Continuing with the series, in this article we will talk about Domain 3, which is Security Engineering. This domain is one of the biggest of all CISSP domains.

The main objective of this domain is to test candidate’s knowledge on various security models, applying secure principles to site and facility design, mitigation strategy for web based systems, mobile systems, embedded systems, and cryptography. Let’s start with what you must know for handling questions from this domain:

  • V-Model: Understand the system engineering Life-Cycle which is depicted by V-Model
    • The left side of the ‘V’ depicts project initiation such as requirements, detailed design etc.
    • The base of the ‘V’ depicts Implementation
    • The right side of the ‘V’ depicts Project Testing and Integration: Integration, test, verification, validation, operations and maintenance.
  • Understand the following Security Models (Very Important):
    • Bell-LaPadula Confidentiality Model
      • This model deals only with confidentiality
      • This is a Lattice Based Model
    • Biba Integrity Model
      • This model deals with only with Integrity
      • This is a Lattice Based Model

      Since both of these models are lattice based (multiple layers) and try to protect information from unauthorized access and maintain integrity, following chart depicts their properties- Expect 1 question in exam based on the table below

Property Bell-LaPadula Biba
ss-property A subject cannot access object of higher classification. A subject cannot access object of lower classification.
*-property A subject can only write to an object of higher classification. A subject can only write to an object of lower classification.
Invocation property NA A subject cannot send logical requests to an object of higher integrity

Also remember a new model is formed from Biba + Bell LaPadula = LIPNER

  • Clark-Wilson Integrity Model
    • This is an improvement of Biba Model
    • It requires 3rd party to evaluate the subject needs before they are committed to system
    • This ensures all the transactions between object and subject follows a defined set of rules.
  • Brewer-Nash Model
    • This model is also called the Chinese Model
    • This prevents subjects from sharing information.
  • Graham-Denning Model
    • This model is concerned with how a model controls subjects and an object at a very basic level.
    • The model contains:
      • Subjects:
        • Process
        • Domain: This control how subjects may access objects
      • Objects
      • Set of rules: This governs how subjects may manipulate passive objects.
  • Product Evaluation Models:
    • Trusted Computer System Evaluation Criteria (TCSEC): This supports Confidentiality only.
    • Information Technology Security Evaluation Criteria (ITSEC): This supports whole CIA triad.
  • Complete Mediation: When no subject can gain access to any object without any authorization is called as complete mediation.
  • Understand Following terms
    • TEMPEST: It is a standard designed to shield buildings and equipment’s to protect them against eavesdropping and intrusion on emanations
    • State Attacks: This is a type of attack to take advantage of how a system handles multiple requests.
    • Data marts: Data mart is a subset of Data warehouse
    • Inference: Inference is the ability to infer sensitive data by observing available information.
    • Aggregation: It is the creation of sensitive data by aggregation of non-sensitive data from multiple sources.
  • The following things should be considered while site planning:
    • Dense Vegetation close to buildings should be avoided.
    • Windows should not be placed adjacent to doors. Grills should be installed in buildings.
    • Windows at ground level should be fixed only. It should not open and should have shock sensors to monitor attacks on windows.
    • In the garage, exterior lights should be placed approximately 12 ft. above ground and they should point downward to illuminate wide areas along the ground.
    • Lighting levels should be 10-12 ft. candles over parked areas and 15-20 ft. candles in walking and driving aisles.
  • Fire Suppression Systems:
    • Class A: These are for combustible materials like wood, plastics, paper etc.
    • Class B: These are for combustible liquids such as gasoline, kerosene etc.
    • Class C: These are for These are for electrical equipment’s
    • Class D: these are for combustible metals like magnesium, titanium etc.
    • Class K: These are mostly for oil or fat-based fires.
  • Types of cooling:
    • Latent Cooling: It is the ability of air-conditioning unit to remove moisture.
    • Sensible Cooling: It is the ability of air-conditioning unit to remove heat.

      In the Data center, sensible cooling is required.

  • Below are the cryptography concepts:
    • High Work Factor: The amount of effort required to break an encryption system.
    • Stream Based Ciphers: Encryption operation on a bit-by bit basis. They are mostly implemented in hardware
    • Block Based Ciphers: Encryption operation on a block basis rather than on a bit-by bit basis. They are mostly implemented in software.
      • Electronic Code Book (ECB): In this, each block is encrypted independently.
      • Cipher Block Chaining (CBC): in this, the result of encryption of one block is fed into the process to encrypt the next block of data.
      • Cipher Feedback (CFB): In CFB mode, cipher text bits are used to produce keystream of the next phase.
      • Output Feedback (OFB) : Keystream is generated independently of the message
      • Counter (CTR): A 64-bit random block is used as the first initialization vector.
    • Initialization vector (IV): This is used to provide randomization to the encryption process. Same IV block should never be used with the same key.
    • One-time pad: It was proposed by Gilbert Vernam and it states that the key should only be used once and must be as along as the length of plaintext never repeats. IF this is implemented properly, it is unbreakable. It is different from running key cipher.

CISSP Instant Pricing- Resources

  • Symmetric Cryptography: In this, a single key is used of encryption and decryption. The key is distributed normally in out of band fashion. Symmetric cryptography is very fast. however below are the disadvantages:
    • Does not scale well when number of entities increased.
    • Method of Key distribution is not safe.
  • Asymmetric Cryptography: To overcome the shortcoming of symmetric cryptography, asymmetric comes in place. In this public/private key pair is used where public key is distributed and private key is held secretly. This eliminated the problem of scalability and exchanging keys problem. However, asymmetric cryptography is very slow.

Therefor a concept of PKI is used which harvest the benefits of both symmetric and asymmetric cryptography. For more details on encryption, here is my mini course. In the exam, expect a scenario based question on cryptography where they will ask the protection of CIA triad and with which key you have to do that-Senders’ (public/private), Receivers (public/private), secret key.

  • Under the concept of hashing. Famous Hashing algorithms-MD5,ShA-1,2,3(mostly their bit size)
  • Familiarize yourself with famous cryptanalysis attacks like birthday attack, dictionary attack, frequency analysis, rainbow table, replay attack etc.

Ok so these are the bullet points on main topics for Domain 3. Pay more attention to cryptography concepts in this domain and site-design security.