Trusted OS
Trusted OS
- Meets set of requirements (Common Criteria) with emphasis on authentication/authorization
- Ensures only authorized personnel can access/modify data based on permissions
- Helps prevent malware infections
- Uses MAC (Mandatory Access Control)
chroot
chroot
- linux command to create sandbox
- Changes root directory for application, isolating it
FDE
FDE
Full Disk Encryption
SED
SED
Self Encrypting Drive
UEFI
UEFI
- Replacement for BIOS on newer systems
- Boot from larger disks
- CPU independent
TPM
TPM
Trusted Platform Module
-HW chip that stores keys for encryption
-Many laptops ship with
-Cannot add later
-Provides full disk encryption
-Secure boot - checks key files against signatures stored in TPM; blocks boot if modified
-Remote attestation - like secure boot, but checks files and sends report to remote system, which verifies
-TPM ships with RSA private key burned into it - asymmetric encryption - hardware root of trust
-Bitlocker enables TPM
-Chip embedded into motherboard
HSM
HSM Hardware Security Module -Device that can be added to system to manage, generate, securely store keys (for multiple devices) -Provides hardware root of trust -Secure boot -Optional remote attestation -Removable or external devices
SaaS
SaaS
- Software as a Service
- ie, gmail
- Least customer maintenance or security responsibility
PaaS
PaaS
- Platform as a Service
- Fully managed platform, like host website on virtual server with OS installed and kept up to date by provider
- Middle customer maintenance or security responsibility
IaaS
IaaS
Infrastructure as a Service
-Access to hardware in a self-managed platform
-Most customer maintenance or security responsibility
CASB
-List functions
CASB Cloud Access Security Broker -Security as a Service -Monitors traffic between org's network and cloud provider -Ensures security policies
Functions
- Visibility into application use (list apps in use)
- Data security (verify encrypted data transfers)
- Verify compliance with standards
- Monitoring and identification of threats
COPE
COPE Corporate Owned, Personally Enabled -Mobile device deployment model -Device owned by org -Can use for personal
BYOD
BYOD
Bring Your Own Device
-Mobile device deployment model
CYOD
CYOD
Choose Your Own Device
-Mobile device deployment model
-List of approved devices that can connect to network
VDI
VDI
- Mobile device deployment model
- Access virtual desktop from mobile device
MDM
MDM
Mobile Device Management
-Ensure devices have security controls
-Application management - restrict apps
-Full device encryption
-Storage segmentation - corporate data in encrypted segment
-Content management - ensure all content retrieved from organization source is stored in encrypted segment
-Containerization -encrypt container app run in
-Enforce strong authentication
-Block network access for jailbroken or rooted devices
-Disable camera and microphone
-Prevent use of external media and USB On-The-Go
-Block other internet connections like tethering, wifi direct
-Block cellular carrier unlocking
Sideloading
Sideloading
- Copy app package in APK format to device and activate
- Device must be set to allow apps from unknown sources
- Useful for developers testing apps, otherwise risky
SCADA
SCADA
-Embedded systems that control industrial control systems (ICS)
DLP
DLP Data Loss Prevention -Monitors outgoing data -Block USB -Prevent users from copying or printing files with specific contents -Log events -Alert admins
-
Tools & Random Stuff13
-
Protocols12
-
Protocols & Ports (Memorize)27
-
Network Devices21
-
Securing Your Network7
-
Wireless Protocols (Memorize)11
-
Wireless Attacks10
-
VPN7
-
Securing Hosts & Data19
-
Threats, Vulnerabilities, Common Attacks7
-
Advanced Attacks25
-
Risk Management Tools34
-
Controls To Protect Assets18
-
Cryptography36
-
Test Questions38
-
Ports Only (Quick Study)20
-
Ports (Reversed)21
-
Wireless Protocols (Quick Study)0
-
Identity And Access Services14
-
EAP6
