Official CISSP Study Guide Flashcards

Question

# CISSP 2024 Common Criteria Core Concept | Principles of Security Models, Design, and Capabilities

Answer 1

WHAT IT IS An internation standard (ISO/IEC 15408) for IT product security evaluation and certification. GOAL To provide a common, objective, and repeatble framework to verify security claims made by vendor. ANALOGY A standardized car safety rating systems (like NCAP). | Principles of Security Models, Design, and Capabilities

Answer 2

**Protection Profile (PP):** A vendor-neutral document describing security requirements for a CLASS of products (e.g., "firewall", "operating systems"). Written by users or consummer group. **Security Target (ST):** A vendor-specific document that details HOW their particular product meets the security requirements (PP). It defines the scope of the evaluation. Written by the product vendor/developer. **Target of Evaluation (TOE):** The actual product or system being tested. Evaluation Assurance Level (EAL): The rating (EAL1 to EAL7) indicating the DEPTH and RIGOR of the evaluation. Higher EAL = More Confidence in the testing process (NOT necessarily more security features).

Answer 3

WHAT IT IS A cryptanalatic attack where the attacker has sample of both the plaintext and its corresponding ciphertext. GOAL To discover the secret key used for encryption. ENCRYPTION SYSTEM NEEDED? No, the attacker does NOT need to interact with the encryption device or software (offline, passive attack). | PKI and Cryptographic Application

Answer 4

WHAT IT IS A powerful attack where the attacker can CHOOSE arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. GOAL To discover the secret key used for encryption. ENCRYPTION SYSTEM NEEDED? Yes, the attacker MUST interact with the encryption device or software (online, active attack). | PKI and Cryptographic Application

Answer 5

WHAT IT IS The most powerful type of cryptanalatic attack, where the attacker can CHOOSE arbitrary ciphertexts to be decrypted and obtain the corresponding plaintexts. GOAL To discover the secret key used for encryption. ENCRYPTION SYSTEM NEEDED? Yes, the attacker MUST interact with the decryption device or software (online, active attack). | PKI and Cryptographic Application

Answer 6

WHAT IT IS An attacker that exploits weaknesses in HOW a cryptographic algorithm is implemented in hardware or software, rather than attacking the mathematical algorithm itself. ANALOGY Ignoring a strong vault door (the algorithm) and instead of breaking through the weak wall it's installed (the implementation). | PKI and Cryptographic Application

Answer 7

WHAT IT IS An ACTIVE implementation attack where an attacker intentionally introduces physical faults (errors) into a device to disrupt its normal operation. GOAL To introduce a predictable malfunction that bypassess security or reveal secret information. ANALOGY Hitting a vending machine at the right moment to make it drop a free soda can. | PKI and Cryptographic Application

Answer 8

WHAT IT IS A PASSIVE implementation attack where an attack infers secret information by observing the physical effects of a system's operation. ANALOGY A detective listening to the clicks inside a safe lock instead of trying to break the door open. | PKI and Cryptographic Application

Answer 9

WHAT IT IS A side-channel attack where an attacker measures the time it takes for a system to perform cryptographic operations. GOAL To infer secret information (like a key) by analyzing variations in processing time. ANALOGY A safecracker listening for a faint click that takes slightly longer, indicating a correct number in the combination. | PKI and Cryptographic Application

Answer 10

WHAT IT IS A cryptanaltic attack that breaks ciphers using multiple keys by finding an intermediate value. It works by encrypting from one end and decrypting from the other, looking for a match. HOW IT WORKS **Requirement: The attacker must start with a known plaintext (P) and its corresponding, valid ciphertext (C).** 1. **ENCRYPT FORWARD**: Encrypt the P with every possible key for the first stage (K1). Store all results. 2. **DECRYPT BACKWARD:** Decrypt the corresponding C with every possible key for the second stage (K2). Store all results. 3. **FIND THE MATCH:** Compare the two lists of intermediate results. A match reveals the corrects K1 and K2. | PKI and Cryptographic Application

Answer 11

WHAT IT IS A cryptanalatic attack that exploits non-random patterns and statistical weaknesses found within ciphertext. GOAL To find predictable relationships in the encrypted data that can reveal information about the plaintext or key. HOW IT WORK 1. GATHER DATA: The attacker collects a large amount of ciphertext produced by the same key. 2. ANALYZE: They perform statistical analysis (like frequency analysis) on the ciphertext, looking for deviations from true randomness. 3. INFER: These statistical biases and patterns are used to deduce properties of the encryption key or the original plaintext. | PKI and Cryptographic Application

