Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
49 Cards in this Set
- Front
- Back
|
TSEC
|
referred to as the Orange Book, was developed by the US Department of Defense to evaluate the security properties of systems and assess whether they're appropriate for certain functions.
|
|
|
A
|
TCSEC security divisions: verified protection
|
|
|
B
|
TCSEC security divisions: mandatory protection
|
|
|
C
|
TCSEC security divisions: discretionary protection
|
|
|
D
|
TCSEC security divisions: minimal security
|
|
|
security policy, accountability, life cycle assurance, documentation, identification, labels
|
TCSEC division to which a system is assigned is based on the evaluation of (6 things, comma delimited)
|
|
|
A
|
This TCSEC Security division uses formal methods to verify that the subjects and objects in a system are controlled with essential mandatory access controls – or MACs – and discretionary access controls – or DACs
|
|
|
A1
|
Only class under TCSEC Division A.
The evaluation for this class uses formal techniques to compare the Trusted Computer Base – or TCB – of a system to the security policy for the system. The overall design of the system is also thoroughly reviewed. Typically, systems that store top-secret information and need highly secure environments are evaluated using this class' specifications. |
|
|
B1: Labeled Security
|
The evaluation for this TCSEC Division B class includes verification of the security labels used by the subjects and objects in the system. These labels should be enforced by an MAC mechanism based on the Bell-LaPadula security model.
For a system to achieve this TCSEC Division B class, it must have a security policy based on an informal statement. Usually systems that store classified data are evaluated for this class. |
|
|
B2: Structured protection
|
The evaluation for this TCSEC Division B class includes verification of the authentication mechanisms and protection layers in a system. The system's subjects and devices should use labels and there should be no covert channels. The system should also provide separate operator and administrator roles.
Systems that process sensitive data are usually evaluated for this TCSEC Division B class. |
|
|
B3: Security domains
|
The evaluation for this TCSEC Division B class includes evaluation of the policies, design, reference monitor, and roles used in a system.
The security policy for a system should be properly defined and documented. The design and implementation of the system shouldn't be complex so that the system can be managed even when skilled people aren't available. The reference monitor in the system must be secure and small enough to be tested, and the security administrator role for the system should be clearly defined. Typically, systems that handle highly sensitive data need to be evaluated for this TCSEC Division B class. |
|
|
C1: Discretionary security protection
|
For a system to achieve this TCSEC Division C class, it must use DACs to control access for individual users or user groups. The system's architecture should also include a protected execution domain.
Systems that require strict access control methods for users need to be evaluated for this TCSEC Division C class. |
|
|
C2: Controlled access protection
|
For a system to achieve this TCSEC Division C class, it must use logical access controls to identify and authenticate individual users. The system should also enforce strict logon procedures and audit security events.
This TCSEC Division C class is suited for commercial systems in which user accountability is required. |
|
|
Minimal protection
|
Only class of TCSEC Division D. It's usually provided to systems that are evaluated but fail to meet the criteria of the higher divisions.
|
|
|
TCSEC
|
Inappropriate for commercial organization whose focus is data integrity.
|
|
|
ITSEC
|
standard used by European countries to evaluate the security attributes of computer systems.
|
|
|
functionality and assurance
|
ITSEC evaluates two main attributes of a system's protection mechanisms which are _____ and ______.
|
|
|
functionality
|
is evaluated by testing the protection mechanisms available to the subjects in a system.
|
|
|
assurance
|
is evaluated by reviewing the development practices, documentation, configuration management, and testing mechanisms of a system
|
|
|
Target of Evaluation or TOE
|
Any individual system that is evaluated by the ITSEC is called a ______ or ___.
|
|
|
F1 to F5
|
ITSEC Functionality ratings: which map to the TCSEC ratings, C1 to A1
|
|
|
F6
|
ITSEC Functionality ratings: for systems requiring high levels of integrity for data and programs
|
|
|
F7
|
ITSEC Functionality ratings: for systems requiring high levels of availability of their functions
|
|
|
F8
|
ITSEC Functionality ratings: for systems requiring high levels of data integrity during communications
|
|
|
F9
|
ITSEC Functionality ratings: for systems requiring high levels of data confidentiality during communications,
|
|
|
F10
|
ITSEC Functionality ratings: for networks requiring high levels of data confidentiality and integrity
|
|
|
E0
|
ITSEC assurance ratings: indicates inadequate assurance
|
|
|
E1
|
ITSEC assurance ratings: includes functional testing to verity if the TOE meets its security target.
