Vous êtes sur la page 1sur 10

OFFICIAL (ISC)2'

GUIDE TO THE

ISSAPXBIC
SECOND EDITION

Edited

by

Adam Gordon

CISSP-ISSAP, ISSMP, SSCP

(ISC)2
CRC Press
Taylor

& Francis

Group

Boca Raton London New York


CRC Press is an imprint of the

Taylor

& Francis

Croup, an

AN AUERBACH

informa business

BOOK

Architecture

Contents
Foreword

xv

Introduction

xvii

Editors

xxv

Domain i

-^^Qm^^0^mm^M^mM(^

Introduction

Access Control Concepts


Discretionary Access
DAC

Control

11

14

implementation Strategies

NondiscretionaryAccess Control

18

Mandatory Access Control (MAC)

21

Least Privilege

25

Separation

of Duties

28

Architectures

37

Authentication, Authorization, and Accounting (AAA)


Centralized Access Control
Common

40
40
43

Implementations

Design Considerations

45

Decentralized Access Control

46

Design Considerations

47

Federated Access Control

50

Design Considerations

51

Directories and Access Control

52

Considerations

54

Design

54

Identity Management
Accounting
Access Control Administration and

60

Management Concepts

65

Access Control Administration

65

Database Access

70

Inherent Rights

77

Official (ISC)2 Guide to the ISSAP CBK: Second Edition

Granted Rights

78

Change of Privilege Levels

79

Groups

79

Role Based

81

Task Based

86

Dual Control

88

Location

92

Topology

92

Subnet

92

Geographical Considerations

94

Device Type

96

Authentication

Strengths

100

and Weaknesses of Authentication Tools

102

Token-Based Authentication Tools

102

Common Issues with Token Management

106

Biometric Authentication Tools

107

Performance Characteristics

107

Implementation

Considerations

108

Fingerprints

109

Hand Geometry

109

Iris

no

Retina

110

Facial Recognition

110

Authentication Tool Considerations

111

Design Validation

112

Architecture Effectiveness Assurance

114

Testing Strategies

116

Testing Objectives

117

Testing Paradigms

118

Repeatability

119

Methodology

119

Developing

120

Test Procedures

Risk-Based Considerations

Domain 2 (gmmmzft^m tkM&bm^&mm^.


-

Voice and Facsimile Communications

121
131
134

Pulse Code Modulation (PCM)

135

Circuit-Switched versus Packet-Switched Networks

136

VoIP Architecture Concerns

139

End-to-End Delay

139

Jitter

140

Method of Voice

Packet Loss Rate

Digitization Used

140
140

Contents

141

Security
Voice

Security Policies and Procedures

141
141

Encryption
Authentication
Administrative

142

Change Control

143

Integrity

143

Availability

143

Voice Protocols

144

Network Architecture

152

Redundancy and Availability

152

Internet versus Intranet

152

Extranet

153

Network Types

153

Perimeter Controls

156

Security Modems

160

Communications and Network Polices

161

Overview of Firewalls

162

Firewalls vs. Routers

165

Demilitarized Zone's Perimeter Controls

166

IDS/IPS

167

IDS Architecture

167

Intrusion Prevention

System

172

Security Information & Event Management Considerations (SIEM)

173

Wireless Considerations

176

Architectures

176

Security Issues

179

WPAandWPA2

179

IEEE 802.11i and 802.1X

180

802.1X

180

Zones of Control

181

Network

182

Security

Content Filtering

182

Anti-malware

182

Anti-spam

183

Outbound Traffic

Filtering

184

Mobile Code

185

Policy Enforcement Design

185

Application

and

Transport Layer Security

187

Social Media

188

Secure E-Commerce Protocols

191

SSL/TSL and the TCP/IP Protocol Stack

191

Encryption

192

Authentication

193

Certificates and Certificate Authorities

193

Official (ISC)2 Guide to the ISSAPCBK: Second Edition

Data

193

Integrity

SSL/TLS Features

194

Limitations of SSL/TLS

195

Other

Security Protocols

195

Secure Remote Procedure Calls

196

Network Layer Security and VPNs

196

Types of VPN

198

VPN

Tunneling

Tunneling Protocols

Layer

Tunneling Protocol (L2TP)

