Security + Chapter 5
chroot
A Linux command used to change the root directory of an application (often used for sandboxing).
Hardware root of trust
A TPM comes with a unique RSA private key burned into it, which is used for asymmetric encryption. This private key is matched with a public key and provides a _______, or a known secure starting point.
Mandatory Access Control (MAC)
A Trusted Operating System (TOS) typically uses the _______ model.
Trusted Operating System (TOS) / Authentication and Authorization
A _______ OS meets a set of predetermined requirements (such as the Common Criteria for IT Security Evaluation), and has a heavy emphasis on _______ and _______.
Virtual Desktop Infrastructure (VDI)
A _______ can be deployed to give mobile device users access to any applications installed on their desktop.
Community
A _______ cloud deployment would be used by groups of people with shared concerns such as goals, security requirements, or compliance considerations.
Trusted Platform Module (TPM)
A _______ is a hardware chip on the motherboard that stores cryptographic keys used to encrypt the hard drive.
Hardware Security Module (HSM)
A _______ is a security device you can add to a system (expansion card or external) to manage, generate, and securely store cryptographic keys.
Master image / integrity
A _______ provides a secure a starting point for systems, and administrators sometimes create them with templates or other tools to create a secure baseline. Then they use _______ measurements to discover when a system deviates from the baseline.
Storage Segmentation
A method used to isolate data on mobile devices that allows personal data to be stored in one location and encrypted corporate data to be stored elsewhere.
Least functionality
A principle associated with secure systems design that states that systems should be deployed with only the apps, services, and protocols they need to meet their purpose.
Electro magnetic pulse (EMP)
A short burst of electromagnetic energy from sources such as electrostatic discharge, lightning, military weapons, etc.
Cloud Access Security Broker (CASB)
A software tool or service deployed between an organization's network and the cloud provider which monitors all network traffic and can enforce security policies (such as ensuring all data in the cloud storage is encrypted).
Wi-Fi Direct
A standard for connecting Wi-Fi devices directly together without a router or access point, but instead uses single hop radio communication (which does not allow Internet connection sharing)
Database column encryption
A type of encryption that encrypts and protects individual fields within a database
Hardware Security Module (HSM)
A(n) _______ generates and stores RSA encryption keys and can be integrated with servers to provide hardware-based encryption.
Self-encrypting Drive
A(n) _______ includes the hardware and software to encrypt all data on the drive and securely store the encryption keys.
Access violation
A(n) _______ occurs if a user accesses data they are not supposed to access.
Industrial Control Systems (ICS) / Supervisory Control And Data Acquisition (SCADA)
A(n) _______ typically refers to systems within large facilities such as water treatment facilities and is controlled by a(n) _______.
Security templates / Group Policy
Administrators use automation on Microsoft domains by modifying/using _______ created by Microsoft and also use _______ to automatically check and configure systems.
System on a Chip (SoC)
An integrated circuit that includes all the functionality of a computing system within the hardware and typically includes an application contained in onboard memory.
GNU Privacy Guard (GPG)
An open-source version of PGP; a command line tool used for encrypting and decrypting files and e-mail messages; supported by Linux.
Real-Time Operating System (RTOS) / Embedded Systems
An operating system that reacts to input within a specified time. Many _______ include this type of operating system.
On-Premises
An organization is using _______ services if all computing resources are owned, operated, and maintained within the organization's buildings.
Hosted
An organization is using _______ services if it is renting access to resources from a specific organization.
Embedded System
Any device that has a dedicated function and uses a computer system to perform that function, such as a wireless printer running a website to allow printer configuration.
Hardware controls
Disabling cameras, microphones, USB cables, etc. are examples of _______.
Self-managed / software / updates and patches
IaaS is sometimes called a _______ solution. The infrastructure provider provides access to a server with a default operating system installation, but customers must configure it and install additional _______ based on their needs. Customers are also responsible for all operating system _______ and _______.
By removing the hard drive and putting it into another system as an extra drive, logging on as administrator and taking ownership of the files.
If a thief stole a laptop with NTFS protected files how could they access the files?
Bring Your Own Device (BYOD)
In which mobile device deployment model does the employee bring their own device to attach to the network?
Choose Your Own Device (CYOD)
In which mobile device deployment model does the organization create a list of acceptable devices that the employee can purchase to use as a work device?
Corporate owned
In which mobile device deployment model does the organization purchase devices and issue them to employees?
Corporately Owned Personally Enabled
In which mobile device deployment model does the organization purchase the mobile device but the employee is free to use the device as if it was their personal device?
Hardware Security Module (HSM) / The TPM comes with the motherboard, but the HSM is installed later and can be removed.
Just like a TPM, a _______ can provide a hardware root of trust, secure boot, and can be configured for remote attestation. What is the difference between the two?
Unified Extensible Firmware Interface (UEFI)
Replacement for BIOS as the software interface between OS and Hardware. It enables the computer to boot from larger disk sizes.
BIOS / firmware
The _______ includes software that provides a computer with basic instructions on how to start. It runs basic checks, locates the OS, and starts. It is also known as _______ because it contains a hardware chip with software loaded on it.
