that dictates how information and resources is going to be managed, framework for the security architecture.
Change Management
a process by which all system changes are tracked, audited, controlled, identified and approved.
Stealth virus
a virus that hides itself from the OS and other protective software, such as anti-virus software.
Polymorphic virus
virus that changes its signature upon infection of a new system, attempting to evade signature-based anti-virus software.
Oligomorphic virus
code similar to polymorphic, but has a decryptor that does not show up on signature list.
Metamorphic virus
reprograms itself, carries various versions of itself. Translates ifself into temporary representations and then back to normal code. Capable of infecting more that one OS.
Candidate Key
attributes identifying a record
Primary Key
unique identifier
Attribute
field (column)
Foreign Key
attribute related to another table
Concurrency
allows one change at a time (Database)
Deadlocking
access to data at the same time, both are denied
Inference
the act or process of deriving logical conclusions from premises known or assumed to be true.
ACID
Atomicity, Consistency, Isolation, Durability is a set of properties that guarantee that database transactions are processed reliably
Rollback
ends current transactions, cancels changes, database returns to previous state.
Two-Phase Commit
a type of atomic commitment protocol (ACP). It is a distributed algorithm that coordinates all the processes that participate in a distributed atomic transaction on whether to commit or abort (roll back) the transaction (it is a specialized type of consensus protocol).
Asynchronous token
generates an one time password, but do not use time synchronization between token and authentication server. a random challenge is generated and sent to the user who enters the challenge into the token. The token displays a result that the user sends back to the authenticator.
Synchronous token
time-synchronized to an authentication server for the purpose of creating a One-Time Password. The token and the server each have independent clocks that must be synchronized to the same timebase.
Static token
the device which does the authentication does not compute anything, it has a set value stored on the device.
Biometric Type 1 error
False reject rate (FRR) user is authorize, but is rejected.
Biometric Type 2 error
False accept rate (FAR) user is unauthorized but is accepted.
Key distribution Center (KDC)
consists of a ticket granting service and authentication server.
SESAME
secure European system for applications in a multi-vendor environment. Uses symmetric and asymmetric encryption. Compatible with Kerberos v.5. Uses privilege attribute certificates (PAC) instead of Kerberos tickets.
Kerberos
a trusted third-party authentication protocol, establishes single-sign on. Uses symmetric keys for encryption. No PKI or asymmetric encryption involved.
LDAP
Lightweight Directory Access Protocol, an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
MS-Chap
the Microsoft version of the Challenge-Handshake Authentication Protocol.
Mandatory Access control
based on sensitivity labels, controlled by security policy administrators, users cannot over-ride security policy.
Discretionary Access Control
Users set privileges on information they own, sensitivity labels are not required, dynamic and allows the sharing of information.
Rule-Based Access Control
roles are created based on functions and tasks. Users are assigned to roles, permissions are assigned to the roles and users only acquire permissions on the assumption of the role.
Rule-Based Access Control
access is allowed or denied to resource objects based on a set of rules defined by a system administrator.
IDS in passive mode
looks for security breaches, but effectively takes on action.
Anomaly detection
the identification of items, events or observations which do not conform to an expected pattern.
Signature-based detection
evaluates attacks based on a database of signatures written by the vendor or operator.
False positive
accepted activity identified as malicious activity.
False negatives
malicious activity that is not reported.
True Positive
malicious activity identified as malicious activity
True Negative
normal traffic identified as normal traffic.
Pre-emptive multi-tasking
a computer operating system uses some criteria to decide how long to allocate to any one task before giving another task a turn to use the operating system.
Cooperative multi-tasking
a method where multiple tasks are performed during the same period of time - they are executed concurrently (in overlapping time periods, new tasks starting before others have ended) instead of sequentially (one completing before the next starts). The tasks share common processing resources, such as a CPU and main memory.
Multi-threading
the ability of a program or an operating system process to manage its use by more than one user at a time and to even manage multiple requests by the same user without having to have multiple copies of the programming running in the computer.
Forking
developers take a copy of source code from one software package and start independent development on it, creating a distinct piece of software.
Volatile memory
computer memory that requires power to maintain the stored information. It retains its contents while powered, but when power is interrupted stored data is immediately lost.
Non-volatile memory
memory that maintains its content even when unpowered.
Sequential memory
a class of data storage devices that read their data in sequence. This is in contrast to random access memory (RAM) where data can be accessed in any order. Sequential access devices are usually a form of magnetic memory.
