Printed from www.StudyDroid.com

CISSP Memorize
chrgre

Front Back

Biometric Types and times


Palm Scan 2 – 3 sec 0% Hand Geometry 3 – 5 sec 0.1% Iris Scan 2 – 4 sec 0.5% Retina Scan 4 – 7 sec 1.5% Fingerprint 5 – 7 sec 5% Voice pattern 0 – 14 sec 8% Facial recognition 2 sec TBD Signature Dynamics 5 – 10 seconds TBD


ISO 17799


A – Information Security Policy B – Creation of security Infrastructure C – Asset classification and control. D – Personnel Security E – Physical and Environmental Security F – Communications and Operations Management G – Access Control H – System development and maintenance I  - Business Continuity and management J – Compliance


Steps of Classification


1 – Identify data custodian 2 – Specify the criteria 3 – Data owner must indicate classification of data 4 – Indicate the security controls 5 – Document any exceptions to classifications 6 – Indicate the methods that can be used to transfer custody of the information 7 – Indicate termination procedures 8 – Integrate these issues into the security awareness program


Risk Analysis


1 – Identify assets and assign value 2 – Perform a threat analysis 3 – Derive an overall loss potential per threat 4 – Develop remedial measures to counteract each threat


TCSEC - Orange Book


D – Minimal Protection      C – Discretionary protection C1 – Discretionary Security Protection C2 – Controlled Access Protection B – Mandatory Protection B1 – Labeled Security B2 – Structured Protection      B3 – Security Domains A – Verified Protection A1 – Verified Design


ITSEC – European


Functionality F1 – F5 – Mirror funtionality of orange book F6 – High integrity requirements – database F7 – High availability F8 – High integrity communication F9 – High Confidentiality F10 – High confidentiality and integrity for data networks Assurance E0 – Inadequate assurance E1 – General Description E2 – Configuration and process control E3 – Source code analysis E4 – Formal model of security policy E5 – Vulnerability analysis E6 – Formal Specifications


Common Criteria


Maintained by ISO (international organization for standardization International 2nd attempt Evaluation assurance level applied to product rather than system EAL1 – Functionally tested EAL2 – Structurally tested EAL3 – Methodically tested and checked EAL4 – Methodically designed, tested and checked EAL5 – Semi-formally designed and tested EAL6 – Semi-formally verified, designed, and tested EAL7 – Formally verified, designed and tested


Contingency Planning


Initiate Project Perform BIA Create Strategy Create plan Implement Test     Maintain


Evidence Life Cycle


Collection and identification Storage, preservation, and transportation Presentation in court Return to victim or owner


Computer Intrusion Handling


Detect, evaluate, notify, contain, eradicate


ISC2 Canons


Protect society, the commonwealth, and the infrastructure Act honorably, honestly, justly, responsibly, and legally Provide diligent and competent service to principals advance and protect the profession


ISC2 Code of Ethics, conflicts


should be resolved in duty to public safety, principles, individuals, profession


Change Management -


1 – request a change 2 – approve a change 3 – document a change 4 – test a change 5 – implement a change 6 – report a change to management


OSI


Physical
Datalink layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer



Physical Layer


handles transmissions across the physical media – Repeaters.  SONET


Data Link Layer


Connects the physical part of the network (cables) with abstract part (packets) – Bridge.  Two sub-layers: Logical Link Control (LLC – 802.2) provides a standar intergace for whatever network protocol is being used and Media Access Control layer (802.3).  how to address physical devices on the network


Network Layer


handles interactions with the network address scheme and connectivity over multiple network segments – Routers, IPSec, advanced Bridge, IPX, PPP protocol


Transport Layer


actually interacts with your information and prepares it to be transmitted across the network.  Provides end-to-end data transmissions between systems


Session Layer


Handles the establishment and maintenance of connections between system.  Allows software on two different systems to communicate


Presentation Layer


makes sure data sent from one side to of the connectio is received in a format that is useful to the other side


Application layer


interacts with the application to determine which network service will be required – Software gateways


TCP/IP Architecture Model


Application Layer Transport Layer Internet Layer Link Layer


Electronic Code Book


Native mode of DES, Block Cipher, Applied to 64-bit blocks of plaintext and produces corresponding 64-bit blocks of ciphertext - vulnerable to frequency analysis


Cipher Block Chaining


Operates with plaintext blocks of 64 bits, randomly generated 64-bit initialization vector is xored with the first block of plaintext, used to disguise the first part of the message that may be predictable, result encrypted using the DES key


Cipher Feedback


Stream Cipher, Ciphertext is used as feedback into the key generatiosn source to develop the next key stream, ciphertext generated by performing an xor or the plaintext with the key stream, ciphertext has the same number of bits as the plaintext, errors will propagate


Output Feedback


Stream cipher that generates the ciphertext key by xoring the plaintext witha key stream, feedback is used to generate the key stream, therefore the key stream varies, initializatio vector is required in OFB


Counter Mode


64-bit random number, different counter for every block of text (subsequent block incremented by 1) - Used by ATM and IPSEC


Known Plaintext


Portions of plaintext and corresponding portions of ciphertext are known


Ciphertext Only


Portion of Ciphertext is known


Chosen Plaintext


Plaintext inserted into device with unknown secret key and corresponding ciphertext is generated


Adaptive chose plaintext


chose plaintext attack with iterations of input is based on knowledge of output


Chosen Ciphertext


With a portion of ciphertext, attempt to obtain corresponding plaintext - goal is to recover one or more plantext messages or the key used to encrypt


Adaptive chose ciphertext


Chosen ciphertext attack with iterations dependent upon previous results - mainly used against public key ciphers


Chosen key attack


knows something about specific relationships between the keys.  Does not chose the key


DES


Symmetric, confidentiality, 64 bit block, 56 bit key


RC4


Symmetric, confidentiality, 128 bit, international


RC5


Symmetric, confintiality, 32/64/128 but block/var block


IDEA


Symmetric, confidentiality,international, 128 bit key, 64 blk


AES


Symmetric, confidentiality, rijndael - 128, 192, 256 bit


Secure Key Distribution Channel


Diffie-Hellman Key Exchange Asymmetric Encryption Pre-Shared Secret


RSA


asymmetric, factor large # into Primes


El Gamal


asymmetric, discrete logarithm finite fields


ECC


asymmetric, discrete logarithm elliptic curves


LUC


turned into DEA


HASH


HMAC - hash MD2 – 128 bit MD4 - hash MD5 - hash RIPEMD-160 – hash 160 it SHA – 160 bit Haval – hash, var length output


non-repudiation


hashing and asymmetric