by chrgre

Bookmark and Share

Front Back
Biometric Types and times
Palm Scan 2 – 3 sec 0% Hand Geometry 3 – 5 sec 0.1% Iris Scan 2 – 4 sec 0.5% Retina Scan 4 – 7 sec 1.5% Fingerprint 5 – 7 sec 5% Voice pattern 0 – 14 sec 8% Facial recognition 2 sec TBD Signature Dynamics 5 – 10 seconds TBD
ISO 17799
A – Information Security Policy B – Creation of security Infrastructure C – Asset classification and control. D – Personnel Security E – Physical and Environmental Security F – Communications and Operations Management G – Access Control H – System development and maintenance I  - Business Continuity and management J – Compliance
Steps of Classification
1 – Identify data custodian 2 – Specify the criteria 3 – Data owner must indicate classification of data 4 – Indicate the security controls 5 – Document any exceptions to classifications 6 – Indicate the methods that can be used to transfer custody of the information 7 – Indicate termination procedures 8 – Integrate these issues into the security awareness program
Risk Analysis
1 – Identify assets and assign value 2 – Perform a threat analysis 3 – Derive an overall loss potential per threat 4 – Develop remedial measures to counteract each threat
TCSEC - Orange Book
D – Minimal Protection      C – Discretionary protection C1 – Discretionary Security Protection C2 – Controlled Access Protection B – Mandatory Protection B1 – Labeled Security B2 – Structured Protection      B3 – Security Domains A – Verified Protection A1 – Verified Design
ITSEC – European
Functionality F1 – F5 – Mirror funtionality of orange book F6 – High integrity requirements – database F7 – High availability F8 – High integrity communication F9 – High Confidentiality F10 – High confidentiality and integrity for data networks Assurance E0 – Inadequate assurance E1 – General Description E2 – Configuration and process control E3 – Source code analysis E4 – Formal model of security policy E5 – Vulnerability analysis E6 – Formal Specifications
Common Criteria
Maintained by ISO (international organization for standardization International 2nd attempt Evaluation assurance level applied to product rather than system EAL1 – Functionally tested EAL2 – Structurally tested EAL3 – Methodically tested and checked EAL4 – Methodically designed, tested and checked EAL5 – Semi-formally designed and tested EAL6 – Semi-formally verified, designed, and tested EAL7 – Formally verified, designed and tested
Contingency Planning
Initiate Project Perform BIA Create Strategy Create plan Implement Test     Maintain
Evidence Life Cycle
Collection and identification Storage, preservation, and transportation Presentation in court Return to victim or owner
Computer Intrusion Handling
Detect, evaluate, notify, contain, eradicate
ISC2 Canons
Protect society, the commonwealth, and the infrastructure Act honorably, honestly, justly, responsibly, and legally Provide diligent and competent service to principals advance and protect the profession
ISC2 Code of Ethics, conflicts
should be resolved in duty to public safety, principles, individuals, profession
Change Management -
1 – request a change 2 – approve a change 3 – document a change 4 – test a change 5 – implement a change 6 – report a change to management
Datalink layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer
Physical Layer
handles transmissions across the physical media – Repeaters.  SONET
Data Link Layer
Connects the physical part of the network (cables) with abstract part (packets) – Bridge.  Two sub-layers: Logical Link Control (LLC – 802.2) provides a standar intergace for whatever network protocol is being used and Media Access Control layer (802.3).  how to address physical devices on the network
Network Layer
handles interactions with the network address scheme and connectivity over multiple network segments – Routers, IPSec, advanced Bridge, IPX, PPP protocol
Transport Layer
actually interacts with your information and prepares it to be transmitted across the network.  Provides end-to-end data transmissions between systems
Session Layer
Handles the establishment and maintenance of connections between system.  Allows software on two different systems to communicate
Presentation Layer
makes sure data sent from one side to of the connectio is received in a format that is useful to the other side
Application layer
interacts with the application to determine which network service will be required – Software gateways
TCP/IP Architecture Model
Application Layer Transport Layer Internet Layer Link Layer
Electronic Code Book
Native mode of DES, Block Cipher, Applied to 64-bit blocks of plaintext and produces corresponding 64-bit blocks of ciphertext - vulnerable to frequency analysis
Cipher Block Chaining
Operates with plaintext blocks of 64 bits, randomly generated 64-bit initialization vector is xored with the first block of plaintext, used to disguise the first part of the message that may be predictable, result encrypted using the DES key
Cipher Feedback
Stream Cipher, Ciphertext is used as feedback into the key generatiosn source to develop the next key stream, ciphertext generated by performing an xor or the plaintext with the key stream, ciphertext has the same number of bits as the plaintext, errors will propagate
Output Feedback
Stream cipher that generates the ciphertext key by xoring the plaintext witha key stream, feedback is used to generate the key stream, therefore the key stream varies, initializatio vector is required in OFB
Counter Mode
64-bit random number, different counter for every block of text (subsequent block incremented by 1) - Used by ATM and IPSEC
Known Plaintext
Portions of plaintext and corresponding portions of ciphertext are known
Ciphertext Only
Portion of Ciphertext is known
Chosen Plaintext
Plaintext inserted into device with unknown secret key and corresponding ciphertext is generated
Adaptive chose plaintext
chose plaintext attack with iterations of input is based on knowledge of output
Chosen Ciphertext
With a portion of ciphertext, attempt to obtain corresponding plaintext - goal is to recover one or more plantext messages or the key used to encrypt
Adaptive chose ciphertext
Chosen ciphertext attack with iterations dependent upon previous results - mainly used against public key ciphers
Chosen key attack
knows something about specific relationships between the keys.  Does not chose the key
Symmetric, confidentiality, 64 bit block, 56 bit key
Symmetric, confidentiality, 128 bit, international
Symmetric, confintiality, 32/64/128 but block/var block
Symmetric, confidentiality,international, 128 bit key, 64 blk
Symmetric, confidentiality, rijndael - 128, 192, 256 bit
Secure Key Distribution Channel
Diffie-Hellman Key Exchange Asymmetric Encryption Pre-Shared Secret
asymmetric, factor large # into Primes
El Gamal
asymmetric, discrete logarithm finite fields
asymmetric, discrete logarithm elliptic curves
turned into DEA
HMAC - hash MD2 – 128 bit MD4 - hash MD5 - hash RIPEMD-160 – hash 160 it SHA – 160 bit Haval – hash, var length output
hashing and asymmetric
x of y cards