The following scenario applies to questions 64 and 65.
Jack has been told that successful attacks have been taking place and data that has been encrypted by his company’s software systems has leaked to the company’s competitors. Through Jack’s investigation he has discovered that the lack of randomness in the seeding values used by the encryption algorithms in the company’s software exposed patterns and allowed for successful reverse engineering.
64. Which of the following is most likely the item that is the root of the problem when it comes to the necessary randomness explained in the scenario?
A. Asymmetric algorithm
B. Out-of-band communication compromise
C. Number generator
D. Symmetric algorithm
C. A number generator is used to create a stream of random values and must be seeded by an initial value. This piece of software obtains its seeding value from some component within the computer system (time, CPU cycles, etc.). Although a computer system is complex, it is a predictable environment, so if the seeding value is predictable in any way, the resulting values created are not truly random, but pseudorandom. If the values from a number generated illustrate patterns and those patterns are recognizable during cryptographic processes, this weakness could allow an attacker to reverse-engineer the algorithm and gain access to confidential data.
A is incorrect because an asymmetric algorithm carries out cryptographic functions through the use of two different key types, public and private. This is also called public key cryptography. Components, as in number generators, can be used with asymmetric algorithms, but they are a class of algorithms and do not necessarily integrate randomness issues.
B is incorrect because out-of-band communication just means that communication data is being sent through a channel that is different from the encrypted data that is traveling. It does not have any direct correlation with randomness issues.
D is incorrect because a symmetric algorithm carries out cryptographic functions through the use of two instances of the same key. Components, as in number generators, can be used with symmetric algorithms, but they are a class of algorithms and do not necessarily cause randomness issues.
65. Which of the following best describes the role of the values that is allowing for patterns as described in the scenario?
A. Initialization vector
B. One-time password
C. Master symmetric key
D. Subkey
A. Initialization vectors (IVs) are random values that are used with algorithms to ensure patterns are not created during the encryption process. They are used with keys and do not need to be encrypted when being sent to the destination. If IVs are not used, then two identical plaintext values that are encrypted with the same key will create the same ciphertext. Providing attackers with these types of patterns can make their job easier in breaking the encryption method and uncovering the key.
B is incorrect because a one-time pad is an encryption method created by Gilbert Vernam that is considered impossible to crack if carried out properly. A one-time pad uses a pad with random values that are XORed against the message to produce ciphertext. The pad is at least as long as the message itself and is used once and then discarded. This technology is not addressed in this scenario.
C is incorrect because for complex keys to be generated, commonly a master key is created, and then symmetric keys are generated from it. For example, if an application is responsible for creating a session key for each subject that requests one, it should not be giving out the same instance of that one key. Different subjects need to have different symmetric keys to ensure that the window for the attack to capture and uncover that key is smaller than if the same key were to be used over and over again. When two or more keys are created from a master key, they are called subkeys. This is not a component of the randomness issue addressed in the scenario.
D is incorrect because when two or more keys are created from a master key, they are called subkeys. This is not a component of the randomness issue addressed in the scenario.
66. Sometimes when studying for an industry certification exam like the CISSP, people do not fully appreciate that the concepts and technologies that they need to learn to pass the test directly relate to real-world security issues. To enforce how exam-oriented theoretical concepts directly relate to the practical world of security, choose the correct answer that best describes the Heartbleed SSL/TLS vulnerability, which is considered to be one of the most critical attack vectors in the history of the Internet.
A. Digital certificates were stolen through a tunneled attack within the SSL and TLS protocols.
B. Certificate authorities were compromised when their SSL and TLS connections were hijacked through the use of TCP hijacking sessions.
C. Bounds checking was not implemented, allowing sensitive data to be obtained by attackers from memory segments on web servers.
