Contents
Foreword
Introduction
Editors
Domain 1 - Access Control Systems & Methodology
Introduction
Access Control Concepts
Discretionary Access Control
DAC Implementation Strategies
Nondiscretionary Access Control
Mandatory Access Control (MAC)
Least Privilege
Separation of Duties
Architectures
Authentication, Authorization, and Accounting (AAA)
Centralized Access Control
Common Implementations
Design Considerations
Decentralized Access Control
Design Considerations
Federated Access Control
Design Considerations
Directories and Access Control
Design Considerations
Identity Management
Accounting
Access Control Administration and Management Concepts
Access Control Administration
Database Access
Inherent Rights
Granted Rights
Change of Privilege Levels
Groups
Role Based
Task Based
Dual Control
Location
Topology
Subnet
Geographical Considerations
Device Type
Authentication
Strengths and Weaknesses of Authentication Tools
Token-Based Authentication Tools
Common Issues with Token Management
Biometric Authentication Tools
Performance Characteristics
Implementation Considerations
Fingerprints
Hand Geometry
Iris
Retina
Facial Recognition
Authentication Tool Considerations
Design Validation
Architecture Effectiveness Assurance
Testing Strategies
Testing Objectives
Testing Paradigms
Repeatability
Methodology
Developing Test Procedures
Risk-Based Considerations
Domain 2 - Communications & Network Security
Voice and Facsimile Communications
Pulse Code Modulation (PCM)
Circuit-Switched versus Packet-Switched Networks
VoIP Architecture Concerns
End-to-End Delay
Jitter
Method of Voice Digitization Used
Packet Loss Rate
Security
Voice Security Policies and Procedures
Encryption
Authentication
Administrative Change Control
Integrity
Availability
Voice Protocols
Network Architecture
Redundancy and Availability
Internet versus Intranet
Extranet
Network Types
Perimeter Controls
Security Modems
Communications and Network Polices
Overview of Firewalls
Firewalls vs. Routers
Demilitarized Zone’s Perimeter Controls
IDS/IPS
IDS Architecture
Intrusion Prevention System
Security Information & Event Management Considerations (SIEM)
Wireless Considerations
Architectures
Security Issues
WPA and WPA2
IEEE 802.11i and 802.1X
802.1X
Zones of Control
Network Security
Content Filtering
Anti-malware
Anti-spam
Outbound Traffic Filtering
Mobile Code
Policy Enforcement Design
Application and Transport Layer Security
Social Media
Secure E-Commerce Protocols
SSL/TSL and the TCP/IP Protocol Stack
Encryption
Authentication
Certificates and Certificate Authorities
Data Integrity
SSL/TLS Features
Limitations of SSL/TLS
Other Security Protocols
Secure Remote Procedure Calls
Network Layer Security and VPNs
Types of VPN Tunneling
VPN Tunneling Protocols
Layer 2 Tunneling Protocol (L2TP)
IPSec
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Cryptographic Algorithms
L2TP/IPSec
Authentication Using EAP
TCP Wrapper
SOCKS
Comparing SOCKS and HTTP Proxies
VPN Selection
Topology Supported
Authentication Supported
Encryption Supported
Scalability
Management
VPN Client Software
Operating System and Browser Support
Performance
Endpoint Security
Encryption
Network Security Design Considerations
Interoperability and Associated Risks
Cross-Domain Risks and Solutions
Audits and Assessments
Monitoring
Operating Environment
Remote Access
Monitoring
Design Validation
Penetration Testing
Vulnerability Assessment
Monitoring and Network Attacks
Risk-Based Architecture
Secure Sourcing Strategy
Domain 3 - Cryptography
Cryptographic Principles
Applications of Cryptography
Benefits
Uses
Message Encryption
Secure IP Communication
Remote Access
Secure Wireless Communication
Other Types of Secure Communication
Identification and Authentication
Storage Encryption
Electronic Commerce (E-Commerce)
Software Code Signing
Interoperability
Methods of Cryptography
Symmetric Cryptosystems
Block Cipher Modes
Stream Ciphers
Asymmetric Cryptosystems
Hash Functions and Message Authentication Codes
Digital Signatures
Vet Proprietary Cryptography & Design Testable Cryptographic Systems
Computational Overhead & Useful Life
Key Management
Purpose of the Keys and Key Types
Cryptographic Strength and Key Size
Key Life Cycle
Key Creation
Key Distribution and Crypto Information in Transit
