Printed from

CISSP Memorize

Front Back

Biometric Types and times

Palm Scan 2 – 3 sec 0% Hand Geometry 3 – 5 sec 0.1% Iris Scan 2 – 4 sec 0.5% Retina Scan 4 – 7 sec 1.5% Fingerprint 5 – 7 sec 5% Voice pattern 0 – 14 sec 8% Facial recognition 2 sec TBD Signature Dynamics 5 – 10 seconds TBD

ISO 17799

A – Information Security Policy B – Creation of security Infrastructure C – Asset classification and control. D – Personnel Security E – Physical and Environmental Security F – Communications and Operations Management G – Access Control H – System development and maintenance I  - Business Continuity and management J – Compliance

Steps of Classification

1 – Identify data custodian 2 – Specify the criteria 3 – Data owner must indicate classification of data 4 – Indicate the security controls 5 – Document any exceptions to classifications 6 – Indicate the methods that can be used to transfer custody of the information 7 – Indicate termination procedures 8 – Integrate these issues into the security awareness program

Risk Analysis

1 – Identify assets and assign value 2 – Perform a threat analysis 3 – Derive an overall loss potential per threat 4 – Develop remedial measures to counteract each threat

TCSEC - Orange Book

D – Minimal Protection      C – Discretionary protection C1 – Discretionary Security Protection C2 – Controlled Access Protection B – Mandatory Protection B1 – Labeled Security B2 – Structured Protection      B3 – Security Domains A – Verified Protection A1 – Verified Design

ITSEC – European

Functionality F1 – F5 – Mirror funtionality of orange book F6 – High integrity requirements – database F7 – High availability F8 – High integrity communication F9 – High Confidentiality F10 – High confidentiality and integrity for data networks Assurance E0 – Inadequate assurance E1 – General Description E2 – Configuration and process control E3 – Source code analysis E4 – Formal model of security policy E5 – Vulnerability analysis E6 – Formal Specifications

Common Criteria

Maintained by ISO (international organization for standardization International 2nd attempt Evaluation assurance level applied to product rather than system EAL1 – Functionally tested EAL2 – Structurally tested EAL3 – Methodically tested and checked EAL4 – Methodically designed, tested and checked EAL5 – Semi-formally designed and tested EAL6 – Semi-formally verified, designed, and tested EAL7 – Formally verified, designed and tested

Contingency Planning

Initiate Project Perform BIA Create Strategy Create plan Implement Test     Maintain

Evidence Life Cycle

Collection and identification Storage, preservation, and transportation Presentation in court Return to victim or owner

Computer Intrusion Handling

Detect, evaluate, notify, contain, eradicate

ISC2 Canons

Protect society, the commonwealth, and the infrastructure Act honorably, honestly, justly, responsibly, and legally Provide diligent and competent service to principals advance and protect the profession

ISC2 Code of Ethics, conflicts

should be resolved in duty to public safety, principles, individuals, profession

Change Management -

1 – request a change 2 – approve a change 3 – document a change 4 – test a change 5 – implement a change 6 – report a change to management


Datalink layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer

Physical Layer

handles transmissions across the physical media – Repeaters.  SONET

Data Link Layer

Connects the physical part of the network (cables) with abstract part (packets) – Bridge.  Two sub-layers: Logical Link Control (LLC – 802.2) provides a standar intergace for whatever network protocol is being used and Media Access Control layer (802.3).  how to address physical devices on the network

Network Layer

handles interactions with the network address scheme and connectivity over multiple network segments – Routers, IPSec, advanced Bridge, IPX, PPP protocol

Transport Layer

actually interacts with your information and prepares it to be transmitted across the network.  Provides end-to-end data transmissions between systems

Session Layer

Handles the establishment and maintenance of connections between system.  Allows software on two different systems to communicate

Presentation Layer

makes sure data sent from one side to of the connectio is received in a format that is useful to the other side

Application layer

interacts with the application to determine which network service will be required – Software gateways

TCP/IP Architecture Model

Application Layer Transport Layer Internet Layer Link Layer

Electronic Code Book

Native mode of DES, Block Cipher, Applied to 64-bit blocks of plaintext and produces corresponding 64-bit blocks of ciphertext - vulnerable to frequency analysis

Cipher Block Chaining

Operates with plaintext blocks of 64 bits, randomly generated 64-bit initialization vector is xored with the first block of plaintext, used to disguise the first part of the message that may be predictable, result encrypted using the DES key

Cipher Feedback

Stream Cipher, Ciphertext is used as feedback into the key generatiosn source to develop the next key stream, ciphertext generated by performing an xor or the plaintext with the key stream, ciphertext has the same number of bits as the plaintext, errors will propagate

Output Feedback

Stream cipher that generates the ciphertext key by xoring the plaintext witha key stream, feedback is used to generate the key stream, therefore the key stream varies, initializatio vector is required in OFB

Counter Mode

64-bit random number, different counter for every block of text (subsequent block incremented by 1) - Used by ATM and IPSEC

Known Plaintext

Portions of plaintext and corresponding portions of ciphertext are known

Ciphertext Only

Portion of Ciphertext is known

Chosen Plaintext

Plaintext inserted into device with unknown secret key and corresponding ciphertext is generated

Adaptive chose plaintext

chose plaintext attack with iterations of input is based on knowledge of output

Chosen Ciphertext

With a portion of ciphertext, attempt to obtain corresponding plaintext - goal is to recover one or more plantext messages or the key used to encrypt

Adaptive chose ciphertext

Chosen ciphertext attack with iterations dependent upon previous results - mainly used against public key ciphers

Chosen key attack

knows something about specific relationships between the keys.  Does not chose the key


Symmetric, confidentiality, 64 bit block, 56 bit key


Symmetric, confidentiality, 128 bit, international


Symmetric, confintiality, 32/64/128 but block/var block


Symmetric, confidentiality,international, 128 bit key, 64 blk


Symmetric, confidentiality, rijndael - 128, 192, 256 bit

Secure Key Distribution Channel

Diffie-Hellman Key Exchange Asymmetric Encryption Pre-Shared Secret


asymmetric, factor large # into Primes

El Gamal

asymmetric, discrete logarithm finite fields


asymmetric, discrete logarithm elliptic curves


turned into DEA


HMAC - hash MD2 – 128 bit MD4 - hash MD5 - hash RIPEMD-160 – hash 160 it SHA – 160 bit Haval – hash, var length output


hashing and asymmetric