Security patches
The challenge with embedded systems is keeping them up-to-date with _______.
Data Exfiltration
The unauthorized transfer of data outside an organization
Remote atteststation
Trusted Platform Module (TPM) supports _______, which is a process that checks boot files by sending them to a remote system that verifies the files are the same and confirms that the system is safe.
Secure boot
Trusted Platform Module (TPM) supports _______, which is a process that checks the files against the stored signatures to ensure they haven't changed. If it detects changes it blocks the boot process to protect the data on the drive.
chmod 760 success.exe
What Linux command would be typed to assign the following permissions to the file called success.exe? Owner: RWX, Group: RW, and Others: no permissions.
Cellular, Wi-Fi, Bluetooth, satcom, NFC, ANT, Infrared, USB
What are the different connection methods that mobile devices can use to connect to networks and other devices?
Public, Private, Community, and Hybrid
What are the four cloud deployment models?
Development, Testing, Staging, and Production
What are the four environments included in a Secure Staging Environment
Read, write, execute
What are the three basic Linux permissions?
Owner, Group, Others
What are the three primary entities that you can assign permissions to within Linux?
1. Initial baseline configuration. 2. Integrity measurements for baseline deviation. 3. Remediation
What are the three steps related to secure baselines?
SMS and MMS both send text in plaintext, allowing the info to be intercepted and read by others. The second risk only applies to MMS, and allows attackers to send an MMS message to a phone number to gain remote code execution privileges on the phone.
What are the two primary risks with text messaging (SMS and MMS)?
Data Loss Prevention (DLP)
What security principle would call for blocking the use of USB devices, monitoring outgoing email to detect and blocking unauthorized data transfers, and monitoring data stored in the cloud?
- (dash)
What will show up in the permissions display if one of the Linux permissions is not assigned?
Owner
Which Linux permissions entity is typically granted all permissions for the file or directory?
Execute=1, Write=2, Read=4
Which Linux permissions represented by the number 1, 2, and 4?
Modify
Which windows file/folder permission gives a user read, execute, right, and delete capabilities?
Infrastructure as a Service (IaaS) / hardware
_______ allows an organization to outsource its equipment requirements, including the hardware and all support operations. The service provider owns the equipment, houses it in its data center, and performs all the required _______ maintenance. The customer rents access to the equipment and often pays on a per-use basis.
Ad hoc
_______ allows devices to connect together without a wireless access point or router, but instead uses multihop radio communication (which does allow Internet connection sharing)
Tethering
_______ allows the user to share one devices Internet connection with other devices.
ANT and ANT+
_______ and _______ are proprietary wireless protocols used by some mobile devices, typically to collect data from sports and fitness sensors and medical sensors.
Containerization
_______ can be implemented in mobile devices by running an application in an isolated, protected and encrypted workspace, which removes the need to encrypt the entire device.
Live Boot Media
_______ can be used to create a non-persistent operating system on a computer using a CD or bootable USB drive.
Electromagnetic interference ( EMI)
_______ comes from sources such as motors, powerlines, and fluorescent lights and it can interfere with signals transmitted over wires.
Change Management / accounting
_______ defines the process for any type of system/app modifications to ensure changes to IT systems do not result in outages and to provide an _______ structure or method to document all changes.
Patch Management
_______ ensures that systems and apps stay up-to-date with current software fixes to reduce vulnerabilities and protect systems.
Software as a Service (SaaS) / web-based email
_______ includes any software or application provided to users over a network such as the Internet and is accessed through a web browser. An example is _______.
Mobile Device Management (MDM)
_______ is a group of applications/technology is used to manage and monitor mobile devices to ensure they are in compliance with security policies.
Hardening
_______ is making an OS or app more secure from its default installation, which helps to eliminate vulnerabilities from default configurations, misconfigurations, and weak configurations.
Sideloading
_______ is the process of copying an application package in the Application Packet Kit (APK) format to the device and then activating it (instead of installing it from an online store).
Jailbreaking
_______ is the process of making unauthorized modifications to OSs and bypassing the DRM restrictions on Apple iPhones and iPads in order to run unapproved apps.
Rooting
_______ is the process of modifying an android device to give the user full admin level access to the device
Sandboxing
_______ is the use of an isolated area on a system for testing apps, security controls, configuration changes, etc.
Geofencing
_______ is using GPS to create a virtual geographic boundary so that applications will allow or disallow certain things when an employee is inside or outside of the boundary.
Platform as a Service (PaaS) / managed hardware
_______ provides customers with a pre-configured computing platform they can use as needed, such as an operating system combined with appropriate applications and on-demand computing. This is sometimes called a _______ solution.
Cloud Computing
_______ refers to accessing computing resources from a different location than your local computer (usually through the Internet).
Integrity Measurement
_______ tools detect when a system deviates from the baseline.
Context-aware Authentication
_______ uses multiple elements to authenticate a user and a mobile device, including things like the users identity, geolocation, geofencing, time of day, and type of device.
