CISSP - Certified Information Systems Security Professional Study Guide, 2nd Edition (2004)
.pdf
Review Questions |
311 |
Review Questions
1.In the RSA public key cryptosystem, which one of the following numbers will always be largest?
A.e
B.n
C.p
D.q
2.Which cryptographic algorithm forms the basis of the El Gamal cryptosystem?
A.RSA
B.Diffie-Hellman
C.3DES
D.IDEA
3.If Richard wants to send an encrypted message to Sue using a public key cryptosystem, which key does he use to encrypt the message?
A.Richard’s public key
B.Richard’s private key
C.Sue’s public key
D.Sue’s private key
4.If a 2,048-bit plaintext message was encrypted with the El Gamal public key cryptosystem, how long would the resulting ciphertext message be?
A.1,024 bits
B.2,048 bits
C.4,096 bits
D.8,192 bits
5.Acme Widgets currently uses a 1,024-bit RSA encryption standard companywide. The company plans to convert from RSA to an elliptic curve cryptosystem. If it wishes to maintain the same cryptographic strength, what ECC key length should it use?
A.160 bits
B.512 bits
C.1,024 bits
D.2,048 bits
312 Chapter 10 PKI and Cryptographic Applications
6.John would like to produce a message digest of a 2,048-byte message he plans to send to Mary. If he uses the SHA-1 hashing algorithm, what size will the message digest for this particular message be?
A.160 bits
B.512 bits
C.1,024 bits
D.2,048 bits
7.Which one of the following message digest algorithms is considered flawed and should no longer be used?
A.SHA-1
B.MD2
C.MD4
D.MD5
8.Which one of the following message digest algorithms is the current U.S. government standard in use by secure federal information processing systems?
A.SHA-1
B.MD2
C.MD4
D.MD5
9.Richard received an encrypted message sent to him from Sue. Which key should he use to decrypt the message?
A.Richard’s public key
B.Richard’s private key
C.Sue’s public key
D.Sue’s private key
10.Richard would like to digitally sign a message he’s sending to Sue so that Sue can be sure the message came from him without modification while in transit. Which key should he use to encrypt the message digest?
A.Richard’s public key
B.Richard’s private key
C.Sue’s public key
D.Sue’s private key
Review Questions |
313 |
11.Which one of the following algorithms is not supported by the Digital Signature Standard?
A.Digital Signature Algorithm
B.RSA
C.El Gamal DSA
D.Elliptic Curve DSA
12.Which International Telecommunications Union (ITU) standard governs the creation and endorsement of digital certificates for secure electronic communication?
A.X.500
B.X.509
C.X.900
D.X.905
13.What cryptosystem provides the encryption/decryption technology for the commercial version of Phil Zimmerman’s Pretty Good Privacy secure e-mail system?
A.DES/3DES
B.IDEA
C.ECC
D.El Gamal
14.What TCP/IP communications port is utilized by Secure Sockets Layer traffic?
A.80
B.220
C.443
D.559
15.What type of cryptographic attack rendered Double DES (2DES) no more effective than standard DES encryption?
A.Birthday
B.Chosen ciphertext
C.Meet-in-the-middle
D.Man-in-the-middle
16.Which of the following security systems was created to support the use of stored-value payment cards?
A.SET
B.IPSec
C.MONDEX
D.PGP
314 Chapter 10 PKI and Cryptographic Applications
17.Which of the following links would be protected by WEP encryption?
A.Firewall to firewall
B.Router to firewall
C.Client to wireless access point
D.Wireless access point to router
18.What is the major disadvantage of using certificate revocation lists?
A.Key management
B.Latency
C.Record keeping
D.Vulnerability to brute force attacks
19.Which one of the following encryption algorithms is now considered insecure?
A.El Gamal
B.RSA
C.Skipjack
D.Merkle-Hellman Knapsack
20.What is the main disadvantage to the use of the El Gamal algorithm?
A.Size of encrypted messages
B.Time required to encrypt/decrypt
C.Insecurity of algorithm
D.Difficulty of creating keys
Answers to Review Questions |
315 |
Answers to Review Questions
1.B. The number n is generated as the product of the two large prime numbers p and q. Therefore, n must always be greater than both p and q. Furthermore, it is an algorithm constraint that e must be chosen such that e is smaller than n. Therefore, in RSA cryptography. n is always the largest of the four variables shown in the options to this question.
2.B. The El Gamal cryptosystem extends the functionality of the Diffie-Hellman key exchange protocol to support the encryption and decryption of messages.
3.C. Richard must encrypt the message using Sue’s public key so that Sue can decrypt it using her private key. If he encrypted the message with his own public key, the recipient would need to know Richard’s private key to decrypt the message. If he encrypted it with his own private key, any user could decrypt the message using Richard’s freely available public key. Richard could not encrypt the message using Sue’s private key because he does not have access to it. If he did, any user could decrypt it using Sue’s freely available public key.
4.C. The major disadvantage of the El Gamal cryptosystem is that it doubles the length of any message it encrypts. Therefore, a 2,048-bit plaintext message would yield a 4,096-bit ciphertext message when El Gamal is used for the encryption process.
