Select Page

Security Engineering Key Concepts

CISSP

  • Switched Multimegabit Data Service (SMSD)
    • Definition: A connectionless packet-switching technology often used to connect multiple LANs, forming a Metropolitan Area Network (MAN) or a Wide Area Network (WAN). It was a forerunner to Asynchronous Transfer Mode (ATM) due to the similar technologies used.
  • DHCP Snooping
    • Purpose: A security feature used to protect networks from unauthenticated DHCP clients. It helps prevent unauthorized devices from gaining access to network resources.
  • Industrial Control System (ICS)
    • Definition: A computer-management device that controls industrial processes and machines. ICSs are critical in industries like manufacturing, electricity generation, water distribution, sewage processing, and oil refining.
    • Forms of ICS:
      • Distributed Control Systems (DCSs): Used for process control in industrial environments.
      • Programmable Logic Controllers (PLCs): Specialized computers used to control machinery.
      • Supervisory Control and Data Acquisition (SCADA): Systems that monitor and control industrial processes.
  • Kerckhoffs’s Principle
    • Definition: A principle in cryptography stating that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.
  • Input and Parameter Checking
    • Purpose: Ensures that data provided as input is limited and validated to prevent security vulnerabilities like buffer overflows. Proper data validation is crucial for maintaining system integrity.
  • Side-Channel Attack
    • Definition: A passive, non-invasive attack that observes the operation of a device (e.g., a smartcard) to extract valuable information, such as encryption keys, without directly interacting with the system.
  • Transitive Trust
    • Definition: If Domain A trusts Domain B and Domain B trusts Domain C, then Domain A automatically trusts Domain C. This trust relationship extends not only between the two original domains but also to all their subdomains.
    • Implication: Transitive trust can potentially broaden the access across multiple domains, which may need to be carefully managed to maintain the principle of least privilege.
  • Nontransitive Trust
    • Definition: A direct trust relationship between two security domains that does not extend to other domains. It allows subjects in one domain to access objects in the other domain but does not extend that trust further.
    • Implication: Nontransitive trust enforces the principle of least privilege by limiting trust to a single domain at a time, thereby providing tighter control over access between domains.

Latest Post:

Pin It on Pinterest