Answer 12

WHAT IT IS Encrypt all data passing over a specific communication link (e.g., between two routers). WHAT IS ENCRYPTED Everything. Both the data payload and the packet header. ANALOGY Putting the entire mail truck into secure, armored container for one leg of the journey. | PKI and Cryptographic Application

Answer 13

WHAT IT IS Encrypts data that the source and decrypts it only at the final destination WHAT IS ENCRYPTED Only the data payload. The packet header is left in plaintext for routing. ANALOGY Putting a letter in a secret box that only the final recipient can open. The post office can see the address but not the content. | PKI and Cryptographic Application

Answer 14

**Link Encryption** * Protects against attacks on the communication LINK. * Encrypt Header + Data. * Data is in PLAINTEXT at every intermediate node (hop). **End-to-End Encryption** * Protects against attacks on intermediate NODES. * Encrypts data ONLY. * Data is ENCRYPTED at every intermediate node (hop). | PKI and Cryptographic Application

Answer 15

WHAT IT IS The simplest mode of operation for a block cipher. It encrypts each block of plaintext independently using the same key. CIPHER TYPE It is a mode of BLOCK ciphers. | Cryptography and Symmetric Key Algorithms

Answer 16

**PROS** * Simple to implement * Fast, as block can be encrypted/decrypted in parallel * Errors in one block do not effect other blocks. **CONS** * Highly insecure due to pattern leakage. * Not suitable for encrypting more than a single block of data. | Cryptography and Symmetric Key Algorithms

Answer 17

1. **DIVIDE:** The plaintext is divided into fixed-size block (e.g., 128 bits for AES). 2. **ENCRYPT:** Each block is encrypted separately with the same secret key. 3. **COMBINE:** The resulting ciphertext blocks are concatenated toghether. | Cryptography and Symmetric Key Algorithms

Answer 18

WHAT IT IS A popular block cipher mode that introduces "chaining" to fix ECB's pattern leakage weakness. CIPHER TYPE It is a BLOCK cipher. | Cryptography and Symmetric Key Algorithms

Answer 19

1. The first plaintext block is XORed with an IV. The result is then encrypted with the secret key to create ciphertext block 1. 2. For ALL subsequent blocks, the plaintext block is XORed with the previous ciphertext block. That result is then encrypted with the key. | Cryptography and Symmetric Key Algorithms

Answer 20

WHAT IT IS A mode that turns the block cipher into a self-synchronizing stream cipher. ITS GOAL To encrypt data at any size (not just full blocks), making it suitable for data stream. CIPHER TYPE It is a stream cipher. | Cryptography and Symmetric Key Algorithms

Answer 21

CFB does NOT encrypt the plaintext directly. It generates a keystream: 1. START: Encrypt the IV with the secret key. This creates the first keystream block. 2. XOR: XOR the keystream block with the plaintext block to create the first ciphertext block. 3. FEEDBACK: Encrypt the first ciphertext block with the secret key. This create the second keystream block. 4. REPEAT: Continue using the previous ciphertext to generate the next keystream. | Cryptography and Symmetric Key Algorithms

Answer 22

**PROS:** * Can function as a stream cipher, encrypting data of any size. * Decryption can be parallelized. * Self-synchronizing; can recover from lost ciphertext blocks. **CONS:** * Encryption is sequential and cannot be parallelized. * Slower than other modes like OFB, CTR. * Error propagation is worse than OFB, CR. | Cryptography and Symmetric Key Algorithms

Answer 23

WHAT IT IS A model that turns a block cipher into a synchronous stream cipher. ITS GOAL Similar to CFB, it encrypts data at any size. Its key difference is HOW it generates the keystream. CIPHER TYPE It is a steam cipher. | Cryptography and Symmetric Key Algorithms

Answer 24

OFB also generate a keystream and XOR it with the plaintext 1. START: Encrypt the IV with the secret key. The result is the first keystream block. 2. XOR: XOR this keystream block with the plaintext block to create the first ciphertext block. 3. FEEDBACK: Encrypt the first keystream block (the output of the encryption engine) with the secret key. This creates the second keystream block. 4. REPEAT: Continue using the previous keystream to generate the next one. | Cryptography and Symmetric Key Algorithms

