A. (star) Security Property B

Review Questions 
317
19.
What security model has a feature that in theory has one name or label, but when 
implemented into a solution, takes on the name or label of the security kernel?
A.
Graham-Denning model
B.
Deployment modes
C.
Trusted computing base
D.
Chinese Wall
20.
Which of the following is not part of the access control relationship of the Clark-Wilson 
model?
A.
Object
B.
Interface
C.
Programming language
D.
Subject

Chapter 
9
Security 
Vulnerabilities, 
Threats, and 
Countermeasures
The CISSP exam ToPICS CoVered In 
ThIS ChaPTer InClude:
✓
Domain 3: Security Architecture and Engineering
■
3.5 Assess and mitigate the vulnerabilities of security archi-
tectures, designs, and solution elements
■
3.5.1 Client-based systems
■
3.5.2 Server-based systems
■
3.5.3 Database systems
■
3.5.5 Industrial control systems (ICS)
■
3.5.6 Cloud-based systems
■
3.5.7 Distributed systems
■
3.5.8 Internet of Things (IoT)
■
3.6 Assess and mitigate vulnerabilities in web-based systems
■
3.7 Assess and mitigate vulnerabilities in mobile systems
■
3.8 Assess and mitigate vulnerabilities in embedded devices

In previous chapters of this book, we’ve covered basic secu-
rity principles and the protective mechanisms put in place to 
prevent violation of them. We’ve also examined some of the 
specific types of attacks used by malicious individuals seeking to circumvent those protec-
tive mechanisms. Until this point, when discussing preventive measures, we have focused 
on policy measures and the software that runs on a system. However, security professionals 
must also pay careful attention to the system itself and ensure that their higher-level protec-
tive controls are not built on a shaky foundation. After all, the most secure firewall con-
figuration in the world won’t do a bit of good if the computer it runs on has a fundamental 
security flaw that allows malicious individuals to simply bypass the firewall completely.
In this chapter, we’ll cover those underlying security concerns by conducting a brief 
survey of a field known as 
computer architecture
: the physical design of computers from 
various components. We’ll examine each of the major physical components of a comput-
ing system—hardware and firmware—from a security perspective. Obviously, the detailed 
analysis of a system’s hardware components is not always a luxury available to you because 
of resource and time constraints. However, all security professionals should have at least 
a basic understanding of these concepts in case they encounter a security incident that 
reaches down to the system design level.
The Security Engineering domain addresses a wide range of concerns and issues, includ-
ing secure design elements, security architecture, vulnerabilities, threats, and associated 
countermeasures. Additional elements of this domain are discussed in various chap-
ters: Chapter 6, “Cryptography and Symmetric Key Algorithms,” Chapter 7, “PKI and 
Cryptographic Applications,” Chapter 8, “Principles of Security Models, Design, and 
Capabilities,” and Chapter 10, “Physical Security Requirements.” Please be sure to review 
all of these chapters to have a complete perspective on the topics of this domain.
Assess and Mitigate Security 
Vulnerabilities
Computer architecture
is an engineering discipline concerned with the design and construc-
tion of computing systems at a logical level. Many college-level computer engineering and 
computer science programs find it difficult to cover all the basic principles of computer 
architecture in a single semester, so this material is often divided into two one-semester 
courses for undergraduates. Computer architecture courses delve into the design of central 

Assess and Mitigate Security Vulnerabilities 
321
processing unit (CPU) components, memory devices, device communications, and simi-
lar topics at the bit level, defi ning processing paths for individual logic devices that make 
simple “0 or 1” decisions. Most security professionals do not need that level of knowledge, 
which is well beyond the scope of this book and the CISSP exam. However, if you will be 
involved in the security aspects of the design of computing systems at this level, you would 
be well advised to conduct a more thorough study of this fi eld. 
This initial discussion of computer architecture may seem at fi rst to be irrelevant to 
CISSP, but most of the security architectures and design elements are based on a solid 
understanding and implementation of computer hardware. 
The more complex a system, the less assurance it provides. More com-
plexity means that more areas for vulnerabilities exist and more areas must 
be secured against threats. More vulnerabilities and more threats mean that 
the subsequent security provided by the system is less trustworthy.

Download 19,3 Mb.

Do'stlaringiz bilan baham: