RCR 042: Manage Engineering Secure Design (CISSP Domain 3)
Jun 24, 2019Description:
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
In this episode, Shon will talk about the following items that are included within Domain 3 (Security Architecture and Engineering) of the CISSP Exam:
- CISSP / Cybersecurity Integration – Trusted Computing Base (TCB)
- CISSP Training – Manage Engineering Processes Using Secure Design
- CISSP Exam Question – CIA / TPM
BTW - Get access to all my CISSP Training Courses here at: http://reducecyberrisk.com/cissp-training/
Want to find Shon Gerber / Reduce Cyber Risk elsewhere on the internet?
LinkedIn – www.linkedin.com/in/shongerber
Facebook - https://www.facebook.com/CyberRiskReduced/
LINKS:
- ISC2 Training Study Guide
- Quizlet
- Tech Target
- Wikipedia
- Wiley
TRANSCRIPT:
what color do cyberis podcast July 1st 2019 episode 42 domain 3 security architecture and engineering reduce cyber risk podcast where we provide you the training tools you need to pass the cissp exam while enhancing your cybersecurity career hi my name is Sean Gerber and I'm your host for this action-packed informative podcast each week cuz I provide the information you need to grow your cybersecurity knowledge so that you're better prepared to pass the cissp exam reduce cyber risk and I hope you're all having a beautiful day today it's a gorgeous day here in Wichita Kansas awesome day India Wichita Kansas well-to-do we have some great things were going to be happening in the cissp training field and where we talkin today on our cissp is security Integrations going to run trusted Computing base otherwise known as the TCB our overall training going to be on domain to using secure design finally the cissp exam question is going to be focusing on the CIA triangle and TPM platform module I think it's what is depth but we'll get it out of here just a little bit but before we do want to get quick put a quick shout-out about my cissp training courses that are available for your purchase at udemy.com and you can catch those up at you to meet you also can go to reduce cyber risk. Com cissp training and you can get access to the udemy courses that I have available I have put out there all of the cissp courses domains 1 through 8 are all available for you to go get at you to me and as you well know you dummies bargain-basement prices are actually pretty incredible I mean it's just it's amazing what they offer from a pricing standpoint but the cool part about all that is I will put updates to those on a routine basis each of those domains will be updated on a weekly basis based on the content that's pulled out so it is a great place for you to go get your cissp training to help you augment your studying for the cissp exam so go check it out at udemy.com or at reduced cyrus.com cissp training okay in the cissp cyber security integration we're going to be talkin about 3.2 fundamental concepts of security models and how does this work well basically what I end up doing is I take the is c squared training manual that they put out that goes over what you need to understand for the cissp from is c squared and I break it down into the different chapters and subdomains that they have is what I've done to which basically focuses on the fundamental concepts of security model these are the key aspects and day that you're going to need to understand for the cissp exam and they took the key Concepts the key understandings and we will go over all of that with you here on reduce our risk nation of creating securecode and when you're dealing with when you're trying to come up with and I have a development work for me so why do with this on a routine basis as relating to development development of code for my my team and for to protect our company associate Security mechanism so it doesn't is the code that would go into a potential CMS it also means the operating system code which would be in let's just say XP which is really really old but people still do it or Windows 2008 server or whatever it might be in SQL Server whatever the bottom line is that the operating system itself needs to have the level of security put into the actual development of the code for this also be Bebe the hardware the physical locations the network Hardware software and eye procedures you need to really include in all that you do now there's some key Provisions you need to follow authorization resources user authentication and the backup of the data so some key Concepts and it when it comes into the provisions it's who has access how do they have access who hasn't correct authorizations for those Pacific resources whether it's even an individual account or to potentially a service account something that is accessing it to just run the system user authentication and then also how do you backup the data and how is that data secure all of those key pieces are fundamental in when you're dealing with the concepts around security models TCB that the history around this is this came from a gentleman by the name of John Rush be by feet they call me Shawn or Sean just grab my piercer that to me by the way if your parents don't do that your children just just don't do it just say no just play like home bill or Fred was very good names my friends call me Enrique so if you don't feel no you can call me Enrique but basically trying to rush me to find TCB the combination of a colonel and trusted processes now what does this actually mean this isn't Colonel like a kernel of corn that you would get and you drew out in your field or in your plot of land but this is a colonel it's too tied to the hardware and the software these are trusted processes that run level of software that runs as a trusted process within the width on the colonel now these are designed to be very very small in size and in so therefore as their Smalls are they can't