Answer 25

**PROS** * No error propagation makes it ideal for noisy links (e.g., satelline communications). * Keystream can be re-computed, making encryption very fast. **CONS:** * Not self-synchronizing. If a block is lost, all subsequent data will be garbled until resynchronized. * Highly vulnerable to keystream resuse attacks if the IV is not unique. | Cryptography and Symmetric Key Algorithms

Answer 26

WHAT IT IS A mode that turns the block cipher into a high performance, parallelizable stream cipher. ITS GOAL To provide a fash and efficient encryption by generating a keystream from a unique Nonce and an incrementing Counter. | Cryptography and Symmetric Key Algorithms

Answer 27

CTR generates a keystream completely indenpendent of data. 1. **SETUP.** For each message, create a unique Nonce. Initialize a Counter (0 or 1). 2. **GENERATE KEYSTREAM.** Encrypt the value of (Nonce, Counter) with the key. The result is the first keystream block. 3. **XOR.** XOR this keystream block the plaintext block to create the first ciphertext block. 4. **REPEAT.** For the next block, simply increment the Counter, create the keystream, and XOR again. | Cryptography and Symmetric Key Algorithms

Answer 28

WHAT IT IS An authenticated encryption mode that provides BOTH **Confidentiality** and **Integrity/Authenticity** in one efficient operation. It is a block cipher but simulates a stream cipher. GCM is the modern, go-to answer for scenarios requiring both ***confidentiality*** and ***integrity*** in a high-performance settings. It's superior to older "Encrypt-then-MAC) approaches. Its main implementation challenge is ensuring Nonce uniqueness. | Cryptography and Symmetric Key Algorithms

Answer 29

GCM combines two functions in parallel 1. ENCRYPTION (Confidentiality): It uses standard Counter (CTR) mode to encrypt the plaintext into ciphertext. 2. AUTHENTICATION (Integrity): It uses a function called GHASH to create an authentication tag (a MAC) over the ciphertext. | Cryptography and Symmetric Key Algorithms

Answer 30

WHAT IT IS An authenticated encryption mode that provides both Confidentiality and Integrity by combining two well-known modes. It is a block cipher mode. | Cryptography and Symmetric Key Algorithms

Answer 31

CCM is a two-pass, sequential process: 1. AUTHENTICATE FIRST: It first calculates a MAC (Message Authetication Code) over the plaintext using the CBC-MAC algorithm. 2. ENCRYPT SECOND: It then encrypts BOTH the plaintext and the MAC using standard Counter (CTR) Mode. | Cryptography and Symmetric Key Algorithms

Answer 32

The main difference is the operational flow: 1. GCM is a ONE-PASS mode. Encryption and authentication happen in parallel, making it generally faster. 2. CCM is a TWO-PASS mode. It performs authentication first, then encryption (MAC-then-Encrypt), making it sequential and often slightly slower.

Answer 33

To make the relationship between the CIPHERTEXT and the KEY as complex and random as possible. Primarily works through SUBSTITUTION operations. | Cryptography and Symmetric Key Algorithms

Answer 34

To spread the influence of a SINGLE plaintext bit over MANY ciphertext bits, hiding the statistical structure of the plaintext. Primarily works through TRANSPOSITION operations. | Cryptography and Symmetric Key Algorithms

Answer 35

WHAT IT IS The only mathematically proven unbreakable (perfectly secret) encryption system. RULE 1. Truly Random. The key must be randomly generated. 2. Lenght. As long as the plaintext to be encrypted. 3. One Time. Used only once (One-Time) 4. Secret: Key must be ketp secretly and destroyed after use (difficult in key management). | Cryptography and Symmetric Key Algorithms

Answer 36

**WHAT IT IS** A type of polyalphabetic cipher that uses a long, pre-agreed text (like a book) as its encryption key. It is also known as Book Cipher. The encryption key is NOT random. | Cryptography and Symmetric Key Algorithms

Answer 37

**GOAL:** To prevent unilateral actions and protect against a single point of failure (person or key). **ANALOGY:** Acessing a bank vault that requires at least 2 out of 3 senior managers (M = 2, N = 3) to be present with their keys. | Cryptography and Symmetric Key Algorithms

Answer 38

HOW IT WORKS: Through a process call Context Switching, the OS scheduler rapidly switches the CPU's focus between different processes, giving each a small time slice. This happen so fast it appears simultaneous. | Security Vulnerabilities, Threats, and Countermeasures

