Filename: isc2-acceleratedcissp-2018-3-1-18-security-architecture-and-engineering-key-points

Show Name: Accelerated CISSP (2018)

Topic Name: Security Architecture and Engineering
Episode Name: Security Architecture and Engineering - Key Points
Description: Adam and Ronnie discuss the main key points for studying in
Domain 3.

Security Architecture and Engineering - Key Points

Domain: Security Architecture and Engineering

Security Architecture and Engineering - Key points

1. Role C | I | A play in cryptosystems

2. How are cryptosystems used to achieve authentication goals?

3. VO CAB U LARY !!!!

4. Code vs. Cipher

5. One Time Pads

6. Zero Knowledge Proofs

7. Split Knowledge

8. Work Factor

9. Importance of Key Management & security

10. Symmetric vs. Asymmetric - EVERY SINGLE THING WE DISCUSSED !!!

11. Everything DES (yes, EVERYTHING !!!)

12. AES

13. Hashing

14. Digital Signatures

15. PKI

16. Why is salting & peppering important to the security of a passwords

17. Digital Signature Standard (DSS)

18. Encryption as applied to:

a. networking
b. e-mail
c. applications
d. wireless
e. web

19. IPSec

20. How we attack cryptosystems

21. Access Control Models --> KNOW THEM !!

a. State Machine
b. Information Flow
c. Noninterference
d. Take-Grant
e. Access Control Matrix
f. Bell-LaPadula
g. Biba
h. Clark-Wilson
i. Goguen-Meseguer
j. Sutherland
k. Graham-Denning
L. Harrison-Ruzzo-Ullman

22. Certification & Accreditation

23. Open vs. Closed system

24. Confinement | Bounds | Isolation - they all have to do with memory access

25. Subject vs. Object

26. What is a security control?

27. Classes of TCSEC | ITSEC | Common Criteria

Comparing Evaluation Standards:

TCSEC ITSEC CC Protection

D F-D + E0 EAL0/EAL1 Minimal protection

C1 F-C1 + E1 EAL2 Discretionary Security

C2 F-C2 + E2 EAL3 Controlled Access

B1 F-B1 + E3 EAL4 Labeled Security

B2 F-B2 + E4 EAL5 Structured Security

B3 F-B3 + E5 EAL6 Security Domains

A1 F-B3 + E6 EAL7 Verified Design

28. What is the Trusted Computing Base?

29. What is a security perimeter?

30. What is a reference monitor?

31. What is the security kernel?

32. Security capabilities of information systems:

a. memory protection
b. virtualization
c. Trusted Platform Module (TPM)

33. Multi ... (tasking | threading | processing | programming)

34. Single vs. multi state processors

35. Four security modes used by the U.S. Gov't:

a. Dedicated
b. System-High
c. Compartmented
d. Multilevel

36. Kernel vs. User mode

37. What are the different types of memory used by computers?

38. What are the security issues associated with memory?

39. What are the characteristics of storage used by computers?

40. What are the security issues associated with storage?

41. What is firmware? why do we use it?

42. What are ...? (process isolation | layering | abstraction | data hiding |
hardware segmentation)
 43. What is the impact of security policy on ... (design | implementation |
testing | deployment)

44. CLOUD !!!

45. IoT !

46. Mobile Devices !

47. Embedded systems & static environments

48. How do ... (Least Privilege | Separation of Duties | Accountability) apply

to secure system design?

49. What are buffer overflows?

50. What is Input Validation (checking)?

51. Common security flaws in system architecture:

a. buffer overflow
b. backdoors
c. TOC/TOU attacks
d. Unregulated state changes
e. covert channels

52. What are key elements to consider for site selection & secure design?

53. What are wiring closet security concerns?

54. What are common issues associated with power?

55. What are the temperature & humidity ranges required for safe operation of
equipment?

56. What are the types of sprinkler systems?

57. What are the common fire detection systems?