Cybersecurity Architecture and Engineering - C726 Questions and Answers
1 view 0 purchase
Course
Cybersecurity Architecture and Engineering - C726
Institution
Cybersecurity Architecture And Engineering - C726
Cybersecurity Architecture and Engineering - C726
Cybersecurity architecture - Answer- is about how to weave together the various security mechanisms and capability into a coherent whole that is effective in thwarting adversaries from accomplishing their strategic attack goals. Architecture requ...
Cybersecurity Architecture and
Engineering - C726
Cybersecurity architecture - Answer- is about how to weave together the various
security mechanisms and capability into a coherent whole that is effective in
thwarting adversaries from accomplishing their strategic attack goals. Architecture
requires effective building blocks as discussed up to this point in the course, and,
just as importantly, how to place and connect those building blocks in the proper
manner using design principles.
Murphy's Law - Answer- Prevent failures before they occur
Detect failures when they occur
Recover from failures when they are detected
Tolerate failures until the system recovers
Design Flaws - Answer- The return on investment of eliminating faults early in the
development process is significant. It is up to 100 times more expensive to fix faults
discovered in the maintenance phase than in the design phase.
Security flaws fixed in the design phase means the flaw was caught in the beginning
of the process.
Security flaws fixed in the implementation stage costs 6.5 times what it would cost if
caught in the design phase.
Security flaws fixed in the testing phase costs 15 times what it costs in the design
phase.
margin of safety (minimum acceptable risk) - Answer- A margin of safety calls for
engineering systems to meet requirements beyond those required by the existing
specifications. This margin of safety can be as high as three times if the three factors
discussed previously warrant it and the stakes of failure are sufficiently high.
minimum requirements:
User behavior
Unforeseen circumstances
Uncertainty
Modularity - Answer- is the design principle that calls for the aggregation of similar
functions into a programming entity with
Clear control boundaries
Private data structures
Well-defined interfaces
, Abstraction - Answer- is a similar concept to modularity. Abstraction is about dealing
with system complexity by hiding details so that all complexities and all possible
interactions do not have to be considered at once.
Scalability - Answer- analysis should be done regarding both the deployment and
operation of any system (from both a user and a system operator perspective)—
particularly for cybersecurity systems. One key to understanding scalability is
understanding complexity.
complexity - Answer- here are two types of complexity: time and space.
Time complexity refers to how much time a task will take.
Space complexity refers to how much memory a task will take. Time complexity is
the focus of the remainder of this section. Space complexity is parallel in structure
and is therefore omitted for brevity.
Recursion - Answer- is a programming technique that implements a divide and
conquer approach to solving complex problems. It allows a function to call itself and
suspend processing until the call is answered by successively simpler versions of the
problem.
Transitive trust - Answer- is the concept that if A trusts B and B trusts C, then A
inherits trust of C through the transitive property—which works like it would in a
mathematical equation: if a = b, and b = c, then a = c.
closed system - Answer- is designed to work well with a narrow range of other
systems, generally all from the same manufacturer. The standards for closed
systems are often proprietary and not normally disclosed.
Open systems - Answer- are designed using agreed-upon industry standards. Open
systems are much easier to integrate with systems from different manufacturers that
support the same standards.
security model - Answer- provides a way for designers to map abstract statements
into a security policy that prescribes the algorithms and data structures necessary to
build hardware and software.
confinement - Answer- allows a process to read from and write to only certain
memory locations and resources. This is also known as sandboxing. The operating
system, or some other security component, disallows illegal read/write requests. If a
process attempts to initiate an action beyond its granted authority, that action will be
denied.
Isolation - Answer- is used to protect the operating environment, the kernel of the
operating system (OS), and other independent applications. Isolation is an essential
component of a stable operating system. Isolation is what prevents an application
from accessing the memory or resources of another application, whether for good or
ill.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Freshy. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