D. Cross-site scripting was allowed to take place on web servers that ran a vulnerable version of Java.
C. OpenSSL implemented an SSL/TLS extension outlined by the IETF in RFP 6520 that allows a connection to remain active between two systems communicating over this security protocol. The way that OpenSSL implemented this extension allows the sending system to request data that it is not authorized to access—such as web server private keys. When an attacker obtains a web server’s private key, this circumvents all of the security provided by a public key infrastructure (PKI) environment that the SSL/TLS protocol is based upon. The point is that if you do not really understand how a PKI works and how private and public keys work, the role of digital certificates in security protocols—such as SSL/TLS, bounds checking, and buffer over-reads—you won’t understand straightforward vulnerabilities such as Heartbleed. While you will not be asked about a specific vulnerability on the CISSP exam, you will be expected to understand all of the components and technologies involved that allow for this vulnerability to be so dangerous and powerful.
A is incorrect because this vulnerability did not involve the stealing of digital certificates and there is actually no security issue involved with digital certificates being “stolen.” Digital certificates commonly reside in open and accessible directories and are shared between entities that participate in a PKI, so there is no threat of them being stolen. Digital certificates are created by certificate authorities, which generate a hash and a digital signature on each individual digital certificate. This digital signature protects the integrity of the certificate and allows a receiver to detect if a certificate has been modified. It is the fact that each digital certificate is protected with a digital signature created by the originating certificate authority that allows us to store these certificates in locations that do not require controls against theft.
B is incorrect because this vulnerability does not have anything to do with a certificate authority being compromised, and TCP hijacking is not a successful way of compromising any SSL/TLS connection. TCP hijacking is an attack that takes advantage of the fact that TCP packet sequence numbers can be predicted, which allows an attacker to insert himself within an active TCP session and take over the connection and use it for his nefarious purposes. SSL/TLS works at a higher level of the network stack compared to TCP, and the hijacking of a TCP session does not equate to compromising a secure connection using this security protocol. It is important to understand not only how attacks such as TCP hijacking take place, but also what attack types can and cannot accomplish.
D is incorrect because the Heartbleed vulnerability does not have anything to do with cross-site scripting or Java. Rather, it is a vulnerability within the implementation of the SSL/TLS protocol. Cross-site scripting (XSS) is a vulnerability within a web application that allows an attacker to compromise the web application and then have the capability of injecting malicious client-side scripts into web pages viewed by potential victims. XSS relates to a vulnerability within a web app running on a web server, not the SSL/TLS protocol. As a security professional, it is important to understand where specific vulnerabilities reside and what they are able to accomplish. An XSS vulnerability cannot lead to a compromise that a Heartbleed attack can accomplish, and the Heartbleed vulnerability cannot accomplish the same outcome as a compromised XSS vulnerability.
67. What type of exploited vulnerability allows more input than the program has allocated space to store it?
A. Symbolic links
B. File descriptors
C. Kernel flaws
D. Buffer overflows
D. Poor programming practices allow more input than the software has allocated space to store it. This overwrites data or program memory after the end of the allocated buffer, and sometimes it allows the attacker to inject program code and then cause the processor to execute it in what is called a buffer overflow. This gives the attacker the same level of access as that held by the software that was successfully attacked. If the program was run as an administrative user or by the system itself, this can mean complete access to the system. Good programming practice, automated source code scanners, enhanced programming libraries, and strongly typed languages that disallow buffer overflows are all ways of reducing this type of vulnerability.
A is incorrect because a symbolic link is a stub file that redirects access to system files or data to another place. If an attacker can compromise the symbolic link, then the attacker may be able to gain unauthorized access. (Symbolic links are used in Unix- and Linux-type systems.) This may allow the attacker to damage important data and/or gain privileged access to the system. A historical example of this was to use a symbolic link to cause a program to delete a password database, or replace a line in the password database with characters that, in essence, created an password-less root-equivalent account. Programs, and especially scripts, must be written to assure that the full path to the file cannot be circumvented.
B is incorrect because file descriptors are exploited if a program makes unsafe use of a file descriptor and an attacker is able to cause unexpected input to be provided to the program, or cause output to go to an unexpected place with the privileges of the executing program. File descriptors are numbers many operating systems use to represent open files in a process. Certain file descriptor numbers are universal, meaning the same thing to all programs. Good programming practices, automated source code scanners, and application security testing are all ways of reducing file descriptor attacks.
