Wednesday, 15 June 2011

CISSP CBK 3 Security Architecture and Design

Hi everyone, 3rd domain is as under

System is working in asymmetric mode one CPU is dedicated to one application.

A process is the set of instructions that is actually running, program is not a process until unless its is loaded and being allocated resources.

multiprogramming, which means that more than one program (or process) can be loaded i.e antivirus and another programme running side by side

.A maskable interrupt is assigned to an event that may not be overly important and the programmer can indicate that if that interrupt calls, the program does not stop what it is doing. Non-maskable interrupts can never be overridden by an application because the event that has this type of interrupt assigned to it is critical. As the reset button.

Watchdog timer is an example of critical process that resets the system if the system cannot recover it self from the problem

thread is made up of an individual instruction set and the data that must be worked on by the CPU like print function in word process multi threading refers to the multiple thread handling simultaneously.

A garbage collector is software that runs an algorithm to identify unused committed memory and then tells the operating system to mark that memory as “available.”

kernel mode, privileged mode, and supervisory mode all mean the same thing A monolithic kernel means all of the kernel’s activity works in privileged (supervisory) mode windows vista anad xp are all monolitic operating system as alll function workd inside kernel

Computer Security Policy Model Orange Book is based is the Bell-LaPadula Model.

The reference monitor is an abstract machine that mediates all access subjects have to objects

Security labels are not required until security rating B; thus, C2 does not require security labels but B1 does.

TCSEC addresses confidentiality, but not integrity ITSEC addresses CIA

Limitation of Orange book is it dosent evaluate the system for what those users do with the information oncethey are authorized, Only address Single system Security

Trusted Network Interpretation (TNI), also called the Red Book because of the color of its cover, addresses security evaluation topics for networks and network components. It addresses isolated local area networks and wide area internetwork systems.

ITSEC (European) actually separates these two attributes (functionality and assurance) and rates them separately, whereas TCSEC clumps them together and assigns them one rating (D through A1).

Certification is the comprehensive technical evaluation of the security components and their compliance for the purpose of accreditation.

Accreditation Accreditation is the formal acceptance of the adequacy of a system’s overall security and functionality by management.

Certification is a technical review that assesses the security mechanisms and evaluates their effectiveness. Accreditation is management’s official acceptance of the information in the certification process findings

Security testing and trusted distribution are required for Life-Cycle Assurance.


DIACAP (DoD Information Assurance Certification and Accreditation Process) effective Nov 2007 for C&A within the Department of Defense.

The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the United States Department of Defense (DoD) process to ensure that risk management is applied on information systems (IS). DIACAP defines a DoD-wide formal and standard set of activities, general tasks and a management structure process for the certification and accreditation (C&A) of a DoD IS that will maintain the information assurance (IA) posture throughout the system's life cycle.


National Information Assurance Certification and Accreditation Process (NIACAP), establishes the minimum national standards for certifying and accrediting national security systems.


The HIPAA legislation had four primary objectives:

(1) Assure health insurance portability by eliminating job-lock due to pre-existing medical conditions,

(2) Reduce healthcare fraud and abuse,

(3) Enforce standards for health information and

(4) Guarantee security and privacy of health information.

B2 and B3 are concerned with covert channels, only level A1 involves a formal covert channel analysis.

In state machine models, to verify the security of a system, the state is used

Evaluation is the process of independently assessing a system against a standard of comparison, such as evaluation criteria.

Certification is the process of performing a comprehensive analysis of the security features and safeguards of a system to establish the extent to which the security requirements are satisfied.

Accreditation is the official management decision to operate a system.

Acceptance testing refers to user testing of a system before accepting delivery.

Orange book Operational Assurance and Life-Cycle Assurance.

Clark Wilsom integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?

National Computer Security Center (NCSC)= TCSEC

The life cycle assurance requirements specified in the Orange Book are:

security testing,

design specification and testing (B1,2,3,A1),

configuration management

trusted distribution(A1).

System integrity is also defined in the Orange Book but is an operational assurance requirement, not a life cycle assurance requirement

Complex Instruction Set Computer (CISC) uses instructions that perform many operations per instruction.

Pipelining involves overlapping the steps of different instructions to increase the performance in a computer.

Reduced Instruction Set Computers (RISC) involve simpler instructions that require fewer clock cycles to execute.

Scalar processors are processors that execute one instruction at a time.

Polyinstantiation permits a database to have two records that are identical except for their classifications

Information Labels contain more information than Sensitivity Levels, but are not used by the Reference Monitor to determine access permissions.

There are three main requirements of the security kernel:

• It must provide isolation for the processes carrying out the reference monitor concept, and the processes must be tamperproof.

• It must be invoked for every access attempt and must be impossible to circumvent. Thus, the security kernel must be implemented in a complete and foolproof way.

• It must be small enough to be able to be tested and verified in a complete and comprehensive manner.

Indirect addressing is when the address location that is specified in the program instruction contains the address of the final desired location.

Direct addressing is when a portion of primary memory is accessed by specifying the actual address of the memory location.

Indexed addressing is when the contents of the address defined in the program's instruction is added to that of an index register.

D – Minimal protection

C – Discretionary protection

C1 – Discretionary Security Protection

C2 – Controlled Access Protection

B – Mandatory Protection

B1 – Labeled Security

B2 – Structured Protection

B3 – Security Domains

A – Verified Protection

A1 – Verified Design

In MAC Model subject has clearance and Need to know when this alliens with Object classification and Category information can flow

EAL 1 : functionally tested

EAL 2 : structurally tested

EAL 3 : methodically tested and checked

EAL 4 : methodically designed, tested and reviewed

EAL 5 : semifomally designed and tested

EAL 6 : semifomally verified design and tested

EAL 7 : fomally verified design and tested.

NIST PRODUCES and PUBLISHES the Federal Information Processing Standards (FIPS)

operational assurance requirements specified in the Orange Book are

1. system architecture,

2. system integrity,

3. covert channel analysis,

4. trusted facility management

5. trusted recovery

Trusted Facility Management is Separation of Duties and is provided in the form of support for system administrator and operator functions and that stringent configuration management controls are imposed. You have single accounts to perform specific functions and not general accounts available to all individuals. (single admin account is use to do all Security things)

Polyinstantiation permits a database to have two records that are identical except for their classifications (i.e., the primary key includes the classification). Thus, APFEL's new unclassified record did not collide with the real, top secret record, so APFEL was not able to learn about FIGs pineapples.

Polymorphism is a term that can refer to, among other things, viruses that can change their code to better hide from anti-virus programs or to objects of different types in an object-oriented program that are related by a common superclass and can, therefore, respond to a common set of methods in different ways. That's also irrelevant to this question.

No comments:

Post a Comment