Symmetric Keys Distribution
Public and Private Keys Distribution
Key Storage
Key Update
Key Revocation
Key Escrow
Backup and Recovery
Backup
Key Recovery
Public Key Infrastructure
Key Distribution
Certificate and Key Storage
PKI Registration
How the Subject Proves Its Organizational Entity
How a Person, Acting on Behalf of the Subject, Authenticates to Request a Certificate (Case Studies)
Certificate Issuance
Trust Models
Subordinate Hierarchy
Cross-Certified Mesh
Certificate Chains
Certificate Revocation
Traditional CRL Model
Modified CRL-Based Models
Cross-Certification
How Applications Use Cross-Certification
How Cross-Certification Is Set Up
How Cross-Certification with a Bridge CA Is Implemented in Practice
Design Validation
Review of Cryptanalytic Attacks
Attack Models
Symmetric Attacks
Asymmetric Attacks
Hash Function Attacks
Network-Based Cryptanalytic Attacks
Attacks against Keys
Brute Force Attacks
Side-Channel Cryptanalysis
Risk-Based Cryptographic Architecture
Identifying Risk and Requirements by Cryptographic Areas
Case Study
Cryptographic Compliance Monitoring
Cryptographic Standards Compliance
Industry- and Application-Specific Cryptographic Standards Compliance
Domain 4 - Security Architecture Analysis
Risk Analysis
Quantitative Risk Analysis
Qualitative Risk Analysis
Risk Theory
Attack Vectors
Methods of “Vector” Attack
Attack by E-Mail
Attack by Deception
Hoaxes
Hackers
Web Page Attack
Attack of the Worms
Malicious Macros
Instant Messaging, IRC, and P2P File-Sharing Networks
Viruses
Asset and Data Valuation
Context and Data Value
Corporate versus Departmental: Valuation
Business, Legal, and Regulatory Requirements
Product Assurance Evaluation Criteria
Common Criteria (CC) Part 1
Common Criteria (CC) Part 2
The Target of Evaluation (TOE)
Evaluation Assurance Level (EAL) Overview
Evaluation Assurance Level 1 (EAL1) - Functionally Tested
Evaluation Assurance Level 2 (EAL2) - Structurally Tested
Evaluation Assurance Level 3 (EAL3) - Methodically Tested and Checked
Evaluation Assurance Level 4 (EAL4) - Methodically Designed, Tested, and Reviewed
Evaluation Assurance Level 5 (EAL5) - Semiformally Designed and Tested
Evaluation Assurance Level 6 (EAL6) - Semiformally Verified Design and Tested
Evaluation Assurance Level 7 (EAL7) - Formally Verified Design and Tested
Common Criteria (CC) Part 3: Assurance Paradigm
Significance of Vulnerabilities
The Causes of Vulnerabilities
Common Criteria Assurance
Assurance through Evaluation
The Common Criteria Evaluation Assurance Scale
ISO/IEC 27000 Series
Software Engineering Institute - Capability Maturity Model (CMMI-DEV) Key Practices Version 1.3
Introducing the Capability Maturity Model
Sources of the Capability Maturity Model (CMM)
Structure of the CMMI-DEV V1.3
Intergroup Coordination
Peer Reviews
ISO 7498
Concepts of a Layered Architecture
Payment Card Industry Data Security Standard (PCI-DSS)
Architectural Solutions
Architecture Frameworks
Department of Defense Architecture Framework (DoDAF)
The Zachman Framework
Design Process
System Security Engineering Methodologies
Design Validation
Certification
Peer Reviews
Documentation
Domain 5 - Technology Related Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
Planning Phases and Deliverables
Risk Analysis
Natural Hazard Risks
Human-Made Risks and Threats
Industry Risks
Do Not Forget the Neighbors!
Business Impact Analysis
Data Stored in Electronic Form
Remote Replication and Off-Site Journaling
Backup Strategies
Selecting a Recovery Strategy for Technology
Cost–Benefit Analysis
Implementing Recovery Strategies
Documenting the Plan
The Human Factor
Logistics
Plan Maintenance Strategies
Bringing It All Together – A Sample “Walk Through” of a DR Plan
Step by Step Guide for Disaster Recovery Planning for Security Architects
I. Information Gathering
II. Plan Development and Testing
III. Ongoing Maintenance
References
Domain 6 - Physical Security Considerations
Physical Security Policies and Standards
Physical Security Risks
Unauthorized Access
Physical Security Needs and Organization Drivers
Facility Risk
Restricted Work Areas
Protection Plans
Evacuation Drills
Incident Response
Design Validation
Penetration Tests
Access Control Violation Monitoring
Appendix A - Answers to Review Questions
Index