5.A. The elliptic curve cryptosystem requires significantly shorter keys to achieve encryption that would be the same strength as encryption achieved with the RSA encryption algorithm. A 1,024-bit RSA key is cryptographically equivalent to a 160-bit elliptic curve cryptosystem key.
6.A. The SHA-1 hashing algorithm always produces a 160-bit message digest, regardless of the size of the input message. In fact, this fixed-length output is a requirement of any secure hashing algorithm.
7.C. The MD4 algorithm has documented flaws that produce collisions, rendering it useless as a hashing function for secure cryptographic applications.
8.A. SHA-1 is the current U.S. government standard, as defined in the Secure Hashing Standard (SHS), also known as Federal Information Processing Standard (FIPS) 180. Several newer algorithms (such as SHA-256, SHA-384, and SHA-512) are being considered to replace SHA-1 and make it cryptographically compatible with the stronger Advanced Encryption Standard.
9.B. Sue would have encrypted the message using Richard’s public key. Therefore, Richard needs to use the complementary key in the key pair, his private key, to decrypt the message.
10.B. Richard should encrypt the message digest with his own private key. When Sue receives the message, she will decrypt the digest with Richard’s public key and then compute the digest herself. If the two digests match, she can be assured that the message truly originated from Richard.
11.C. The Digital Signature Standard allows federal government use of the Digital Signature Algorithm, RSA, or the Elliptic Curve DSA in conjunction with the SHA-1 hashing function to produce secure digital signatures.
12.B. X.509 governs digital certificates and the public key infrastructure (PKI). It defines the appropriate content for a digital certificate and the processes used by certificate authorities to generate and revoke certificates.
316 Chapter 10 PKI and Cryptographic Applications
13.B. Pretty Good Privacy uses a web of trust system of digital signature verification. The encryption technology is based upon the IDEA private key cryptosystem.
14.C. Secure Sockets Layer utilizes TCP port 443 for encrypted client/server communications.
15.C. The meet-in-the-middle attack demonstrated that it took relatively the same amount of computation power to defeat 2DES as it does to defeat standard DES. This led to the adoption of Triple DES (3DES) as a standard for government communication.
16.C. The MONDEX payment system, owned by MasterCard International, provides the cryptographic technology necessary to support stored-value payment cards.
17.C. The Wired Equivalent Privacy protocol encrypts traffic passing between a mobile client and the wireless access point. It does not provide end-to-end encryption.
18.B. Certificate revocation lists (CRLs) introduce an inherent latency to the certificate expiration process due to the time lag between CRL distributions.
19.D. The Merkle-Hellman Knapsack algorithm, which relies upon the difficulty of factoring superincreasing sets, has been broken by cryptanalysts.
20.A. The El Gamal algorithm doubles the size of the plaintext message when it creates the ciphertext.
Chapter |
Principles of |
11 |
Computer Design |
|
|
THE CISSP EXAM TOPICS COVERED IN THIS |
|
|
CHAPTER INCLUDE: |
|
Principles of Common Computer and Network |
|
Organizations, Architectures, and Designs |
In previous chapters of this book, we’ve taken a look at basic security principles and the protective mechanisms put in place to prevent violation of them. We’ve also examined some of the spe-
cific types of attacks used by malicious individuals seeking to circumvent those protective mechanisms. Until this point, when discussing preventative measures we have focused on policy measures and the software that runs on a system. However, security professionals must also pay careful attention to the system itself and ensure that their higher-level protective controls are not built upon a shaky foundation. After all, the most secure firewall configuration in the world won’t do a bit of good if the computer it runs on has a fundamental security flaw that allows malicious individuals to simply bypass the firewall completely.
In this chapter, we’ll take a look at those underlying security concerns by conducting a brief survey of a field known as computer architecture: the physical design of computers from various components. We’ll examine each of the major physical components of a computing system—hardware and firmware—looking at each from a security perspective. Obviously, the detailed analysis of a system’s hardware components is not always a luxury available to you due to resource and time constraints. However, all security professionals should have at least a basic understanding of these concepts in case they encounter a security incident that reaches down to the system design level.
The federal government takes an active interest in the design and specification of the computer systems used to process classified national security information. Government security agencies have designed elaborate controls, such as the TEMPEST program used to protect against unwanted electromagnetic emanations and the Orange Book security levels that define acceptable parameters for secure systems.
This chapter also introduces two key concepts: security models and security modes, both of which tie into computer architectures and system designs A security model defines basic approaches to security that sit at the core of any security policy implementation. Security models address basic questions such as: What basic entities or operations need security? What is a security principal? What is an access control list? and so forth. Security models covered in this chapter include state machine, Bell-LaPadula, Biba, Clark-Wilson, information flow, noninterference, Take-Grant, access control matrix, and Brewer and Nash models.