Answer 39

WHAT IT IS A CPU with multiple idependent processing units (core) enabling true parallel execution. HOW IT WORKS Enable true parallelism, executing multiple tasks simultaneously, | Security Vulnerabilities, Threats, and Countermeasures

Answer 40

WHAT IT IS More than one physical CPU in a system. HOW IT WORKS Provides massive true parallelism by allowing each physical CPU to execute task simultaneously. This is a step above multicore, which has multiple cores on a single CPU chip. | Security Vulnerabilities, Threats, and Countermeasures

Answer 41

KEY GOAL To maximize CPU utilization by ensuring the CPU has something to do. Relationship to Multitasking: It is the foundational concept that enables multitasking. Multiprogramming focuses on keeping the CPU busy; Multitasking is the logical extension that provides a responsive feel to the users. | Security Vulnerabilities, Threats, and Countermeasures

Answer 42

HOW IT WORKS Threads within the same process share the same memory space and resources. This makes them lightweight but introduces security risks. A process is divided into mutliple threads. Each thread is process simultaneously. | Security Vulnerabilities, Threats, and Countermeasures

Answer 43

WHAT IT IS Hardware and software for monitoring physical industrial process (e.g., manufacturing, power grids). Prioritizes Availablity and Safety over Confidentialiaty. | Security Vulnerabilities, Threats, and Countermeasures

Answer 44

A rugged, single-purpose computer that automates a specific electromecanical process, such as a robotic arm or a valve. The 'muscle' of an ICS. | Security Vulnerabilities, Threats, and Countermeasures

Answer 45

Manages processes within a single facility (e.g., a factory floor). Uses distributed local controllers and centralized monitoring. Is process-driven and state-driven. | Security Vulnerabilities, Threats, and Countermeasures

Answer 46

**Protects:** The tangible expression of an idea (e.g., book, software source code), ***NOT*** the idea itself. **Duration:** Typically, the life of the author + 70 years; for corporate works, it's 95 years from publication or 120 years from creation. | Laws, Regulation, and Compliance

Answer 47

**Protects:** Words, names, symbols, or colors (e.g., logos, brand names) used to identity the source of goods/services and distinguish them from others. **Registration:** Must be registered with the relevant national government agency (e.g., in the U.S., the U.S. Pattern Trademark Office - USPTO_ | Laws, Regulation, and Compliance

Answer 48

**Protects:** Inventions, processes, and designs that are novel, useful, and non-obvious. **Key Trade-off:** Grants a 20-year exclusive monopoly to the inventor in exchange for public disclosure of the invention. **Registration:** Must be applied for and granted by a government agency (e.g., USPTO). | Laws, Regulation, and Compliance

Answer 49

**Protects:** Confidential business information (e.g., formulas, customer lists, processes) that provides a competitive edge. **Key Requirement:** The organization must take reasonable steps to keep it secret (e.g., NDA, access control). **Duration:** Potentially indefinite, as long as it remains secret. **Registration:** None. Not filed with any government office. | Laws, Regulation, and Compliance

Answer 50

**Data At Rest:** Data on storage media (e.g., HDD, SDD, backups). **Control:** Strong symmetric encryption. **Data In Transit:** Data moving over a network (e.g., Internet, LAN). **Control:** Symmetric and/or Asymmetric encryption (e.g., TLS, SSL). **Data In Use:** Data in memory (RAM) being processed. **Control:** Flushing buffers, homomorphic encryption. | Protecting Security of Assets

Answer 51

**WHAT IT IS:** A network security measure where a secure system is physically isolated from other networks (no wired or wireless connections). **WHY:** Provides the highest level of protection for critical systems (e.g., ICS, SCADA, classified networks). **RISK:** Can be defeated by removable media (e.g., USB), insiders, or supply chain attacks. | Protecting Security of Assets

Answer 52

**Focus:** Controls impacting a client's Financial Reporting (ICFR). **Audience:** The client's financial auditors. | Security Assessment and Testing

Answer 53

**Focus:** The 5 Trust Service Criteria (Privacy, Security, Availability, Processing Integrity, and Confidentiality). **Audience:** Restricted use (under NDA) for stakeholders like security & compliance teams. | Security Assessment and Testing

Answer 54

**Focus:** A public-facing summary of the SOC 2 audit. **Audience:** General use, marketing. **Content:** High-level, no sensitive data. | Security Assessment and Testing

Answer 55

**Scope:** Audit the design of controls. **Time:** At a single poit of time (e.g., "as of Dec 31"). **Assurance:** Low. | Security Assessment and Testing