|
|
|
E2
|
ITSEC assurance ratings: includes the evaluation of testing evidence, configuration controls, and distribution processes
|
|
|
E3
|
ITSEC assurance ratings: evaluates the source code and hardware drawings of the security mechanisms. It also evaluates the evidence of testing of these mechanisms.
|
|
|
E4
|
ITSEC assurance ratings: verifies the availability of a formal model of the security policy, and semiformal specifications of security mechanisms, architectural design, and detailed design.
|
|
|
E5
|
ITSEC assurance ratings: evaluates whether there is close correspondence between the detailed design and the source code or hardware drawings
|
|
|
E6
|
ITSEC assurance ratings: verifies whether the security mechanisms and the architectural design are consistent with the security policy.
|
|
|
Common Criteria
|
Was developed by the International Organization for Standardization (ISO) to provide a security evaluation standard that can be used globally. Published as the ISO/IEC 15408 standard, it was developed in collaboration with national security standards organizations of various countries.
|
|
|
Evaluation Assurance Level
|
Common Criteria evaluation is conducted for individual products, and each product is assigned what?
|
|
|
EAL 1
|
Common Criteria EAL: ensures that a system functions as described in its documentation. This level is meant for systems that do not face serious security threats. The evaluation is supported by functional testing.
|
|
|
EAL 2
|
Common Criteria EAL: provides a minimal to moderate level of security assurance to systems that do not have easily available development records, such as upgraded legacy systems.
|
|
|
EAL 3
|
Common Criteria EAL: provides a moderate level of assurance to systems by independently testing them and checking the test results provided by the system's developers.
|
|
|
EAL 4
|
Common Criteria EAL: provides a moderate to high level of assurance to systems by analyzing their designs, testing to identify vulnerabilities, and reviewing their development methods.
|
|
|
EAL 5
|
Common Criteria EAL: provides a high level of assurance to systems that follow a planned development approach. The evaluation includes analysis of a semiformal presentation of the specifications and designs, testing to ensure resistance to moderate threats, and covert channel analysis.
|
|
|
EAL 6
|
Common Criteria EAL: provides a high level of assurance to systems that face significant potential threats. The evaluation includes an analysis of design, development and implementation; testing to ensure resistance to serious threats; and identification of covert channels.
|
|
|
EAL 7
|
Common Criteria EAL: meant to evaluate systems that face extremely high risks. The evaluation includes an analysis of a formal presentation of the functional specifications and high level designs; independent testing; and confirmation of developer test results.
|
|
|
protection profile
|
Contains the set of security requirements and objectives for a category of products or systems. Used by the Common Criteria to evaluate products.
|
|
|
protection profile
|
What consists of these 5 things?
descriptive elements rationale functional requirements development assurance requirements, and evaluation assurance requirements |
|
|
ISO/IEC 27001:2005
|
concentrates on a company's information security management system, or ISMS – which is the way a company manages its information security.
|
|
|
ISO/IEC 27002
|
concentrates on how security controls are implemented, rather than on which controls are implemented. So it focuses on procedures that should be followed. It covers objectives for security measures, and provides industry best practices for security controls.
|
|
|
COBIT
|
The Information Systems Audit and Control Association – or ISACA – and the IT Governance Institute – also referred to as ITGI – developed a structure for IT management known as what?
|
|
|
COBIT
|
is a set of best practices for IT management. It provides standard measures and processes for maximizing the benefits of IT and developing appropriate IT governance and control in a company.
Defines security control objectives that a company should have as the basis for its security system. It's also commonly used for auditing, both internally and externally |
|
|
COBIT
|
High-level control objectives as defined by ______.
planning and organization attaining and executing production and maintenance, and observation and assessment |
