--- 最後更新 : 2021/04/03 15:30 --- ###### tags: `CISSP` `D3` # Domain 3: Security Architecture and Engineering :::warning 時時都安全,處處都安全。 ::: :::info - 安全保護機制 - 技術面 - Layering - Abstraction (不透漏實作細節) - Data Hiding 是在 multilevel secure system 中重要的特性 - Process Isolation 為每個行程提供單獨的空間 - Hardware Segmentation - 策略機制 - Principle of Least Privilege > 如 盡量都以 user mode - Seperation of Privilege 特權分離 > 粒度化的權限訪問 - Accountability 當則 > 搭配完整稽核與監控系統與良好的身分驗證系統 - 基於設計或編碼 - Trusted Recovery - Input and Parameter Checking > Buffer Overflow - Maintenance Hooks and Privileged Programs > 維護的 back door 後門,違反安全政策 - Incremental Attacks > 透過以緩慢漸進的攻擊 破獲系統 安全性與完整性 > - **Data diddling** 數據欺騙 > - **Salami** > ![](https://i.imgur.com/QaOIFoQ.png) > - TOCTOU (Time of check to time of use) ![](https://i.imgur.com/oLNz8V1.png) ::: ### 考題觀點 :::danger - **Ring Protection** ![](https://i.imgur.com/BN12Aiq.png) - **Multi Threading** ![](https://i.imgur.com/JlqVcQR.png) - ASLR ![](https://i.imgur.com/I8XkXc5.png) ::: ## 3.1 Implement and manage engineering processes using secure design principles > [color=blue] Ref OSG **CH08.1** :::info - 存取 主體(Subject)**使用**個體(Object) - 主動 - 被動 - 系統 - Closed System , 相對安全 - Open System , 支持產業標準 - 用於確保 CIA - Confinement 限制 - Bound 邊界 - Isolation 隔離 - 訪問控制 - DAC - MAC - RBAC - ABAC - Trusted Assurance ::: ### 考題觀點 :::danger - 特權模式 ![](https://i.imgur.com/qpTwERQ.png) - Aggregation 攻擊 ![](https://i.imgur.com/nc3lYVR.png) - White Niose ![](https://i.imgur.com/UbfTva2.png) - Memory (Bounds) ![](https://i.imgur.com/e9PdInM.png) ::: ## 3.2 Understand the fundamental concepts of security models > [color=blue] Ref OSG **CH08.2** :::success - 模型提供了一種形式化安全的策略方法 - 描述安全屬性 - Tokens - Capability - Label - TCB - 安全模型 - B 機密性 - B 完整性 - C 機密性 - C 完整性 - BLP ![](https://i.imgur.com/5aRvj14.png) - Biba ![](https://i.imgur.com/vGAGs2o.png) ::: ### 考題觀點 :::danger - BBCC 的 simple 與 start 屬性 - BLP Write 用 **Start Security** 屬性 ![](https://i.imgur.com/NBAopyc.png) - Biba Read (用 **simple integrity** property) ![](https://i.imgur.com/b1M3sL9.png) - Biba Write (用 **Start integrity** property) ![](https://i.imgur.com/Bau4qOZ.png) - ACL ![](https://i.imgur.com/3I4FEMa.png) - 分類 ![](https://i.imgur.com/h6g63ES.png) - TCB ![](https://i.imgur.com/1LBDs02.png) - Take Grant ![](https://i.imgur.com/9Yr3o4I.png) - Biba ![](https://i.imgur.com/2gpQOs2.png) - Biba 保護完整性 I ![](https://i.imgur.com/tXskdNI.png) - Feedback 組成理論 ![](https://i.imgur.com/bjqY7DT.png) ::: ## 3.3 Select controls based upon systems security requirements > [color=blue] Ref OSG **CH08.3** - TCSEC - 行業和國際安全實施指南 - ISO - PCI DSS - CC - Certification and Accrediation C&A 要理解 ### 考題觀點 :::danger - 務必弄懂 C&A V&V - **Verification** () The **verification process** is similar to the certification process in that ==it validates security controls==. Verification may go a step further by involving a **third-party testing service and compiling results** that may be trusted by many different organizations. - **Accreditation** Accreditation is the act of management formally **accepting an evaluating system**, ==not evaluating== the system itself. - CC 的幾個名詞 - PP (describes the security requirements for a product) ![](https://i.imgur.com/JtVKmD8.png) - CC 級別 ![](https://i.imgur.com/uJ4k3Gq.png) ::: ## 3.4 Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption) > [color=blue] Ref OSG **CH08.4** ### 考題觀點 :::danger - 行程的狀態 ![](https://i.imgur.com/ea25q0x.png) ::: ## 3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements > [color=blue] Ref OSG **CH09.1** ### 3.5.1 Client-based systems > [color=blue] Ref OSG **CH09.2** ### 3.5.2 Server-based systems > [color=blue] Ref OSG **CH09.3** ### 3.5.3 Database systems > [color=blue] Ref OSG **CH09.4** ### 3.5.4 Cryptographic systems > [color=blue] Ref OSG **CH06** ### 3.5.5 Industrial Control Systems (ICS) > [color=blue] Ref OSG **CH09.7** ### 3.5.6 Cloud-based systems > [color=blue] Ref OSG **CH09.5.1、9.5.2** :::info - The **hypervisor**, also known as the **virtual machine monitor (VMM)**, is the component of virtualization that creates, manages, and operates the virtual machines. - A **type I** hypervisor is a **native** or **bare-metal** hypervisor. > Ex. VMware - A **type II** hypervisor is a **hosted hypervisor**. > Ex. Winserver 2019 Enable Hyper-v - 雲端安全議題 - privacy concerns, - regulation compliance difficulties, - use of open-versus closed-source solutions, - adoption of open standards, - 雲端的三種服務模式 - Infrastructure as a Service,IaaS - Platform as a Service,PaaS - Software as a Service,SaaS - 雲端的四種部署型式 - Private Cloud , 僅供企業內部使用 - Public Cloud - Hybrid Cloud - Community Cloud. 由一組用戶或組織維護、使用和支付用於利益共享的雲環境。 - 採用雲服務前調查雲服務的安全性非常重要 - 是否符合法規 - SOX - HIPPA - PCI DSS (行業標準) - 數據存放的地理區邊界 - 採用哪種加密解決方案 - 數據恢復的方法、速度 - 若遇到災難如何回復 - Cloud Access Security Broker, CASB 是一種實施安全策略的解決方案 - Security as a Service , SECaaS 是一個 CSP 概念,提供相關服務 - 包含身分驗證、授權、稽核、反惡意軟體、入侵檢測、合規性和漏洞掃描 ::: ### 3.5.7 Distributed systems > [color=blue] Ref OSG **CH09.5** :::info - **Grid computing** is a form of **parallel distributed processing** that loosely groups a significant number of processing nodes to work toward a specific processing goal. - **Peer-to-peer (P2P)** technologies are networking and distributed application solutions that share tasks and workloads among peers. ::: ### 3.5.8 Internet of Things (IoT) > [color=blue] Ref OSG **CH09.6** :::info - All too often an IoT device ==was not designed with security== as a core concept or even an afterthought. This has already resulted in numer ous home and office network security breaches. - 許多物聯網、自動化設備正在被添加到業務環境 ::: ### 3.5.9 Industrial Control System (ICS) > [color=blue] Ref OSG **CH09.7** :::info - ICS - DCS 分布式控制系統 - PLC 可程式邏輯控制器 - SCADA 數據採集 - 工控系統過去幾乎沒有考慮安全性,且不常更新 ::: ### 考題觀點 :::danger - SCADA 場域 ==Supervisory control and data acquisition (SCADA)== systems are used to **control and gather data from industrial processes**. They are commonly found in power plants and other industrial environments. - 雲端資料的刪除 IaaS ![](https://i.imgur.com/JF3r3AQ.png) - **TEMPEST** 攻擊 ![](https://i.imgur.com/mu7HGCY.png) - PaaS 執行我發佈的程式 ![](https://i.imgur.com/GZvhAnn.png) - IoT 攻擊 ![](https://i.imgur.com/v8efGb6.png) - Building Control ![](https://i.imgur.com/8v4bFPW.png) ::: ## 3.6 Assess and mitigate vulnerabilities in web-based systems > [color=blue] Ref OSG **CH09.8** > [color=green] Ref OSG **CH21** :::info - Web 漏洞包括 - XML 與 SAML 相關議題 - OWASP Top 10 - Any **security evaluation** should ==start off(始於) with reconnaissance(偵查) or information gathering==. - This step is to collect as much information as possible about the target for later steps to use. - 初步評估 - hosted web pages - 使用中的自動化技術 - 找查不應該發布的訊息 - 配置的漏洞 - 評估站點的配置管理 - 評估安傳輸安全性 (SSL) TLS版本 - 評估密碼套、Cookie、會話、Token管理、偽造請求的敏感性 - 評估**身分驗證**和 **session 管理** - 評估站點的**加密**與用於**數據驗證**和**清理**的方法 - 檢查DoS防禦 - 評估風險回應與測試錯誤處理 - A few of the OWASP top ten Web risks that you may want to know about are injection, XML exploitation, cross-site scripting (XSS), and XSRF. - An **injection attack** is any exploitation(開發) that allows an attacker to **submit code to a target system** ==in order to modify its operations and/or poison and corrupt its data set.