HIDS/HIPS - ANSWER - Host-Based,
- monitors the characteristics of a single host and the events occurring within that host for suspicious activity and most commonly deployed on critical hosts such as publicly accessible servers and servers containing sensitive information
- network traffic (only ...
- monitors the characteristics of a single host and the events occurring within that host for suspicious
activity and most commonly deployed on critical hosts such as publicly accessible servers and servers
containing sensitive information
- network traffic (only for that host), system logs, running processes, application activity, file access and
modification, and system and application configuration changes.
NIST SP 800-18, Rev 1 - ANSWER System Security Plan
NIST SP 800-30, Rev 1 - ANSWER Risk Assessment
Please note that original version has been replaced by 800-39, which is Risk Management
,Risk Impact - ANSWER Risk associated with the operation and use of information systems that support
the missions and business functions of their organizations
NIST SP 800-34 - ANSWER Contingency Planning for IT Systems
NIST SP 800-37, Rev 2 - ANSWER RMF/Roles and Process
FIPS 180-2 - ANSWER - Secure Hash Standard
- Federal agencies must use the Secure Hash Standard if we use hashing
- Provides Integrity
- SHA (Secure Hash Algorithm) there are 4 hash algorithms (SHA-1, SHA-256, SHA-384, SHA-512)
- Secure because a change to a message results in a different message digest.
- Other non-standard hash algorithms (MD2, MD5, CRC, HAVAL)
FIPS 186-2 - ANSWER - Digital Signature Standard
- Provides integrity (message digest) and nonrepudiation (only I have my private key)
- Algorithms
- Digital Signature Algorithm (DSA)
- RSA digital signature algorithm, specified in American National Standard (ANS) X9.31 and Public - Key
Cryptography Standard (PKCS)
- Elliptic Curve Digital Signature Algorithm (ECDSA), specified in ANS X9.62. FIPS 186-3 approves the use
of ECDSA
FIPS 197 - ANSWER - specifies AES, Advanced Encryption Standard
- uses Rijndael Algorithm
- Encrypting is best way to provide confidentiality
- Symmetric encryption - faster than asymmetric encryption
- Cipher Key lengths -128, 192, 256 - three "flavors"
Role based, e.g. AD security groups, user account inherit rights of the group
- Level 3: Adds identity based authentication,
intrusion prevention, and
critical access parameters
- Level 4: requires any tampering of the module to erase all critical security information/self-destruction
e.g., Bitlocker
Environmental protection
- FIPS 140-2 establishes with Cryptographic Module Validation Program
FIPS 201-2 - ANSWER - PIV
- HSPD 12
M-14-03 - ANSWER - Continuous monitoring (REMOVED 3 year authorization requirement if CM is in
place)
M-11-11 - ANSWER - PIV
CNSSI-1253, Version 1 - ANSWER NSS C&A process
, Which law requires annual IT Reporting to Congress? - ANSWER Clinger Cohen Act
what is the Best method for integrity? - ANSWER - Best method for integrity is hashing; if there is a
different message digest we know the content has changed
What is another name for the Clinger Cohen Act? - ANSWER Information Technology Management
Reform Act of 1996
Which law/regulation requires agencies annual Reporting to OMB? - ANSWER - FISMA
- Also requires Annual Reviews, Must cover:
1) Adequacy/effectiveness of Security Program,
2) Adequacy of plans or reports for budget,
3) Significant deficiency
What do digital signatures provide? - ANSWER - Provides integrity (message digest) and nonrepudiation
(only I have my private key)
- Algorithms
- Digital Signature Algorithm (DSA)
- RSA digital signature algorithm, specified in American National Standard (ANS) X9.31 and Public - Key
Cryptography Standard (PKCS)
- Elliptic Curve Digital Signature Algorithm (ECDSA), specified in ANS X9.62. FIPS 186-3 approves the use
of ECDSA
Which requires Accreditation at minimum every 3 years? - ANSWER OMB Circular A-130
what is the best method for confidentiality? - ANSWER - Best method for confidentiality is ENCRYPTION
Which requires agencies to develop a system security Plan? - ANSWER - FISMA
- OMB Circular A-130
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller shantelleG. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