IPSec

199

201
204

Authentication Header

Encapsulating

(AH)

205

Security Payload (ESP)

208

Cryptographic Algorithms

209

L2TP/IPSec

209

Authentication

TCP

Using

EAP

209
210

Wrapper

SOCKS

211

Comparing SOCKS and HTTP Proxies

211

VPN Selection

212

Topology Supported

212

Authentication

212

Supported

Encryption Supported

212

Scalability

212

Management

213

VPN Client Software

213

Operating System and Browser Support

213

Performance

213

Endpoint Security

213

Encryption
Network Security

214

Design Considerations

Interoperability and Associated Risks


Cross-Domain Risks and Solutions

Audits and Assessments

215
215
217
218

Monitoring
Operating

215

Environment

218

Remote Access

222

Monitoring

222

Design

Validation

Penetration

Testing

Vulnerability Assessment
Monitoring

and Network Attacks

Risk-Based Architecture
Secure

Sourcing Strategy

222
222
223
223
223
224

Contents

Domain 3

0^pS)|pplh^.

237

Cryptographic Principles

240

Applications of Cryptography

240

Benefits

240

Uses

241

Message Encryption

244

Secure IP Communication

245

Remote Access

246

Secure Wireless Communication

247

Other

249

Types

of Secure Communication

Identification and Authentication

250

Storage Encryption

252

Electronic Commerce

253

(E-Commerce)

Software Code Signing

255

In teroperability

255

Methods of Cryptography

256

Symmetric Cryptosystems

256

Block

259

Cipher Modes

Stream

Ciphers

263

Asymmetric Cryptosystems

264

Hash Functions and Message Authentication Codes

267

Digital Signatures

271

Vet

Proprietary Cryptography

&

Design

Testable

Computational Overhead & Useful Life

Key Management

Cryptographic Systems

272
274

276

Purpose of the Keys and Key Types

276

Cryptographic Strength and Key

278

Size

Key Life Cycle

283

Key Creation

Key

Distribution and

284

Crypto

Information in Transit

287

Symmetric Keys Distribution

288

Public and Private Keys Distribution

288

Key Storage

290

Key Update

293

Key

294

Revocation

Key Escrow

295

Backup and Recovery

296

Backup

296

Key Recovery

297

Public Key Infrastructure

297

Key Distribution

298

Certificate and Key Storage

299

PKI

300

Registration

Official (ISC)2 Guide to the ISSAP CBK: Second Edition

How the

301

Subject Proves Its Organizational Entity

How a Person, Acting on Behalf of the Subject, Authenticates

to

Request a Certificate

(Case Studies)