be very big right hand small inside but they also have to be lightweight and be able to run very quickly and efficiently and these are a set of controls are designed to work together to form a trusted base a base coat to enforce the security policy on that Colonel now we talked about the orange the different books that are available last week but the rainbow series so far well the orange book is a part of the rainbow series and it defines the TCB as this is a total the totality of protection mechanisms within it include Hardware firmware and software the combination of which is responsible for enforcing a computer security policy against the policies are there not like a policy that you would make to go cray law I mean that kind of our but they're not it's basically the rules set up to to govern how Securities in play putting place on a specific system so those of the deposit and you'll do with policies in security policies that are within your company as a cissp or cyber security professional you may end up putting some level of policies in place and these are a written document that specify how things need to be taken care of so there's those kind of policies as well Define that the boundaries of TCB depends significantly on the definition of the security policy hands defines where they can get access where they can't get access so as an example of web server now this is a multi-user application right web servers left people log into a lot of people use them from Edmonds that log into him to the fact that there's just people gobs of people hit them from all over the world it is not part of the OSS TCB okay so the web server itself is not part of that diet provides access controls are permitted individuals from usurping other people right so you can't be a squatter go in there and kick somebody out if there are various access controls in place to prevent that from occurring not a breach of the application so of the web server application whatever that might be whatever you're using would be would not constitute a breach of the OST CB2 what's the layer above the TCB about above the overall OS itself and you are God on the application you do not necessarily have access to the OSS TCB so as a TCB software protection orange boot book speaks of the TCB needing to be protected against tampering right you don't want someone to get access to that cuz if they get access to your trust in Computing base their game over they own it all cakes that's kind of a problem on the foundation then you own everything is tied to the foundation readings you done is an mmu okay now in a previous life and mmu was used for as a mask unit I used it when I used to fly a 7 a.m. fly those I actually a-7 Corsair that just shows how old I am I'm like dirt old but these mm use to digress they were used to work in the navigation but the memory management units on a computer as protections to protect your TCB now is programmable by the operating system so it allows denies and denies access to specific ranges of system's memory requiring to be run so that it did actually app provides it it will provide it capability or it'll remove the capability depending upon what's going to occur and then of course there's got to be God mode this is supervisor mode which allows for and restricts access to the supervisor mode allows you to do that with the operating system it's just to protect it from Knuckleheads like myself that would go poke around and get into areas they probably should not be getting in okay that is the TCB software protection and we are TCB I should say and so we are going to move on to the cissp training okay so we're dealing with cissp domain 3 security architecture and engineering Advantage engineering processes using secure design all right we talked about the TCB in from Wikipedia concept now we're going to talk about what some more things that would be detailed out in the cissp so we talked about as far as a TCP and how is considered at all stages of system development is how important it is that you need to consider its use programmer should also strive for secure development in this is when you come down to developing from a firmware to the OS model the OS all the way up to the application you should strive for a secure development and this would be the sea terms out there I've heard him bracelet software development life cycle and security is kind of weed in there I've also seen SS DLC which is your secure software development life cycle so it kind of goes hand-in-hand I would say that the security and specifically obviously that defines security more than being just software however if you're going to be doing sdlc one of the questions I ask any potential new developer is how do they in a weave security within the sdlc cuz or I do it right now and I'm pretty awesome and then when I asked cuz I asked okay so how do you do that from a security standpoint I mean do you incorporate some level security within your sdlc something there to consider in so therefore when you talk about this stuff it's important that there are some key cancer security items for security design that you need to consider how to get into objects and subjects so an object is a resource used by a subject which it would also be a computer system so your object could be a computer system Define system that you were going to working on subjects are user or process is requesting access such as an individual or an RPA which would be a robot process algorithm those are rpas laser object in your subject now there's a trust these truss are set up between objects and subjects example you have service accounts that would be a user okay and then you have an R&D computer which would be an object and he service accounts have access to this object and therefore they can manipulate and go back and forth however the bad guys that