Secondary memory
not accessed directly by the CPU. Instead, data accessed from secondary memory is first loaded into RAM and is then sent to the processor. Refers to storage devices, such as hard drives and solid state drives. It may also refer to removable storage media, such as USB flash drives, CDs, and DVDs.
Running State
A process moves into the running state when it is chosen for execution. The process's instructions are executed by one of the CPUs (or cores) of the system. There is at most one running process per CPU or core.
Waiting State
the processor needs to access external memory, it starts placing the address of the requested information on the address bus. It then must wait for the answer, Each of the cycles spent waiting is called a wait state.
Stopped State
processor or service has stopped execution of the code.
Supervisor State
a hardware mode in which the operating system executes instructions unavailable to an application program; for example, I/O instructions.
Dedicated
system dedicated to particular level. Security clearance for all data, Approved to access all data, Need-to-know for all information.
System High
Security clearance required for all data, Approved to access all data, Need-to-know for all information.
Compartmented/partitioned
Security clearance for all data, Approved to access data they will have access to, need to know for data they will have access to.
Multilevel Security
Security clearance where security clearance dominates the file’s security label. Approved access to data they will have access to, need to know for data they will have access to
Bell La-Padula simple security property
a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g."Top Secret"), down to the least sensitive (e.g., "Unclassified" or "Public").
Biba Simple Integrity Axiom
a subject at a given level of integrity must not read an object at a lower integrity level (no read down).
Biba * Integrity Axiom
a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).
Clark-Wilson
Focuses on integrity, uses a subject/program/object relationship, separation of duties.
Chinese Wall
information barrier implemented within a firm organization to prevent exchanges of information that could cause conflicts of interest.
Brewer and Nash
provide information security access controls that can change dynamically. This security model, also known as the Chinese wall model, was designed to provide controls that mitigate conflict of interest in commercial organizations, and is built upon an information flow model.
Graham Denning model
made up of subjects, objects and rights. Subjects can manipulate objects or other subjects based upon their rights. Create/Delete object, subject, read/grant/delete/transfer access right.
Process isolation
each process has its own memory space.
Common Criteria
assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use.
TCSEC and ITSEC
TCSEC focuses on confidentiality, ITSEC focuses on CIA triangle. TCSEC: A1, B3, B2, B1, C2, C1, ITSEC: E0-E6, F1-F10
Protection Profile
security requirements to be specified “I want”
Target of Evaluation
a vendor’s product.
Security Target
vendor’s claims of security “I will provide”
Security Requirements Profile
a document used as part of the certification process. a combination of threats, security objectives, assumptions, security functional requirements (SFRs), security assurance requirements (SARs) and rationales.
Crime Prevention through Environmental Design
a multi-disciplinary approach to deterring criminal behavior through environmental design. the ability to influence offender decisions that precede criminal acts.
Data Center/Server Room
physically secured room which houses servers and data storage devices. Located in core area of facility, not directly accessible from public areas, not located on top floors, on a different electrical grid from building.
Fault
Momentary loss of power
Blackout
Prolonged loss of power
Sag
sag/dip Momentary low voltage
Brownout
Prolonged low voltage
Static Electricity
an imbalance of electric charges within or on the surface of a material. The charge remains until it is able to move away by means of an electric current or electrical discharge.
Corrosion
the gradual destruction of materials (usually metals) by chemical reaction with its environment.
Smoke/fire detectors
heat, flame and smoke detectors. Ionization (smoke), Heat (rate of rise), Photoelectric (Smoke), Ultaviolet//Infared (flame).
Fire extinguisher classes
A : common comustibles, B: Liquids, C: Electrical, D: Metal, K: Kitchen Fires.
Turnstile
personnel entries, one at a time. Designed to prevent tailgating.
Gate
vehicular gates: Class I - residential, Class II - commercial, Class III - Industrial, Class IV - restricted access requiring security personnel (prison, airport)
Bollard
pillars placed to prevent vehicular access
Mantrap
a double-door single-person access control space, first door must close and lock prior to the second opening. Each door requires different form of authentication to open.
Pan/tilt/zoom
closed circuit television, change view of camera
Drill Frequency
how often procedures are practiced
Business continuity plan
Focuses on the business as a whole (everything), Identifies risks to time-critical business processes and functions. Ensures business operations continues in the event of an emergency or disruptive event. Includes disaster recovery plan and continuity of operations.
Disaster Recovery Plan
Focuses on short term fixes for IT oriented disruptions. Designed to minimize decision-making during disruptive events.
RTO
Recovery Time Objective - time required to restore business process before business impact becomes fatal.