Answer 56

**Scope:** Audit both the design AND operating effectiveness of controls. **Time:** Over a period of time (e.g., 6 - 12 months). **Assurance:** High (Gold Standard). | Security Assessment and Testing

Answer 57

**What:** A software test that verifies that the communication and data exchange between two or more different components, systems, or layers (e.g., APIs, UI-to-backend) work correctly. **Purpose:** To check data format, error handling, and connectivity at the 'meeting points' (interfaces), *not* the internal logic of the components. | Security Assessment and Testing

Answer 58

**What:** A proactive monitoring that uses automated scripts (bots) to simulate a real user's path and interactions with an application (e.g., login, add to cart). **Purpose:** To test availability, measure performance, and verify SLAs by finding problems before real users are impact. | Security Assessment and Testing

Answer 59

**What:** A DAST technique that provides invalid, unexpected, or random data to an application's inputs. **Purpose:** To find vulnerabilities, typically memory-handling bugs like buffer overflow, by causing the application to crash. | Security Assessment and Testing

Answer 60

**What:** A type of fuzzing that starts with a valid data sample (seed) and randomly mutates it (e.g., flipping bits, changing bytes) before sending it to the input. **Characteristics:** "Dumb" because it doesn't understand the data protocol or format. | Security Assessment and Testing

Answer 61

**What:** A type of fuzzing that uses a model or specification of the expected data (e.g., a protocol RFC) to generate new, almost-valide, malformed inputs from scratch. **Characteristics:** "Intelligent" because it does understand the data's rules, allowing it to bypass simple validation and find deeper bugs. | Security Assessment and Testing

Answer 62

**What:** A broad type that checks how a system responds to any unexpected or invalid inputs, both intentional and intentional. **Purpose:** To find error and ensure application stability against bad data. | Security Assessment and Testing

Answer 63

**What:** A specific, security-focusted test that simulate intentional attacks by a threat actor. **Purpose:** To verify that security controls can resist a malicious attempt to exploit the system. | Security Assessment and Testing

Answer 64

Deter >> Deny >> Detect >> Delay >> Determine >> Decide | Physical Security Requirements

Answer 65

**What it is:** Smartcards are credit card-sized IDs, badges with embedded magnetic stripe, bar code, or integrated circuit chip. **Authentication:** Prerepsents "Some Thing You Have" (single authentication factor). | Physical Security Requirements

Answer 66

**Passive Infrared (PIR) or heat-based:** Monitor changes in a monitored area's heat level. **Wave Pattern Motion or Microwave Motion:** Use low ultrasonic/high microwave to detect disturbance/changes in reflected patterns. **Capacitance Motion:** Monitor changes in the electrical/magnetic field surrounding a monitored object. **Photoelectric Motion:** Monitor changes in visible light, use in dark rooms without windows. Passive Audio Motion: Monitor for abnormal sounds in monitored areas. | Physical Security Requirements

Answer 67

**Rate-of-rise detection systems:** Trigger when the speed at which the temperature changes reaches a specific level. **Flame-actuated systems:** Trigger bases on the infrared energy of the flame. **Smoke-actuated systems:** Use photoelectric or radioactive ionization sensors as triggers. **Insipient smoke systems:** Detect the chemicals typically associated with the very early stage of the flame. | Physical Security Requirements

Answer 68

**Wet Pipe System (Close Head System)**: Always full of water. **Dry Pipe System:** Use iner gas to release water. **Preaction System:** Variation of Dry Pipe with two stages where at Stage 1 the pipe is filled with water; Stage 2 the water is releases on the sprinkler head is activated. **Deluge System:** Use larger pipes and deliver large amount of water in comparision to wet pipe system.

Answer 69

**What it is:** Pharming is malicious redirection of a valid website's URL or IP address to a fake website. Pharming typically occurs either by modifying the local *hosts* file on a system or by poisioning or spoofing DNS resolution. **How:** Altering the hosts file or corrupt the IP configuartion. | Secure Network Architecture and Components

Answer 70

**What it is:** Occurs when the threat actor is able to eavesdrop on a client's query to a DNS server. The attacker then send back a reply with false information. **How:** Use proxy falsification. | Secure Network Architecture and Components

Answer 71

The separation of the network's brain from its muscle. It separates the **Control Plane** (decision-making) from the **Data Plane** (packet forwarding), centralized the intelligence. **Control Plane:** The centralized **SDN Controller** (the "brain") that makes all routing and policy decision. **Data Plane:** The forwarding hardware that execute the controller's commands (the "muscle"). | Secure Network Architecture and Components

Answer 72

**What it is:** An obsolete, weak authentication protocol. **Problem:** Transmit username and password in cleartext. **Vulnerability:** Highly susceptible to eavesdropping (sniffing).