hackers the attackers they will then manipulate this trust between the objects and the subject so therefore it's important that you have proper Protections in place to minimise the attackers from getting up now living in a previous life account I've talked about this before on the risk is that it is the granddaddy dog that you want it they want to go after typically service accounts are setup that they're 24 x 7 they have very limited protections password probably don't change a whole lot and so therefore they are the ones that are used to manipulate other objects and to just take advantage of them so again if your cissp reduce cyber risk from a lot of other people cissp and we've seen a little bit of it not I believe me I know I like a lot more to learn tons more to learn but that those things are definitely liver levers and so just understanding the test and passing the test is for the first piece of this but the ongoing an understanding how these accounts are leveraged yeah that's that's the ongoing aspect that you got to be aware of dollars closed and open systems a closed system is designed very narrow range Caso it's just design in a certain again I dealt with this in the past from a military technology standpoint they were closed systems and their Define typically by the manufacturer so let's say you have a stealth fighter and you have a specific system that needs to be working on that sell stealth fighter they will have that as a closed system it's not updates all that stuff it doesn't reject the internet very close parameters on how to update soccer they are sent individuals to update themselves there they're trying to avoid as many inputs from the outside that would be random and that could potentially add to a vector into the system itself against these are defined by the manufacturer they can be more secure they really can't sort of know what I mean by that is the fact that because they are closed system they are segregated away and the downside of that isn't you see this even when the manufacturing space when you have a manufacturing system that is separated such as using the Purdue model what'll happen is is in many cases these systems that are baby blocked off by firewalls do not get updated as routinely as they potentially should so therefore they are us a bit more susceptible to vulnerabilities and so that's why it's important that I say sort of you need to make sure that you'd if you do have a closed system within your environment you do make sure that you do a bit as much as you possibly can. easier to integrate with other systems IE because they're have a standard and they're updating on a routine basis we used to call this carts which is used to they think they still do, off-the-shelf software and systems did stuff you could go buy off-the-shelf and shove it in a plain Casas it is an important aspect now the problem with Cox was it was not just tested as these the systems are defined specifically for a an aircraft or for the military but they are getting more and more integrated with ND there are more options to these networks as far as well as being an open system but they are less secure and as they are less secure you have to be aware of that so again an example of that would be a computer hacker computer system that you can get you can go buy a new laptop desktop that's really kind of hard to get ready anymore but when you go buy it obviously but they're not nearly as prolific as they used to be but you go get the computer systems and they are built with standard they integrate well with others they play well with others and but yeah they don't really have that they run the risk of being a little less secure because they have so many bells and whistles that have to be in place techniques to maintain confidentiality integrity and availability we're going to get into confinement play so this is various techniques that are software developers in any of the following can be used outside of software development isn't have to be specifically in the software development world but it is we're talking about right now but bottom line is confinement so what does that mean yes that makes sense the word says confined access or actions to a program it also allows a process to read right from specific location so it finds it to what it can do where can read defines who can access it what programs can access it so again it combines the Restriction that would put restrictions on it I'm a Sandbox is a place to restrict where you can operate again now this is also a place where cats go poop but we're not talking about that sandbox were talking about different sandbox this is one where they you place at restrictions on where you can operate you can play and it's a place you can play and be protected from the bad guys out there outside of the same box but you must meet and operate with higher-level security in the sandbox. other companies by firearm any others will do this they will have a Sandbox and place where a piece of malware will come in Algood dump in the sandbox and will be run to see if it implodes if it doesn't implode then it will be moved on now the bad guys and figure out how to get around that obviously they just put timers on things and so forth so that when it blows it up in the sandbox close-up and does bad things but the sandbox is a place where things can go nasty and you don't care except for when their cats go in there and use it as a litter box that's usually not so good anyway example is only as specified systems can operate against a specific database any system outside the scope are not allowed so again if you're very specific system it can operate on that database it can operate in the sandbox but nobody else's house is allowed inside the sandbox that is not supposed to be there children from other places now bones and process isolation what does