Recovery Point Objective
how fresh does the data need to be. When last backed up.
Time Critical Business Process
process with the potential to degrade the ability to do business.
Maximum Tolerable Downtime
Nonessential: 30 days, Normal: 7 days, Important: 72 hours, Urgent: 24 hours, Critical: minutes to hours.
Hotsite
a offsite backup that can be operational in a few minutes or hours. Usually operational in a few seconds.
Coldsite
facility offsite that has no infrastructure in place, but can be operational in 1-2 weeks.
Warmsite
facility offsite that has some infrastructure in place, can be operation within 5 days.
Mobilesite
movable site that can be made operational within 3-5 days.
Crisis management planning
Provides effective coordination between managers int eh event of a disruptive event. Crisis communications plan, call trees, emergency operations center, vital records.
Damage Assessment Team
perform damage assessment as prescribed in the operations briefing and in accordance with the teams’ prioritized list of sites.
Recovery Management Team
Emergency Management Team, made up of senior executives, responsible for overall recover of organization, not concerned with day to day operations, responds to and assists with resolution of issues, spokesperson for organization to the media, decision maker on how to manage the business impacts of the event.
Backup Activation Team
Emergency Response Team: retrieve offsite records and recovery information from offsite storage, report to the alt site execute the business recovery procedures in prioritized order, communicate status, identify issues and establish shifts, identify replacement equipment/software needed for recovery.
Common Law
Criminal Law “protect people”, Civil Law (Tort Law) “wrongs inflicted on people or business
Patents
Good for 20 years, invention must be new, useful. Inventor granted exclusive rights during patent period. It is an intellectual property right granted by the Government of the United States of America to an inventor “to exclude others from making, using, offering for sale, or selling the invention throughout the United States or importing the invention into the United States” for a limited time in exchange for public disclosure of the invention when the patent is granted.
Trade Secrets
Intellectual property that is absolutely critical to a business. Protection is solely the responsibility of the business. Commonly protected by non-compete or non-disclosure agreements. Lasts forever or until it becomes public knowledge by legal means.
PCI DSS
Payment Card Industry Data Security Standards, sets the security standards for credit card companies.
Safe Harbor
allows US companies to pass data without prosecution as long as they comply with regulations. EU citizen personal data can not be transmitted, even with permission of the individual, outside the EU.
Negligence
opposite of due care. Can be legally found if the due care was not performed.
Legal Responsibility
requirements by law, legal obligation
Prudent Man Rule
directs trustees "to observe how men of prudence, discretion and intelligence manage their own affairs, not in regard to speculation, but in regard to the permanent disposition of their funds, considering the probable income, as well as the probable safety of the capital to be invested."
Evidence to be admissible
must be legally obtained to be considered in court of law.
Real Evidence
Physical evidence
Secondary Evidence
class of evidence common in cases involving computers. Consists of copies of original documents and oral descriptions. Computer generated logs and documents might also constitute secondary rather than best evidence; however, Rule 1001 of the US federal rules of evidence can allow readable reports of data contained on a computer to be considered original as opposed to secondary evidence.
Direct Evidence
is testimony provided by a witness regarding what the witness actually experienced with his or her five senses. Witnesses must have experienced what they are testifying to, rather than having gained the knowledge indirectly through another person (hearsay).
Chain of Custody
requires that once evidence is acquired, who, what, when , and where with regard to the handling of evidence must be fully documented. Initials and/or signatures on the chain of custody form indicate that the signers attest to the accuracy of the information concerning their role noted on the chain of custody form.
Recovery
means that they system must be recovered (e.g. reinstalled from OS media or image, dat restored from backups).
Detective
controls that alert during or after a successful attack. Intrusion detection systems alerting after a successful attack, closed circuit television cameras (CCTV) that alert guards to an intruder, and a building alarm system that is triggered by an intruder are all examples of detective controls.
Corrective
Work by correcting a damaged system or process. Works hand in hand with the detective controls.
Deterrent
deter users from performing actions on a system. Examples include a beware of dog sign. A thief facing two building, one with a guard dogs one without he breaks into the one without.
Fiduciary Responsibility
trust and confidence to manage and protect property and or money or assets of business to the consumer or shareholder.
Due Diligence
is the investigation of a business or person prior to signing a contract, or an act with a certain standard of care. It can be a legal oblication, but the term will more commonly apply to voluntary investigations.
Due Care
The conduct that a reasonable man or woman will exercise in a particular situation, in looking out for the safety of others.
