ISC(2) CISSP Revision Notes – Security Architectural Design
Building it safely and being aware of those things that can threaten things.
[alert style=”red”]In NO way should these notes be used as your sole source of study for the CISSP exam. These notes lack things completely that could be included on your exam. I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning. For further information see my CISSP Study and Exam Tips.[/alert]
ISC(2) CISSP Revision Notes – Study and Exam Tips
ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP
ISC(2) CISSP Revision Notes – Access Control
ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning
ISC(2) CISSP Revision Notes – Cryptography
ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management
ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance
ISC(2) CISSP Revision Notes – Operations Security
ISC(2) CISSP Revision Notes – Security Architectural Design (You are here)
ISC(2) CISSP Revision Notes – Software Development Security
ISC(2) CISSP Revision Notes – Telecommunications and Network Security
Architecture
Hardware
- CPU
- Arithmetic Logic Unit (ALU): + – * / etc
- Bus Interface Unit (BIU): Supervision over bus
- Control Unit: Coordinates CPU components
- Decode Unit: Individual commands
- Floating-Point Unit: Calculates floats
- Memory Management Unit (MMU):
- Pre-fetch Unit:
- Protection Test Unit (CPV):
Software
- Operating System Components
- Kernel: Allows processes, control of hardware, comms
- Device Drivers: Software to control internal and external devices
- Tools: 3rd Party Software
Operating Systems Functions
- Process Management: Multiple independent processes
- Resource Management
- IO Device Management
- Memory Management
- File Management
- Communication Management
Virtualisation: Hypervisor and Guests
Security Architecture
Trusted Computing Base (TCB)
- Total combination of protection within a system including software, hardware and firmware
- Access control
- Reference Monitor: Enforces AC on an object
- Security Kernel: Encompassing the above
- Open vs Closed Systems: Opensource vs proprietary
Protection Rings: “Onion” with privileged center, eg MIT MULTICS
Security Modes
- How a system handles stored information
- Dedication: Users must have a clearance level appropriate to the highest level of the system (need to know)
- System High: (As Dedicated) doesn’t “need to know”
- Multilevel: Different levels on TCB, appropriate clearance level
- Limited Access: Highest confidentiality is SBU
Recovery Procedures
- Fault Tolerant: Must continue to operate after a fault and detect and correct from a fault
- Fail-safe Systems: When fault is detected execution is terminated
- Fail-soft (Resilient) Systems: Degrades performance after fault
- Failover System: Clustered approach
Vulnerabilities in Security Architectures
- Covert Channels: Unknown comms within system
- Rootkits: Difficult to detect
- Race Conditions: Thrashing over a resource
- State Attacks: Prevent session hijacking
- Emanations: Electromagnetic or acoustic energy checking
Security Countermeasures
Defense in Depth: eg firewalls, hardened OS, etc
System Hardening: Remote unneccesary components, accounts, ports, password policies, etc
Heterogeneous: Multiple OS won’t share same vulnerabilities, vs ease of admin
System Resilience
Filter Malicious Inputs: Reject inputs which may be an attack, think WAF, SQL Views
Redundant Components: eg RAID
Security Countermeasures: Reveal as little about the system as possible, least privilege for processes, disable services, strong authentication
Security Models
Confidentiality: Access and authorisation, vulnerability management, sound design
Integrity: Access and authorization, input control and output control
Availability: Resilient hardware/software. Sound configuration and change management
Access Control
Bell-LaPadula: Confidentiality
Bib & Clark-Wilson: Integrity
Evaluation Criteria
Trusted Computer System Evaluation Criteria (TCSEC)
- Measurement (assessing levels of trust)
- Acquisition (Standard for Acquisition Requirements)
- DEC, MAC, Labels, etc
- Assurance: Architecture, integrity, covert channels, trusted recovery, security testing, configuration management
- Accountability: Identification and authentication, trusted path, audit
- Documentation: User guide, admin guide, test docs, etc
Trusted Network Interpretation (TNI)
- TN1: Configuration and integrity
- TN2: Additional services such as comms and networks
European Info Tech Security Evaluation Criteria (ITSEC)
- Addresses CIA, as well as functionality and assurance
Common Criteria & EAL
TCSEC | ITSEC Functional | ITSEC Evaluation | CC | |
D | E0 | EAL1 & EAL0 | DAC | |
C1 | F-C1 | E1 | EAL2 | DAC |
C2 | F-C2 | E2 | EAL3 | MAC |
B1 | F-B1 | E3 | EAL4 | MAC |
B2 | F-B2 | E4 | EAL5 | MAC |
B3 | F-B3 | E5 | EAL6 | MAC |
A1 | F-B3 | E6 | EAL7 | MAC |
Beyond A1 | F-IN | |||
F-AV | ||||
F-DI | ||||
F-DC | ||||
F-DX |
System Certification & Accreditation
Formal methodology for comprehensive testing on documentation
Accreditation is an official written approval, must be updated when changes are made
Defense Information Technology Security Certification & Accreditation Process (DITSCAP)
- Used by military and government bodies
- Definition: Organisations systems, mission, environment and architecture
- Verification: Base-line security requirements
- Post-accreditation: Ongoing to maintain creditation
National Information Assurance Certification & Accreditation Process (NIACAP)
- US national security
- Site Accreditation: specific location
- Type Accreditation: Specific App or system at multiple locations
- System Accreditation: Specific App at specific location
[alert style=”red”]In NO way should these notes be used as your sole source of study for the CISSP exam. These notes lack things completely that could be included on your exam. I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning. For further information see my CISSP Study and Exam Tips.[/alert]
2 Comments
[…] Investigations and Compliance ISC(2) CISSP Revision Notes – Operations Security (You are here) ISC(2) CISSP Revision Notes – Security Architectural Design ISC(2) CISSP Revision Notes – Software Development Security ISC(2) CISSP Revision Notes – […]
[…] Regulatory, Investigations and Compliance ISC(2) CISSP Revision Notes – Operations Security ISC(2) CISSP Revision Notes – Security Architectural Design ISC(2) CISSP Revision Notes – Software Development Security ISC(2) CISSP Revision Notes – […]