Академический Документы
Профессиональный Документы
Культура Документы
Below are some keywords (not in any particular order) that IMHO are important concepts that you need to
understand for the exam (+ some good to know security stuff). You can find details on each of these topics by doing
simple online research. This is definitely not acomprehensive guide but rather a starting point. While you are
doing your preparation, create a similar keywords list for yourself.
These are my personal notes (and my own understanding of the different topics) which I have gathered from reading
through different resources. You are more than welcome to share these notes.
CIA Tried is the core principle behind Information Security. Everything else in Information Security are simply details which
always refer back to one or more of CIA principles.
Confidentiality: prevents disclosure.
Integrity: prevents alteration.
Availability: prevents destruction
Cryptography:
There are several Symmetric (same key, also known as secret key,) and Asymmetric (different keys, also known as public
key) algorithms that provide confidentiality from the CIA Tried perspective. The Symmetric algorithms that are needed for
the exam are:
2Fish
3DES
AES
BlowFish
CAST
DES
IDEA
Rajindael
RCx
Serpent
Diffie Hellman provides key exchange, lacks authentication, was the first Asymmetric algorithm
El Gamal
Elliptic Curve
Knapsack
o DSS Digital Signature Standar
o DSA Digital Signature Algorithm
RSA
When your goal is to achieve confidentiality, you encrypt message with recipients public key. However, if you want to
maintain integrity, you encrypt message with your private key because your goal is authenticity and not confidentiality.
Symmetric + Integrity = Message Authentication Code (MAC)
Asymmetric + Integrity = Digital Signature
MAC: Four types:
1.
2.
3.
4.
Hash Function
Stream Cipher
Block Cipher
Unconditionally Secure
Hashing: algorithms provide data integrity only. When a hash algorithm is applied to a message, it produces a Message
Digest and this value is signed with senders private key to produce Digital Signature.
Digital Signature: provides integrity with MD5 and/or SHA algorithm and accountability because of public/private key
pairs; provides integrity, authentication, and non-repudiation.
Access LifeCycle:
Access Control:
Subjects sensitivity label must be equal to or greater than the objects sensitivity label in order for subject to have read
access to it. It would have to dominate the objects sensitivity label.
In order for a subject to have write access to an object, subjects sensitivity label must be dominated by the objects
sensitivity bale.
Identification: One to Many Authentication One to One
Mandatory Access Control: based on security labels which indicate clearance and classification of objects. Lattic
Based: type of MAC, least upper and greatest lower bounds.
Discretionary Access Control: Uses Access Control List, identify based, controlled access protection.Rights are
determined by many different entities, set by owner; identify-based.
Non-Discretionary: central authority determines access rights; role based.
Dedicated Security: Single state.
System High Security: Have the clearance and have the need to know.
Compartmented Security: Have the clearance but not the need to know.
Multilevel Security Mode: Controlled security mode; multiple state, mandatory.
Clark-Wilsion Model: Similar to a change control board in an organization. Well-formed transactions, prevents collusion
(working together to do something bad), constrained data items, integrity verification procedures, transformation
procedures. Access triples 3 rules:
1. Prevents unauthorized users from making modifications.
2. Prevents authorized users from making improper modifications.
3. Maintains internal and external consistency.
Take-Grant Model: consists of a set of states and state transactions. A directed graph shows the connections between
the nodes of the system. Theses nodes are representatives of the subjects or objects of the model.
Non-Interference: Users actions in one domain cannot affect with other users.Strictly separates differing security levels
to assure that higher level actions do not determine what lower level users can see.
Information Flow: Similar to Bell LaPadula, it controls how information may flow between objects based on security
classes. Information will be allowed to flow only in accordance with security policy.
Access Control Matrix Model: Straight forward approach provides access rights to subjects for objects, two
dimensional. Capability is in rows ACL column in the matrix. ACL is applied to objects Capability is applied to
subjects.
Brewer and Nash (Chinese Wall): Mathematical theory, dynamically changing, prevents conflict of interest and
fraudulent modifications.
Protection Domain: goal is to protect programs from all unauthorized modification or interference.
Security Perimeter: is the boundary that separates the trusted computing base from the remainder of the system.
Category Set = Compartment Set
Physical:
High Humidity: >60% = corrosion
Low Humidity: <40% = static electricity
Fire Classes:
A = Common combustibles
B = Liquids
C = Electrical
D = Metals
Soda Acid: suppresses fule supply of the fire
Carbon Dioxide: removes oxygen from the fire
Bus
Ring
Star
Meshed
LAN transmission methods refer to the way packets are sent on the network are:
Unicast
Multicast
Broadcast
LAN transmission protocols are the rules for communicating between computers on a LAN. Common LAN transmission
protocols are:
CSMA/CD
Polling
Token-Passing
LAN media access methods controls the use of a network (physical and data link layers). They can be:
Ethernet
ARCnet
Token Ring
FDDI
IPSec: Internet Protocol Security usually used for VPN; secure channel 2 servers, 2 routers, a workstation and a server;
or 2 gateways between different networks. Two modes: Transport and Tunnel:
o
o
Aggregation: Obtaining information of a higher sensitivity by combining information from low level sensitivity.
High Cohesive: Working independently; with little or no help.
Low Cohesive: Need help from others.
High Coupling: Measurements of interaction between objects.
Low Coupling: Less interaction; provides better software design.
Relational Database Model: Data structures called tables or relations, integrity rules on allowable values and value
combinations in the tables, operators on the data in the tables.
ACID:
o
o
o
o
Peril Policy: covers what is named included in the policy. Good choice for those whose business is located in an area
frequently hit by disasters.
All Risk/Comprehensive/Open Peril Policy: covers your business from damages caused by any type of disaster with the
exception of those specifically excluded in the policy.
SDLC:
Corroborative: Supporting evidence used to help prove an idea or point; used as supplementary tool to help prove a
primary piece of evidence
Hearsay 3rd Party: Oral or written evidence that is presented in court that is second hand and no first hand proof of
accuracy or reliability. Usually not admissible in court; computer generated records
TEMPEST: U.S. government established program that addressed the problem of Radio Frequency Signals generated by
computers. This required shielding and other emanation, reducing mechanism to be employed
Output Control: for verifying the integrity and protecting the confidentiality of an output
System Reboot: performed after shutting down the system in a controlled manner in response to a TCB failure
Emergency System Reboot: is done after a system fails in an uncontrolled manner but consistency can be brought back
automatically to the system
System Cold Start: takes place when unexpected TCB or media failures take place and the recovery procedures cannot
bring the system to a consistent state. Intervention of administrative personnel is required to bring the system to a
consistent state from maintenance state/mode
Incremental BackUp: is the fastest on daily bases; only copies files that have been recently changed or added. Backups
addresses Integrity, Recovery, and Availability
Similar to Secure Shell, Secure Socket Layer (SSL) uses Symmetric encryption for encrypting the bulk of the data being
sent over the session and it uses Asymmetric or Public Key key cryptography for peer authentication
Transport layer sets up communication between computer systems; while the session layer sets up connections between
applications
Critical Survey: is implemented through a standard questionnaire to gather input form the most knowledgeable people
not all personnel that is going to be part of the recovery team
Spoofing Attack: when an attempt is made to gain access to a computer system by posing as an authorized user a
system
Spamming: refers to sending out or posting junk advertising and unsolicited mail
Smurf Attack: is a type of DoS attack using ping and spoofed address
Sniffing: refers to observing packets passing on a network
Multiprocessing: more than one CPU
Multitasking: simultaneous execution of 2 or more programs. Both launched but only one in running state
Multiprogramming: interleaved execution of two or more programs by CPU. Several programs run at the same time on a
uni-processor. Operating system executes part of one program, then part of another. To the user it appears that all
programs are executing at the same time
Ring 0: Operating System Kernel
SQL Injection (SQLi): a subset of the unverified and unsanitized user input vulnerability. SourceRef.
o
Directory Traversal (directory climbing, backtracking): form of HTTP exploit in which a hacker uses the software on a
Web server to access data in a directory other than the servers root directory. If the attempt is successful, the hacker can
view restricted files or even execute commands on the server. It is commonly performed using Web browsers. Any server
in which input data from Web browser is not validated is vulnerable to this type of attack. Source Ref.
Cross-Site Request Forgery: Basically, an attacker will use CSRF to trick a victim into accessing a website or clicking a
URL link that contains malicious or unauthorized requests.
Watering Hole: threat actors compromise a carefully selected website by inserting an exploit resulting in malware
infection
False Positives (vulnerability scanning): when vulnerability is identified by the scanner but in actuality does not exist.
False Negatives (vulnerability scanning): scanner does not identify vulnerabilities that in fact exist in the environment.
HTTP Methods
GET
The GET method is used to retrieve information from the given server
using a given URI. Requests using GET should only retrieve data and
should have no other effect on the data.
HEAD
Same as GET, but only transfer the status line and header section.
POST
PUT
DELETE
CONNECT
OPTIONS
TRACE
DNS (Domain Name Services): Holds mapping of IP addresses with website names. When you attempt to access a
website, your system first checks if the name to IP address mapping is cached in your browser (from a previous visit). If
not, the next place it will check will be your systems local cache. If it does not find it there, then it will reach out to your ISP
DNS server. If the mapping information is not there either, then the ISP DNS server will reach out to authoritative
nameserver of your request.
Common DNS Records:
o
o
o
o
o
o
o
o
o
Packet Flags:
o
o
o
o
o
o
URG Urgent: It states that the data contained in the packet should be processed immediately.
ACK Acknowledge: Used to acknowledge the receipt of a packet.
PSH Push: Used to instruct the sending system to send all buffered data immediately.
SYN Synchronize: Used to initiate a connection between hosts.
FIN Finish: It tells the remote system that there will be no more transmission.
RST Reset: Used to reset a connection.
Spot Base64: [A-Z, a-z, 0-9, and + /] If needed [=] used for padding.
Spot MD5 : [a-f, 0-9] total of 32 characters