Liability
describes the condition of being actually or potentially subject to a legal obligation.
Locard’s Principle
holds that the perpetrator of a crime will bring something into the crime scene and leave with something from it, and that both can be used as forensic evidence.
RAID
Redundant Array of Inexpensive Disks
RAID0
employs striping to increase the performance of read and write. Offers no data redundancy.
RAID1
mirrored set, write performance decreased, read performance increased, half disks are dedicated to redundancy, cost is high.
RAID2
is not considered commercially viable for hard disks and is not used.
RAID3
striped set with dedicated parity, data at they byte level is striped across multiple disks, an additional disk is leveraged for storage of parity information in the event of a failure.
RAID4
stripped set with dedicated parity at the block level just like level 3 but at block level.
RAID5
striped set with distributed parity, one of the most popular configurations, block level striping, parity is spread across multiple disks.
RAID6
stripped set with dual distributed parity, unlike raid 5, raid 6 allows for 2 disks to fail and still function. This redundancy is achieved by writing the same parity information to two different disks.
RAID10
is just raid0 and raid1 together. This makes it stripped and mirrored and encapsulated together.
Heisenberg Principle
principle where you cannot know both a particle's position and momentum with unlimited accuracy at the same time
Timing and Storage Covert Channels
the two types of covert channels The Orange book requires protection against
Change Control Process
One of the key security aspects of revision control and configuration management is the capability to track changes. If problems occur, administrators can examine the system in the context of the software and other installed components to see what might have caused the problem. The first step in creating these traces is to have a policy that mandates a formal change control procedure for all hardware and software systems. This policy should provide for written requests to perform system changes that can include a review for security. Using the policy as the base, the standards and procedures can be written to support the processes that log every change to any information component.
Hardware Change Control
Ideally, every time new hardware and configurations are added to the network, an entry is made to a change control system to track what has occurred. Considering that this is rarely the case, the best way to start this process is to use the risk analysis to determine the hardware inventory. With the hardware inventory, an effort should be made to place the configurations under change management control. Many organizations use the same procedures as software change management to track the changes of the configuration of the various systems. They realize that it is critical to maintain the configuration of firewalls, switches, and intrusion detection systems to ensure that someone does not change them to cover up her bad intentions. Hardware change control does not just keeping track of system and network components. Documentation should also be kept up-to-date on the network configuration, including information on where the network and telephone cables are located. Undocumented network segments might not be protected or can be used to support insider hacking capabilities. Additionally, you might want to document the various telecommunication access points into the network. Unknown and unprotected modems can be used by anyone with access to a telephone to gain access using the software on the user's desktop, which might not be properly configured to protect the network.
Software Change Control
Software change control can have a few components. The most common topic of change control is what is used to track software development. In this case, the change management system can be used to re-create software to a certain revision to roll back from changes that might have caused security concerns or bugs.
Problem management
process of tracking an event back to its root cause to discover and address the underlying cause
Archive bit
Used to mark a backup state - ALL data is backed up and saved - the archive bit is cleared; The differential does not change the archive bit value; an incremental backup changes the archive bit to ZERO

Backup methods

Full, Incremental (You need the last full and ALL subsiquent incremental), Differential (You need the last full and last differential)

Vulnerability Scanner
A process to discover poor configurations and missing patches in an environment (use a vulnerability scanner to determine vulnerabilities)
Port Scanner
A port scan is a method used by hackers to determine what ports are open or in use on a system or network. By using various tools a hacker can send data to TCP or UDP ports one at a time. Based on the response received the port scan utility can determine if that port is in use. Using this information the hacker can then focus their attack on the ports that are open and try to exploit any weaknesses to gain access.
Packet Sniffer
Packet sniffing is the act of capturing packets of data flowing across a computer network. The software or device used to do this is called a packet sniffer. Packet sniffing is to computer networks what wire tapping is to a telephone network. Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems with network communications. However, it is also widely used by hackers and crackers to gather information illegally about networks they intend to break into. Using a packet sniffer it is possible to capture data like passwords, IP addresses, protocols being used on the network and other information that will help the attacker infiltrate the network.
Conclusive Evidence
nonrefutable evidance aka.. the smoking gun
Backup Operations Team
Team that takes over the more routine operations of the processes while restoration proceedures are initated.
European Union Privacy
The 1995 Directive was established to provide a regulatory framework to guarantee secure and free movement of personal data across the national borders of the EU member countries, in addition to setting a baseline of security around personal information wherever it is stored, transmitted or processed.