this mean what bones are Define process that are given authority to operate they can be many or few so again the processes that are in place you can find these bones right now obviously more is not necessarily better especially if you're dealing with the colonel and other things but one of the aspects around this is unit user the colonel and the administrator these are specific process that are given access and authority to operate but you have to create these bonds to to Define what they can and cannot do the operating system memory and Hardware these are process that would be defined bounds to find ride to the operating system system can use our this user can use this memory this one can this one can do in Hardware typically the colonel can do it almost all those places I should be able to do it all those places so those are aspects that you're going to have to in most situations example what errors in these bounce settings and then it will go and start mucking with stuff and example would be Colonel manipulation so if your bones are not set correctly to get to deal with the colonel and you have users that can get access to the colonel then it will go and fly it will still be able to mess with it if they mess with it then the colonel as we talked about DCB they will own everything houses that if you have a product such as eating endpoint detection and response recovery that would notice it wouldn't that's not really a good word it would utilize the or understand if someone was to manipulate the colonel and then trigger on that so again that's why these these endpoint detection products are really really viable oscillation this ensures that only affected memory locations are always specific memory locations are effect central part of a stable system if you don't get into process isolation what will happen is all these prices are run all kinds of goofy stuff and then we'll crash and cause your kind of issues and hackers can utilize them outside of their parameters and then it will be back and they will try that they try everything and then another way would be macros easy can run outside to find parameters and then you get all kinds of manipulation occurring of these macros would by hackers our attackers that are causing effects to your environment okay that's all I have for cissp training let's get into those exam questions cissp exam questions domain 3 question is going to be talking a little bit about the confidentiality integrity and availability beitzel Fred recently received an email from Bill you're awesome I like you like me yeah we're good let's go out and have to do some your friend recently received an email from Bill in his inbox what goal would need to be achieved to ensure Fred that the email is legitimate and has not been spoofed kwiat confidentiality mediation integrity what are those 34514 ABC order CU Integrity D is availability is B non-repudiation does not allow the sender to transmit a message and then to deny that it was sent by them so that's be so yeah I kind of said to you guys was about CIA was actually about non-repudiation so if you need a shin is the goal so you want to be able to be able to repudiate so someone says I wasn't I didn't do it as repudiation also non-repudiation would be the negative that that does not allow the center to transmit a message and then deny it was them and so that's what you want to do from maintaining your systems if you want to have the availability for non-repudiation from a hacker do you have logs that are locked out of that people can access do you want to have the ability to to basically be able to restrict people from getting access to systems like they can't get back they don't need to get access to next question what is the following as it relates to the 4 module which of these as a relates to them is true the TPM installed within Hardware is much lower than the software variant cookies for the system and can be in software and hardware systems all of the. All of the above and the answer is CPM sole purpose is considered the trusted Source within a Computing system and we'll store and process cryptographic security Keys whole disk encryption will store the encryption keys in this location now I didn't go over this in the TPM but it does do that the trusted platform module will go over and deal with the encryption and crypto keys and it will store them for you so that is we'll talk about that in another another podcast but it's basically that is the domain domain 3 you would be dealing with the TPM so we get the TPM is responsible for storing and processing that cryptokeys up for system and can be in software and hardware systems Hardware like our walls and switches and stuff like that fart like your software I have for us today we wanted to let you know one last plug for reduce cyber risk and the training that we have at udemy.com or you can go to reduce cyber risk cissp training at reduce cyber risk. Calm and that you can check all of those out from domain 1 through domain 8 it's amazing you get all of this content plus you're going to be getting weekly updates to my cissp training that are specifically called out there on YouTube all right check them out thanks so much for joining me today I have a great day will catch you on the flip side if you like what you heard please leave a review on iTunes is I would greatly appreciate your feedback also check out my cissp videos that are on YouTube just search for Sean at Shon Gerber and you'll find content to help you pass the cissp exam copia of free cissp materials available do all my email subscribers listening
CISSP Cyber Training Academy Program!
Are you an ambitious Cybersecurity or IT professional who wants to take your career to a whole new level by achieving the CISSP Certification?
Let CISSP Cyber Training help you pass the CISSP Test the first time!