Home
Browse
Create
Search
Log in
Sign up
Upgrade to remove ads
Only $2.99/month
CompTIA Advanced Security Practitioner CAS-002
STUDY
Flashcards
Learn
Write
Spell
Test
PLAY
Match
Gravity
Terms in this set (42)
Systems Development Life Cycle (SDLC) Steps
Requirements
Feasibility
Design
Development
Implementation
Postimplementation
Maintenance
SDLC - Requirements
Define the purpose of the project and what customer needs have to be met. Distill the customer needs into a set of testable system requirements, including security controls.
SDLC - Feasibility
Determine whether sufficient resources are available to develop software meeting the customer's requirements.
SDLC - Design
Develop a design specification and verify that it addresses all requirements.
SDLC - Development
Write code, verify that it conforms to the design specification, and test it to validate that it meets all system requirements.
SDLC - Implementation
Installation by the customer, final user testing, and placing software into operation.
SDLC - Postimplementation
Formal review to evaluate the adequacy of the system. A cost-benefit analysis and review can be performed to determine the value of the project and to improve future projects.
SDLC - Maintenance
Feature enhancements in response to user experience, and security patches in response to emerging threats, with full regression testing of all software changes before they are released.
TCSEC
Trusted Computer System Evaluation Criteria
One of the original testing criteria
AKA Orange Book
4 categories
TCSEC Categories
Verified Protection - A-rated
Mandatory Security - B-rated
Discretionary Protection - C-rated
Minimal Protection - D-rated
ITSEC
Examines CIA of an entire system.
Contains 10 functionality classes and 7 assurance classes.
Common Criteria
Created by International Standards Organization
ISO 15408
8 levels of assurance
EAL 0
Inadequate Assurance
EAL 1
Functionality Tested
EAL 2
Structurally Tested
EAL 3
Methodically checked and tested
EAL 4
Methodically designed, tested, and reviewed
EAL 5
Semi-formally designed and tested
EAL 6
Semi-formally verified, designed, and tested
EAL 7
Formally verified, designed, and tested
TOS
Trusted Operating System
Defined as one that has implemented sufficient controls to support multilevel security.
Basic Attributes of TOS
Hardware Protection
Long-Term Protected Storage
Isolation
Separation of User Processes from Supervisor Processes
Bell-Lapadula
Enforces confidentiality
Used by the Department of Defense
Defined by the following:
Simple Security - no read up
Star Security - no write down
Biba
Addresses concerns of integrity.
Availability and confidentiality are not examined.
Focuses on external threats.
Clark-Wilson
Intended to be used for commercial activities.
Capability-based security.
Controls internal consistency of the system, and was developed to ensure that data can only be manipulated in ways that protect consistency.
Dictates that separation of duties must be enforced, subjects must access data through an application, and auditing is required.
Brewer and Nash
"The Chinese Wall"
Prevents conflicts of interest.
Users working on one side of the wall cannot see data on the other side of the wall.
Vector-Oriented
This approach focuses on common vectors used to launch an attack.
Examples include disabling autorun on USB thumb drives, disabling USB ports, and removing CD/DVD burners.
Information Centric
Focuses on layering controls on top of the data.
Examples include information controls, application controls, host controls, and network controls.
Protected Enclaves
Specifies that some areas are of greater importance than others.
Controls may include VPNs, strategic placement of firewalls, deployment of VLANs, and restricted access to segments of the network.
Patch Management
Key to keeping applications and operating systems secure. The organization should have a well-developed patch management testing and deployment system in place. Patches should be sandboxed for safety prior to distribution.
Host-Based Firewalls
Defense in depth dictates that the company should consider not just enterprise firewalls but also host-based firewalls.
Log Monitoring
Primary detection control.
Can be used to identify problems and find acceptable solutions to ongoing issues and security concerns.
Change Monitoring
Change must be controlled and occur in an orderly manner. Change control procedures should map out how changes are approved and rolled out, and how end users are informed.
Configuration Lockdown
Used to prevent unauthorized changes.
Not just anyone should have the ability to make changes to equipment and hardware.
Availability Controls
Deal with the company's ability to have data available when needed. Some common solutions include RAID, redundant servers, and cloud storage.
Viruses
Piece of software designed to infect a computer system.
Usually gain access to a system by email, network, or CD/DVD/USB media.
Worms
Require no interaction on the user's part to replicate and spread. The RTM worm is known as the first worm and was created y Robert Morris in 1988.
Spyware
May perform key logging, redirect users to un-requested websites, flood the user with popups, or monitor user activity.
Trojans
Programs that present themselves as something useful but contain malicious payloads.
Spam
Unsolicited email.
Secure Boot
Makes sure that your PC boots using only software that is trusted by the device manager.
Measured Launch
This method works with TPM and the secure boot process to determine if an OS is allowed to load and what portions it can execute.
THIS SET IS OFTEN IN FOLDERS WITH...
CASP
43 terms
CAS 002 239Q pt 2
82 terms
CASP
170 terms
Comptia+ CASP Chapters 6-10
100 terms
YOU MIGHT ALSO LIKE...
CISSP Operations Security
18 terms
Chapter 8
11 terms
Audit Exam 3: Chapter 12
84 terms
AIS Ch. 8
78 terms