Answer 73

**What it is:** An authentication protocol that uses a challenge-response dialogue. **Benefit:** Avoid sending the password in cleartext and is protected against replay attacks. **Note:** Original uses weak MD5. | Secures Communication and Network Attacks

Answer 74

**What:** An authentication framework, not a single protocol. **Purpose:** Provide a flexible structure to support many different authentication methods (e.g., tokens, smartcards, ...) | Secures Communication and Network Attacks

Answer 75

**What:** Port-Based Network Access Control (PNAC). It is an authentication mechanism for network ports (wired or wireless). **How:** Block a port until the client is authenticated, typically using EAP to communicate with a RADIUS server. | Secures Communication and Network Attacks

Answer 76

**What:** This is an email authentication method that adds a digital signature (a cryptographic "seal") to the email's content. **Purpose:** To ensure message integrity (proving the content wasn't tampered with) and to authenticate the sending domain. | Secures Communication and Network Attacks

Answer 77

**What:** An email authentication standard (DNS TXT record) that verifies the email sending server (IP address). **Purpose:** Prevents sender spoofing by listing which email servers are authorized to send email for a domain. | Secures Communication and Network Attacks

Answer 78

This is a standard for end-to-end public key encryption and digital signature for emails. Its trust model is Centralized, relying on a formal Certificate Authority (CA) hierarchy to issue and validate key. It is commonly integrated into corporate email clients.

Answer 79

A **protocol suite** (not a single protocol) used to secure IP communications, most commonly to create VPN. It provides **Authentication**, **Integrity**, and **Confidentiality**. | Secures Communication and Network Attacks

Answer 80

The **negotiation protocol for IPSec**. Its job is to authenticate the two endpoints and create the Security Associations (SAs) before any data is sent. | Secures Communication and Network Attacks

Answer 81

Provides: Authentication and Integrity. DOES NOT provide Confidentiality (encryption) | Secures Communication and Network Attacks

Answer 82

Provides: Confidentiality (encryption), Authentication, and Integrity. Note: This is the most common protocol used in modern IPSec VPN. | Secures Communication and Network Attacks

Answer 83

The protocol used in the setup phase to negotiate keys and security parameters (like which algorithm to use) for the VPN tunnel. It creates Security Association (SA). | Secures Communication and Network Attacks

Answer 84

The one-way "contract" created by IKE that defines the specific keys and algorithms to be used between two peers. A full VPN needs two SAs (one inbound, one outbound). | Secures Communication and Network Attacks

Answer 85

A biometric system false to authenticate a **valid** user. This is a **false negative**. | Managing Identity and Authentication

Answer 86

A biometric system incorrectly authenticates an **invalid** user. This is a false positive. | Managing Identity and Authentication

Answer 87

The point where FRR and FAR percentage are equal. A lower CER means the biometric device is more accurate. Sometime, in strict confidential areas, FRR (Type 1 Error) is more acceptable than FAR to keep the areas from unauthorized access. | Managing Identity and Authentication

Answer 88

An OTP that is **time-synchronized** with the server. Also known as a **synchronous authenticator**. This requires the authenticator and the server to have accurate and synchronized clock. | Managing Identity and Authentication

Answer 89

An OTP that is based on an algorithm and an **incrementing counter**. It is not time based and known as **asynchronouse authenticator**. | Managing Identity and Authentication

Answer 90

An **Object-focused list**. It is attached to an object (like a file) and specifies which subjects (users/procoesses) are granted access. | Managing Identity and Authentication

Answer 91

A Subject-focused list. It is attached to a subject (like a user) as a token, specifying which objects that subject can access. | Managing Identity and Authentication

Answer 92

An access control model where the **Owner** of an object has the discretion to grant or deny access to other subjects. Example: Windows NTFS. | Managing Identity and Authentication

Answer 93

A strict, non-discretionary model where the **System (OS)** controls access base on Labels (e.g., Top Secret, Secret) assigned to both subjects and objects. | Managing Identity and Authentication