302

Certificate Issuance

306

Trust Models

307

Subordinate

307

Hierarchy

Cross-Certified Mesh

308

Certificate Chains

309

Certificate Revocation

310

Traditional CRL Model

311

Modified CRL-Based Models

312

Cross-Certification

314

How Applications Use Cross-Certification

314

How Cross-Certification Is Set

316

How Cross-Certification with

Design

Up

Bridge CA

Is

Implemented in

Practice

317
318

Validation

Review of Cryptanalytic Attacks

318

Attack Models

318

Symmetric Attacks

319

Asymmetric Attacks

319

Hash Function Attacks

3 20

Network-Based Cryptanalytic Attacks

320

Attacks against Keys

321

Brute Force Attacks

322

Side-Channel

322

Cryptanalysis

Risk-Based Cryptographic Architecture

Identifying
Case

Risk and

Requirements by Cryptographic Areas

323
325
328

Study

Cryptographic Compliance Monitoring

331

Cryptographic Standards Compliance

332

Industry- and Application-Specific Cryptographic Standards Compliance

333

Domain 4
Risk

SiM^^B^tedtol^MS^Ig

Analysis

347

352

Quantitative Risk Analysis

352

Qualitative Risk Analysis

353

RiskTheory

353

Attack Vectors

355

Methods of "Vector" Attack

355

Attack by E-Mail

358

Attack

359

by Deception

Hoaxes

359

Hackers

359

Contents

Web Page Attack

360

Attack of the Worms

360

Malicious Macros

361

Instant

Messaging, IRC, and

P2P

File-Sharing

Networks

362

Viruses

362

Asset and Data Valuation

362

Context and Data Value

363

Corporate

versus

Departmental: Valuation

364

Business, Legal, and Regulatory Requirements

364

Product Assurance Evaluation Criteria

366

Common Criteria (CC) Part 1

368

Common Criteria (CC) Part2

371

The

Target of Evaluation (TOE)

372

Evaluation Assurance Level (EAL) Overview

Evaluation Assurance Level i (EAL 1)


Evaluation Assurance Level 2

373

Functionally

Tested

377

(EAL2) Structurally Tested

377

Evaluation Assurance Level 3 (EAL3)


Evaluation Assurance Level 4 (EAL4)

Methodically Tested and Checked

Methodically Designed, Tested, and Reviewed


Evaluation Assurance Level 5 (EAL5)
Evaluation Assurance Level 6 (EAL6)
Evaluation Assurance Level 7 (EAL7)
Common Criteria

(CC)

377

378

Semiformally Designed

and

Tested

378

Semiformally Verified Design and Tested

378

Formally Verified Design

379

Part 3: Assurance

and Tested

380

Paradigm

Significance of Vulnerabilities

380

The Causes of Vulnerabilities

380

Common Criteria Assurance

381

Assurance

through Evaluation

381

The Common Criteria Evaluation Assurance Scale

381

ISO/IEC 27000 Series

382

Software Engineering Institute

Capability Maturity Model (CMMI-DEV) Key Practices Version


Introducing

the

Sources of the

Capability Maturity Model

Capability

1.3

384
384

Maturity Model (CMM)

384

Structure of the CMMI-DEV VI.3

386

Intergroup Coordination

397

Peer Reviews

398

ISO 7498

Concepts

400
of a

Layered Architecture

401

Payment Card Industry Data Security Standard (PCI-DSS)

402

Architectural Solutions

404

Architecture Frameworks

408

Department of Defense Architecture


The Zachman Framework

Design

Process

Framework

(DoDAF)

410
412

413

Official (ISC)2 Guide

to

thelSSAPCBK: Second Edition

413

System Security Engineering Methodologies


Design

415

Validation

Certification

416

Peer Reviews

416

Documentation

419

Domain 5-l&^MJk^^^

IkDta&IHto
Planning
Risk

427

Phases and Deliverables

432
433

Analysis

Natural Hazard Risks

438

Human-Made Risks and Threats

440

Industry Risks

442
442

Forget the Neighbors!

Do Not

Business Impact

Analysis

444
449

Data Stored in Electronic Form


Remote

449

Replication and Off-Site Journaling

451

Backup Strategies
Selecting

Recovery Strategy for Technology

456

Cost-Benefit Analysis

459

Implementing Recovery Strategies

460

Documenting the Plan

460

The Human Factor

461

Logistics

461

Plan Maintenance Strategies

462

Bringing

It All Together

A Sample "WalkThrough" of

DR Plan

Step by Step Guide for Disaster Recovery


/. Information
//. Plan

Planning for Security Architects

Gathering

Development and Testing

///.

Ongoing Maintenance
References

Domain 6

IPGipW SiOT%(0)(f^

Physical Security Policies and Standards


Physical Security Risks

464
465
465
468

470
471

477

480
489

Unauthorized Access

490

Physical Security Needs and Organization Drivers

494

Facility Risk

496

Restricted Work Areas

501

Protection Plans

503

Contents

Evacuation Drills

505

Incident Response

Design

509

Validation

511

Penetration Tests

Access Control Violation

511

Monitoring

513

Appendix a Amwm $> to^Qyill@ini

523

tofeS

559