C is incorrect because kernel flaws are problems that occur below the level of the user interface, deep inside the operating system. Flaws in the kernel that can be reached by an attacker, if exploitable, give the attacker the most powerful level of control over the system. It is important to ensure that security patches to operating systems—after sufficient testing—are promptly deployed in the environment to keep the window of vulnerability as small as possible.
68. There are common cloud computing service models. __________________ usually requires companies to deploy their own operating systems, applications, and software onto the provided infrastructure. __________________ is the software environment that runs on top of the infrastructure. In the __________________ model the provider commonly gives the customers network-based access to a single copy of an application.
A. Platform as a Service, Infrastructure as a Service, Software as a Service
B. Platform as a Service, Platform as Software, Application as a Service
C. Infrastructure as a Service, Application as a Service, Software as a Service
D. Infrastructure as a Service, Platform as a Service, Software as a Service
D. The most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
A is incorrect because these items are not in the correct order. Infrastructure as a Service (IaaS) is when cloud providers offer the infrastructure environment of a traditional data center in an on-demand delivery method. Companies deploy their own operating systems, applications, and software onto this provided infrastructure and are responsible for maintaining them.
B is incorrect because the most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). There are no models called Platform as Software or Application as a Service. These are distracters. Platform as a Service (PaaS) is when cloud providers deliver a computing platform, which can include an operating system, database, and web server as a holistic execution environment. Where IaaS is the “raw IT network,” PaaS is the software environment that runs on top of the IT network.
C is incorrect because the most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). There is no model called Application as a Service. With Software as a Service (SaaS), the provider gives users access to specific application software (CRM, e-mail, games). The provider gives the customers network-based access to a single copy of an application created specifically for SaaS distribution and use.
69. A company has decided that it no longer wants to maintain its own servers and network environment because of increasing costs and liabilities. The company wants to move to a cloud-based solution, but needs to determine which type of solution best fits its needs. Which of the following provides a correct definition and mapping of a typical cloud-based solution?
A. Infrastructure as a Service is provided when a cloud provider delivers a computing platform that includes operating system, database, and web servers.
B. Software as a Service is provided when a cloud provider delivers an infrastructure environment similar to a traditional data center.
C. Platform as a Service is provided when a cloud provider delivers a computing platform that can include operating system, database, and web servers.
D. Software as a Service is provided when a cloud provider delivers a software environment in the form of a computing platform.
C. Cloud computing is a general term that describes how network and server technology can be aggregated and virtualized and then partitioned to provide individual customers specific computing environments. This centralized aggregation and centralized control provides end users with on-demand self-service, broad access across multiple devices, resource pooling, rapid elasticity, and service metering capability. There are different types of cloud computing offerings. Platform as a Service (PaaS) is in place when a cloud provider delivers a computing platform, such as an operating system, database, and web server, as a holistic execution environment. Where Infrastructure as a Service (IaaS) is the “raw IT network,” PaaS is the software environment that runs on top of the IT network.
A is incorrect because Infrastructure as a Service (IaaS) is in place when a cloud provider offers the infrastructure environment of a traditional data center in an on-demand delivery method. Companies deploy their own operating systems, applications, and software onto this provided infrastructure and are responsible for maintaining them. IaaS cloud solutions often include additional resources, such as storage, firewalls, VLANs, load balancing, and other traditional network functionality.
B is incorrect because Software as a Service (SaaS) is in place when a cloud provider gives users access to specific application software (CRM, e-mail, games). The provider gives the customers network-based access to a specified number of copies of an application created specifically for SaaS distribution and use. In this type of offering, the cloud provider manages the infrastructure and platforms that the applications run within. Access to applications is commonly sold in an on-demand and subscription fee model. Cloud providers install and maintain the application, and end users access the software remotely from cloud clients. Cloud end users do not manage the cloud infrastructure and platform where the application runs.