Answer 94

A nondiscretionary model where access is granted based on a subject's **Job Function (Role)**. Permissions are assigned to roles, and users are assigned to roles. Helps prevent Privilege Creep. | Managing Identity and Authentication

Answer 95

A nondiscretionary model where access is deteremined by **global rules** that appy to all subjects equally. Classic example: A firewall ACL. | Managing Identity and Authentication

Answer 96

A flexible, nondiscretionary model that uses policies **with multiple attributes** (e.g., subject role, device type, location, time of a day) to make access decisions. | Managing Identity and Authentication

Answer 97

An XML-based standard for federated SSO. It exchanges both **Authentication** and Authorization (AA) information between Identity Provide (IdP) and Service Provider (SP). Has three main components: Identity Provider (IdP), Service Provider (SP), and Principle (user). | Managing Identity and Authentication

Answer 98

An **Authorization Framework**, not an authentication protocol. It provides apps with a limited-use "Access Token" to act on a user's behalf without sharing the user's password. | Managing Identity and Authentication

Answer 99

An **Authentication Layer** built **on top of OAuth 2.0**. It uses a JSON Web Token (JWT). It provides what OAuth missing: authentication (**OIDC = OAuth + Authentication**) | Managing Identity and Authentication

Answer 100

The primary authentication protocol for internal networks, used by Active Directory. It is a **ticket-based system** that relies on **a KDC (Key Distribution Center)** and is sensitive to **time synchronization**. | Managing Identity and Authentication

Answer 101

**TGT (Ticket-Granting Ticket):** The "Main Admission Ticket". Proves you have authenticated once with the **AS (Authentication Service)**. You use this to request Service Tickets. **Service Ticket:** The "Ride Ticket". A ticket requested from **TGS (Ticket Granting Service)** that grant access to one specific service (like a file server). | Managing Identity and Authentication

Answer 102

**Subject:** The user, service, or system requesting access. **Policy Engine:** The "brain" that makes the decision based on rules and external data (like SIEMs, threat intel). **Policy Administrator:** The "enforcer" that establishes or removes the communication path. **Policy Enforcement Point:** The "gateway" that forwards requests and executes Policy Administrator's decision. | Managing Identity and Authentication

Answer 103

**What:** An active test that goes beyond scanning to actually attempt to exploit vulnerabilities and defeat security controls. **Phase (NIST):** 1. Planning; 2. Discovery; 3. Attack; 4.Reporting. **Key phase (Planning)**: This phase is "extremely important" and requires **explicit authorization** from senior management. It defines the **scope** (what to test) and **rules of engagement** (how to test) to prevent disruption or data corruption. | Security Assessment and Testing

Answer 104

An internal investigation examining operational issues or violation of organization's policies. Has the loosest set of standards for collection of information. | Investigation and Ethics

Answer 105

Investigates the alleged violation of criminal law. Typically conducted by law enforcement and requires the highest standard of proof: *'beyond a reasonable doubt'*. | Investigation and Ethics

Answer 106

Involves internal employees and consultants working on behalf of a legal team to resolve a dispute between two parties. Uses the *'preponderance of the evidence'* standard. | Investigation and Ethics

Answer 107

Conducted by government agencies (or industry bodies like PCI DSS) when a corporation is believed to have violated administrative law or industry standards. | Investigation and Ethics

Answer 108

Physical objects brought into courts (e.g., a seized hard drive, a keyboard with fingerprints). Must be authenticated, often with Chain of Custody.

Answer 109

Any written items brought into court to prove a fact (e.g., computer logs, emails, contracts). Must be authenticated. | Investigation and Ethics

Answer 110

1. **Best Evidence Rule:** The *original document* must be introduced. Copies (secondary evidence) are not accepted unless exceptions apply. 2. **Parol:** When an agreement is in writting, verbal agreements (parol) cannot be used to modify the written document. | Investigation and Ethics

Answer 111

Evidence consisting of a witness's testimony under oath. Can be *Direct Evidence* (what they saw) or an *Expert Opinion*. | Investigation and Ethics

Answer 112

Evidence used to *support* testimonial evidence (e.g., diagrams, charts, animations). It helps a witness to explain a concept to the jury. | Investigation and Ethics

Answer 113

SDLC Phase: Conceptual Definition >> Functional Requirement Determination >> Control Specification Development >> Design Review >> Coding >> Code Review Walkthrough >> System Test Review >> Maintenance and Change Management | Software Development Security

