Access Control
Role Based(Non-discretionary) vs Discretionary Access Control
Discretionary Access Control allows the owner to manage permissions of their resources. In theory this was a good idea but most owners aren't proficient enough to manage the security of their resources effectively. This also isn't usually a priority for them. A good example of this would be giving new users permission but never removing any of the old users.
Role Based Access Control is very similiar but permissions are based on a role. Now an administrator can manage the security by assigning users to their appropriate roles and giving that role the necessary permissions. The key distinction besides the obvious is that in the DAC, only the owner can make the changes.
Detective Access Control
CRC is a Detective Access Control because it detects that the integrity has been breached.
Preventive vs Deterrent: 4 foot fence is deterrent - and 8 foot fence is preventive. I would argue that deterrent is a subset of preventive.
Types of Authentication
Type 1 -> 3 - Something you know, have, are
Bio-Metrics
Accuracy of Bio-Metrics: Fingerprint > Palm Scan > Hand Geometry > Retina Scan > Iris Scan
Zephyr Chart is used to compare different bio metric systems (by factoring in acceptance, etc.) When comparing like systems - use the CER (Cross Over Erorr Rate - where FRR meets FAR) AKA EER (Equal Error Rate)
Lower CER the Better.
Type 1 = FRR = Annoying
Type 2 = FAR = Breach
Leap: Cisco Proprietary version of EAP
CVE: Common Vulnerabilities and Exposures
Policies are high level and do not say how.
MITM: Man in the Middle
ACLs are used in Discretionary Access Controls. On CISSP - think decentralized workgroup file ACLS (NOT AD centralized ACLS)
Enticement vs Entrapment: You entice someone that is committing a crime to do something that you can record to catch them. Entrapment is 'enticing' someone to commit the crime in the first place. The line can get gray quickly - entrapment is illegal/unethical and serves as a defense for the criminal.
Sesame is an Assymetric version of SSO (Kerberos)
Biba (Integrity - no write down)
Attacks
Rainbow Table: precomputed password hashes - big file instead of computing time
SATAN is the first vulnerability scanner - renamed SANTA
Superzapping - program that bypasses normal security
Smurf - ping users across a network with spoofed source so that the spoofed source (victim) gets overwhelmed
LAND - SYN packet with source and destination ip and port as the target (most NICs are no longer vulnerable to this)
TRINOO - sort of bot net that was part of the yahoo DDOS attack of 2000.
SYN attack - AKA half open attack - target runs out of memory while trying to keep track of an infinite number of TCP sessions.
Chargen - Character Generator - can be used to cause systems to go into an infinite loop talking to themselves.
Ping of Death - icmp packets that are larger than allowed
Fraggle - wrote by the same author as Smurf - this attack is similiar to smurf only it uses echo instead of ping
Teardrop - crashes a victim by sending malformed IP fragments that are over sized and/or overlapping
MEME - hoax - usually a chain letter looking for victims to forward it throughout the internet
EICAR - is used to verify the functionaly of antivirus software. Simply an innocent signature that all vendors flag for test purposes
No comments:
Post a Comment