D is incorrect because Software as a Service (SaaS) is in place when a cloud provider gives users access to specific application software (CRM, e-mail, games) as described earlier. Software applications that are offered through a cloud provider are commonly virtualized to allow them to be scalable to meet high demands and run times. If the company in the question has business requirements for commonly used applications, then SaaS might be the best solution. In this type of situation, each employee would be provided credentials to interact with an instance of the needed application, and the cloud provider would carry out all of the “behind the scenes” maintenance and operation responsibilities.
70. Sally is carrying out a software analysis on her company’s proprietary application. She has found out that it is possible for an attacker to force an authorization step to take place before the authentication step is completed successfully. What type of issue would allow for this type of compromise to take place?
A. Back door
B. Maintenance hook
C. Race condition
D. Data validation error
C. A race condition is when processes carry out their tasks on a shared resource and there is a potential that the sequence is carried out in the wrong order. A race condition is possible when two or more processes use a shared resource, as in data within a variable. It is important that the processes carry out their functionality in the correct sequence. If process 2 carried out its task on the data before process 1, the result will be much different than if process 1 carried out its tasks on the data before process 2. If authentication and authorization steps are split into two functions, there is a possibility an attacker could use a race condition to force the authorization step to be completed before the authentication step.
A is incorrect because a back door is a service that is available and “listening” on a specific port. Back doors are implemented by attackers so that they can gain easy access to compromised systems without having to authenticate as a regular system user.
B is incorrect because a maintenance hook is specific software code that allows easy and unauthorized access to sensitive components of a software product. Software programmers commonly use maintenance hooks to allow them to get quick access to a product’s code so that fixes can be carried out, but this is dangerous. If an attacker uncovered this type of access, compromises could take place that would most likely not require authentication and would probably not be logged.
D is incorrect because data validation errors do not commonly allow an attacker to manipulate process execution sequences. An attacker would enter invalid data through a specific interface, with the goals of having their code execute on the victim machine or carry out a buffer overflow.
71. Which of the following is true about information flow models?
A. The simple security rule of Bell-LaPadula dictates that a subject may not read data from a higher security level, in order to implement data integrity.
B. The *-integrity rule of Biba dictates that a subject may not write data to an object at a higher integrity level, in order to implement confidentiality.
C. The simple integrity rule of Biba dictates that a subject cannot write data to a lower integrity level, in order to implement integrity.
D. The *-property rule of Bell-LaPadula dictates that a subject cannot write data to a lower security level, in order to implement confidentiality.
D. The Bell-LaPadula model is concerned with confidentiality, and the *-property rule dictates “no write down” in order to avoid declassifying data.
A is incorrect because, although the simple security rule of Bell-LaPadula does state that data may not be read from a higher level (“no read up”), the model is designed to implement data confidentiality, not data integrity.
B is incorrect because, although the *-integrity rule of Biba does state that data may not be written to a security layer above the current one (“no write up”), the model is designed to implement data integrity, not confidentiality.
C is incorrect because the simple integrity rule of Biba states that data cannot be read from (not written to) a lower integrity level (“no read down”).
72. Which of the following is true with respect to distributed systems?
A. A client/server system is a special case of a distributed system with only two tiers.
B. Distributed systems are easier to secure than non-distributed systems, because there are more components that can contribute to the security solution.
C. A client/server system is distinct from distributed systems, because there are only two tiers.
D. Distributed systems reduce the complexity of security solutions.
A. A distributed system is any system with multiple computing nodes, and this includes simple two-node client/server systems.
B is incorrect because the reverse is true. Distributed systems are far harder to secure, because failures can occur within any of the many components.
C is incorrect because simple client/server systems are merely two-node distributed systems.
D is incorrect because the reverse is true. Distributed systems invariably increase the complexity of security solutions, though often necessarily. In any case, complexity is anathema to security.