Answer 114

Creating the basic, high-level concept statement for a system that states the project's purpose and general requirement. | Software Development Security

Answer 115

Listing the specific system functionalities. The deliverable is a functional requirements document listing inputs, behaviors, and outputs. | Software Development Security

Answer 116

Designing adequate security controls into the system, such as access control, confidentiality (encryption), and audit trails. | Software Development Security

Answer 117

Designers determine how system parts interoperate. This ends with a review meeting with stakeholders (including security pros) to validate design. | Software Development Security

Answer 118

The phase where software developers start writing code, using secure coding principles consistent with the agreed-on design. | Software Development Security

Answer 119

Technical meeting where development personnel sit down with the code and 'walk through' it, looking for problems in logical flow or security flaws. | Software Development Security

Answer 120

Includes functional testing, security testing, and UAT, where users verify the code meets their requirements and accept it for production. | Software Development Security

Answer 121

Ensuring continued operation after development. Any changes to the operation code must be handled through a formalized change management process. | Software Development Security

Answer 122

The starting phase. Charaterized by disorganized, chaotic processes with little or no defintion. | Software Development Security

Answer 123

Basic life cycle management processes are introduced. Repeatable results can be expected from similar projects. | Software Development Security

Answer 124

The organization uses a set of formal, documented software development processes. All projects follow this standard. | Software Development Security

Answer 125

The organization uses 'quantitative measure' (metrics) to gain a detailed understanding of the development process. | Sofware Development Security

Answer 126

A process of 'continuous improvement' occurs. Feedback from one phase reaches to the previous phase to improve future results. | Software Development Security

Answer 127

A record, or a single row, in a database table. | Software Development Security

Answer 128

A field, or a single column, in a database table. | Software Development Security

Answer 129

The four require characteristics of a relational database transactions: 1. Atomicity 2. Consistency 3. Isolation 4. Durability | Software Development Security

Answer 130

The 'all-or-nothing' property. If any part of the transaction fails, the entire transaction must be rolled back. | Software Development Security

Answer 131

Ensure that the database is consistent with all rules *before* a transaction begins and *after* it complete. | Software Development Security

Answer 132

Requires that transactions operate separately. One transaction must be completed in its entirety before another can modify the same data. | Software Development Security

Answer 133

Ensures that once a transaction is 'comitted', it must be preserved (e.g., through transaction logs), even if there is a hardware failure. | Software Development Security

Answer 134

The number of rows (or tuples) in a relation (table). | Software Development Security

Answer 135

The number of columns (or attributes) in a relation (table). | Software Development Security

Answer 136

A preventive security mechanism that endeavors to make certain that the information stored in the database is always correct or has it integrity and availability protected. | Software Development Security

Answer 137

The significant security challenge of mixing data with different classification levels and/or need-to-know requirements in the same database. | Software Development Security

Answer 138

Used to collect numerous low-level security items (e.g., unclassified data) and combine them (e.g., using SLQ aggregate functions) to create something of a higher security level (e.g., classified data). | Software Development Security

Answer 139

Involves combinging of several piecese of nonsensitive information (using human deductive capability) to gain access to information that should be classified at a higher level. | Software Development Security

Answer 140

Occurs when two or more rows in the same table appear to have identical primary key elements but contain *different* data for use at *differing classification levels*. This is a defense against inference attack. | Software Development Security

Answer 141

The concept of hiding individual database fields or cells, or imposing more security restrictions on them, as a granular control. | Software Development Security

Answer 142

The process of splitting a single database into multiple parts, each with a unique security level or content type. This helps subvert aggregation and inference attacks. | Software Development Security

Answer 143

A virus that uses more than one propagation technique (e.g., it infects *both* files and master boot record) to penetrate system. | Malicious Code and Application Attacks

Answer 144

A virus that hides itself by tampering with the operating system to fool antivirus package (e.g., provide a 'clean' version of a file when scanned). | Malicious Code and Application Attacks

Answer 145

A virus that modifies its own as it travels from system to system. The signature is different each time, making it hard for signature-based AV to detect. | Malicious Code and Application Attacks

Answer 146

Uses cryptographic techniques to avoid detection. It uses a short decryption routine and a different key for each infection. | Malicious Code and Application Attacks

Answer 147

Attacks that never write files to disk, making them difficult for traditional AV to detect. They execute entirely in memory. | Malicious Code and Application Attacks

Official CISSP Study Guide Flashcards

Get CISSP Certificate (171 cards)