Security modes represent ways in which systems can operate depending on various elements such as the sensitivity or security classification of the data involved, the clearance level of the user involved, and the type of data operations requested. A security mode describes the conditions under which a system runs. Four such modes are recognized: dedicated security, system-high security, compartmented security, and multilevel security modes; all covered in detail in this chapter.
The next chapter, “Principles of Security Models,” examines how security models and security modes condition system behavior and capabilities and explores security controls and the criteria used to evaluate compliance with them.
Computer Architecture |
319 |
Computer Architecture
Computer architecture is an engineering discipline concerned with the design and construction of computing systems at a logical level. Many college-level computer engineering and computer science programs find it difficult to cover all the basic principles of computer architecture in a single semester, so this material is often divided into two one-semester courses for undergraduates. Computer architecture courses delve into the design of central processing unit (CPU) components, memory devices, device communications, and similar topics at the bit level, defining processing paths for individual logic devices that make simple “0 or 1” decisions. Most security professionals do not need that level of knowledge, which is well beyond the scope of this book. However, if you will be involved in the security aspects of the design of computing systems at this level, you would be well advised to conduct a more thorough study of this field.
Hardware
Any computing professional is familiar with the concept of hardware. As in the construction industry, hardware is the physical “stuff” that makes up a computer. The term hardware encompasses any tangible part of a computer that you can actually reach out and touch, from the keyboard and monitor to its CPU(s), storage media, and memory chips. Take careful note that although the physical portion of a storage device (such as a hard disk or SIMM) may be considered hardware, the contents of those devices—the collections of 0s and 1s that make up the software and data stored within them—may not. After all, you can’t reach inside the computer and pull out a handful of bits and bytes!
Processor
The central processing unit (CPU), generally called the processor, is the computer’s nerve center— it is the chip, or chips in a multiprocessor system, that governs all major operations and either directly performs or coordinates the complex symphony of calculations that allows a computer to perform its intended tasks. Surprisingly, the CPU is actually capable of performing only a limited set of computational and logical operations, despite the complexity of the tasks it allows the computer to perform. It is the responsibility of the operating system and compilers to translate highlevel programming languages used to design software into simple assembly language instructions that a CPU understands. This limited range of functionality is intentional—it allows a CPU to perform computational and logical operations at blazing speeds, often measured in units known as MIPS (million instructions per second). To give you an idea of the magnitude of the progress in computing technology over the years, consider this: The original Intel 8086 processor introduced in 1978 operated at a rate of 0.33 MIPS (that’s 330,000 calculations per second). A reasonably current 3.2GHz Pentium 4 processor introduced in 2003 operates at a blazing speed of 3,200 MIPS, or 3,200,000,000 calculations per second, almost 10,000 times as fast!
Execution Types
As computer processing power increased, users demanded more advanced features to enable these systems to process information at greater rates and to manage multiple functions simultaneously. Computer engineers devised several methods to meet these demands.
320 Chapter 11 Principles of Computer Design
At first blush, the terms multitasking, multiprocessing, multiprogramming, and multithreading may seem nearly identical. However, they describe very different ways of approaching the “doing two things at once” problem. We strongly advise that you take the time to review the distinctions between these terms until you feel comfortable with them.
MULTITASKING
In computing, multitasking means handling two or more tasks simultaneously. In reality, most systems do not truly multitask; they rely upon the operating system to simulate multitasking by carefully structuring the sequence of commands sent to the CPU for execution. After all, when your processor is humming along at 3,200 MIPS, it’s hard to tell that it’s switching between tasks rather than actually working on two tasks at once.
MULTIPROCESSING
In a multiprocessing environment, a multiprocessor computing system (that is, one with more than one CPU) harnesses the power of more than one processor to complete the execution of a single application. For example, a database server might run on a system that contains three processors. If the database application receives a number of separate queries simultaneously, it might send each query to a separate processor for execution.
Two types of multiprocessing are most common in modern systems with multiple CPUs. The scenario just described, where a single computer contains more than one processor controlled by a single operating system, is called symmetric multiprocessing (SMP). In SMP, processors share not only a common operating system, but also a common data bus and memory resources. In this type of arrangement, systems may use a large number of processors. Fortunately, this type of computing power is more than sufficient to drive most systems.
Some computationally intensive operations, such as those that support the research of scientists and mathematicians, require more processing power than a single operating system can deliver. Such operations may be best served by a technology known as massively parallel processing (MPP). MPP systems house hundreds or even thousands of processors, each of which has its own operating system and memory/bus resources. When the software that coordinates the entire system’s activities and schedules them for processing encounters a computationally intensive task, it assigns responsibility for the task to a single processor. This processor in turn breaks the task up into manageable parts and distributes them to other processors for execution. Those processors return their results to the coordinating processor where they are assembled and returned to the requesting application. MPP systems are extremely powerful (not to mention extremely expensive!) and are the focus of a good deal of computing research.
Both types of multiprocessing provide unique advantages and are suitable for different types of situations. SMP systems are adept at processing simple operations at extremely high rates, whereas MPP systems are uniquely suited for processing very large, complex, computationally intensive tasks that lend themselves to decomposition and distribution into a number of subordinate parts.