73. What is the difference between generating a message authentication code (MAC) and generating a hash MAC (HMAC)?
A. There is no difference; they are the same thing.
B. They are two different hashing algorithms that are used the same way but produce different message digests (MDs).
C. MACs are a result of hashing a message, whereas HMACs are a result of hashing both the message and a public key.
D. MACs are a result of hashing a message, whereas HMACs are a result of hashing both the message and a shared secret key.
D. By hashing the message concatenated with a shared secret (symmetric) key, the resulting HMAC can be used to validate not only the integrity of the message, but also that the source possessed the proper key. A MAC can be used to validate the integrity of the message alone.
A is incorrect because they are different, as described in the previous explanation.
B is incorrect because hashing is used differently between the two. MAC hashes only the message. HMAC hashes the message and a symmetric key.
C is incorrect because the key used in HMAC is not a public (asymmetric) key, but rather a shared secret (symmetric) key.
74. Why is it important to understand the life cycle of cryptography and your cryptographic needs?
A. Major new forms of cryptography are constantly being invented, which may replace your use of hashing, symmetric, or asymmetric encryption methods.
B. The available key space for any given algorithm (or your choice of keys within it) will inevitably “go stale” over time.
C. Symmetric systems like AES are continuously being upgraded to include more rounds of transforms, so it is important to be using the latest version.
D. Revolutionary advances in blockchains will replace old cryptography techniques.
B. The historically consistent rate of advance in commercial, off-the-shelf computational power has meant that the work factor of all of our cryptographic key spaces has declined over time. This should be assumed to continue: systems that cannot be easily brute forced today may be easily brute forced tomorrow.
A is incorrect because advances in cryptography are infrequent and tend to be incremental. For something to come along that truly replaces hashing, symmetric, or asymmetric algorithms would be revolutionary, and not part of the usual life cycle.
C is incorrect because the AES algorithm is not subject to version upgrades based on the number of rounds of transforms.
D is incorrect because blockchains are neither a revolutionary advance in cryptography nor are they likely to supplant other more mature uses of it.
75. Which of the following are services that cryptosystems can provide?
A. Confidentiality, integrity, and availability
B. Computation, authentication, and authorization
C. Integrity, authentication, and accounting
D. Confidentiality, integrity, and authentication
D. Cryptosystems can render data unintelligible except to authorized entities (confidentiality), can validate that data has not been altered (integrity), and can validate the identity of an entity (authentication).
A is incorrect because, although confidentiality and integrity are services provided by cryptosystems, they do not address assured availability—quite the opposite. Cryptography is a common component in ransomware, which attacks data availability.
B is incorrect because “computation” is meaningless in this context. Cryptosystems rely on computation, as all systems do, but they do not provide it.
C is incorrect because accounting is not a service within the realm of cryptosystems. Accounting entails keeping records of accesses for historical auditing, and while cryptosystems can be used to protect the confidentiality and integrity of such records, this is not a unique use.
76. Which of the following statements is true with respect to the physical security of distribution and storage facilities?
A. Smaller intermediate distribution facilities (IDFs) and storage facilities tend not to contain data as critical as the data in main distribution facilities (MDFs) and data centers, so they require less physical protection.
B. Although smaller IDFs and storage facilities contain data as critical as the data in MDFs and data centers, they are commonly less well protected physically.
C. All distribution and storage facilities are typically afforded the same level of physical protection in practice.
D. Distribution and storage facilities don’t require the same level of physical access controls as the production data centers.
B. Smaller IDFs and storage facilities contain data as critical as the data in MDFs and data centers but are commonly less well protected physically. For example, an IDF may be not much more than a switch on a shelf in a janitor’s closet that is commonly left unlocked. Likewise, storage facilities for archived data are unlikely to have the same physical access controls as a data center.
A is incorrect because the data that flows through IDFs and is archived in offsite storage facilities is likely the same data flowing through the MDFs and resident in the production data center, and thus IDFs and storage facilities require the same level of physical protection.
C is incorrect because distribution and storage facilities are not typically afforded the same level of physical protection, as described in the explanation of the correct answer.
D is incorrect because storage facilities require the same level of physical access controls as the production data centers, as described in the explanation of answer A.