== - There are a wide range of potential injection attacks. Typically, an injection attack is named after the type of backend system it takes advantage of or the type of payload delivered (injected) onto the target. Examples include - Structured Query Language (SQL) injection, - 兩種技術免於SQL Injection - Perform input validation. - 白名單 - 黑名單過濾器 - The primary forms of **input sanitization** that should be adopted include ==limiting the length of input==, filtering on known ==malicious content patterns==, and ==escaping metacharacters**轉譯元字符**==. - Limit account privileges. - 站台最小權限存取DB - Lightweight Directory Access Protocol (LDAP), - 攻擊重點在 目錄服務 - 防禦方式為 **輸入資料淨化**處理 **input sanitization** - XML injection, command injection, - Hypertext Markup Language (HTML) injection, code injection, and - file injection. - XSS 惡意代碼注入形式 - 攻擊站台,讓來訪的使用者 仔入執行惡意程式碼片段 - XSRF 跨站請求偽造 - 攻擊重點是來訪用戶的瀏覽器 - 預防措施 - 用戶重新輸入密碼 - 請求與會話加入隨機化的字串 - 檢查 refer header ::: ### 考題觀點 :::danger - Buffer Overflow ![](https://i.imgur.com/NAdJtft.png) - Virtulization ![](https://i.imgur.com/pxJ7PEQ.png) ::: ## 3.7 Assess and mitigate vulnerabilities in mobile systems > [color=blue] Ref OSG **CH09.9** :::info - 移動設備通常包含敏感訊息 - **設備安全** - Full Device Encryption - 設備加密 - VoIP 時可以語音加密 - Remote Wiping - 設備遺失時可以遠端刪除資料,建議搭配加密 - Lockout - Screen Locks - GPS - 跟蹤或被追蹤 - Application Control - 限制能裝與強制執行,可關閉與工作無關之應用程序能力減少曝險 - Storage Segmentation (儲存分割) - OS 與 數據分離 - 公司數據 用戶數據分離 - Asset Tracking - 已安裝軟體監控 - 是否符合安全準則 - Inventory Control - 偏硬體資產 - Mobile Device Management - 是一種解決方案 - 可用於 BYOD 環境中 - Device Access Control - Removable Storage - OTG - Disabling Unused Features - **Application Security** - Key Management - 行動裝置依賴本地的 Random Nuber Generator,RNG - Credential Managment - Multi Factor 建議 - Authentication - 謹慎作法結合身分驗證與設備加密 - Geotagging 地理位置標記 - 一張有地理資訊標記的照片上傳 - 被觀察到更多的 日常資訊 - Encryption - 如替視訊會議加密 - Application Whitelisting - **BYOD Concerns** BYOD 是一項 Policy 允許員工將個人的設備攜入投入工作、連結公司網路上網。雖可以提高士氣與滿意度,但相對帶來風險。 - BYOD 替代方案 > - **COPE (Company Owned , Personal Enabled)** > 公司購買給員工,並套用相關的政策 > - **CYOD (Choose Your Own Device)** > 提供一份已獲准的設備列表,從中挑選 > - **Corporate-Owned mobile strategy** > 公司買,專用於公司,設備上不能職協個人任務 > - **Virtual Desktop Infrastructure , VDI** > 降低終端設備的安全性和性能的作法 (集中,虛擬化) > - **Virtual Mobile Infrastructure , VMI** - 同仁須了解使用自己的設備的好處與限制 - 閱讀與簽署 BYOD CYOD... - 參加培訓 - 議題 > - Data Ownership > - 公司與個人資訊混再一起 > - 應建立明確政策 > - Support Ownership > - 設備出問題誰處理 > - Patch Management > - 透過供應商 or WIFI 更新 > - Antivirus Management > - Forensics 取證 > - Privacy 隱私 > - BYOD 下,應視為公司資產 >- On-board / Off-Board > - 安裝與抹除 >- Adherence to Corporate Policies > - 遵守公司規則 >- User Accpetance > - 使用接受程度 >- Infrastructure Consideration > - 上網數量會翻倍 > - 處理 IP、網路隔離、IPS IDS >- Legal Concerns > - 增加數據洩漏的風險 > - 對組織而言不見得是有效益 >- Accetable(可接受使用策略) Use Policy >- On-board Camera/Video > - 禁用 ::: ### 考題觀點 :::danger - 行動裝置遺失保護,建議從機密性觀點思考(加密) ![](https://i.imgur.com/x4vWl6v.png) - 過時的裝置,老子有錢讓你換免得威脅一直在 ![](https://i.imgur.com/ZiEx9p7.png) ::: ## 3.8 Assess and mitigate vulnerabilities in embedded devices > [color=blue] Ref OSG **CH09.10** :::info - 保護嵌入式和靜態系統的方法 - Network Segmentation - Security Layers - Application Firewalls - Firmware Version Control - **Wappers** > 可能會有 木馬或惡意程式 - Monitoring - Control **Redundancy** and **Diversity多樣性** 單個安全機制都會有其缺陷 所以透過縱深防禦的概念 來避免 ::: ## 3.9 Apply cryptography ### 3.9.1 Cryptographic life cycle (e.g., key management, algorithm selection) > [color=blue] Ref OSG **CH06.5 & 6.4.7** > [color=green] Ref OSG **CH07** :::info - 密碼學的目標 Cryptography provides - **Confidentiality**, - **Integrity**, - **Authentication**, - **Nonrepudiation** - 機密性 - 透過加密 - 對稱式 - 非對稱式 - 完整性 - Message integrity is enforced through the use of **encrypted message digests(加密的訊息摘要)**, known as ==**digital signatures(數位簽章)**==, created upon transmission of a message. - 不可否認性 **Nonrepudiation** provides **assurance保證** to the recipient that ==the message was originated by the sender== and not someone masquerading(偽裝) as the sender. It also prevents the sender from claiming that they never sent the message in the first place (also known as repudiating the mes sage). - 對稱與非對稱式加密則無法提供 - 科克霍夫原則 (只要密鑰不被別人掌握,密碼系統也是安全的) Specifically, the **Kerckhoffs’s principle** (also known as Kerckhoffs’s assumption) is that a cryptographic system should be e secure even if everything about the system, except the key, is public knowledge. The prin ciple can be summed up as “The enemy knows the system.” - Two main types of **cryptosystems** enforce confidentiality. - **Symmetric cryptosystems對稱密碼系統** use a ==shared secret key== available to ==all users== of the cryptosystem. - **Asymmetric cryptosystems非對稱密碼系統** use ==individual== combinations of ==**public** and **private** keys== for each user of the system. - 資料三種狀態 - Data ==**at rest**==, or **stored data** is that which resides in a permanent location awaiting access. Examples of data at rest include data stored on hard drives, backup tapes, cloud storage services, USB devices, and other storage media. - Data ==**in motion**==, or data **on the wire 資料再現路跑~**, is data being transmitted across a network between two systems. Data in motion might be traveling on a corporate network, a wireless network, or the public internet. - Data ==**in use**== is data that is stored in the **active memory** of a computer system where it may be accessed by a process running on that system. - **FIPS 140-2** Federal Information Processing Standard (FIPS) 140–2, **“Security Requirements for Cryptographic Modules,”** defines the **hardware** and **software** require ments for ==cryptographic modules== that the **federal government uses**. - 凱薩密碼 - Caesar cipher also became known as the **ROT3 (or Rotate 3) cipher**. The Caesar cipher is a **substitution cipher字母替換密碼** that is mono-alphabetic. - 破解 : frequency analysis. (對照最頻繁用字嘗試替換後明文就可能會出現) - **Zero-Knowledge Proof** 零知識證明 不告訴你秘密本身,卻能證明我知道秘密。 Ex. Magic Door 穿梭 - **Split Knowledge** 分割知識 ==M of N Control== requires that a minimum number of agents (M) out of the total number of agents (N) work together to perform high-security tasks. Ex. N = 8 , M=3 3/8 則至少要3人同時在場才能執行 - **Work Function** 破解一個密碼系統所付出的努力,衡量密碼系統強度 You can measure the strength of a cryptography system by measuring the effort in terms of cost and/or time using a work function or work factor. - **對稱密鑰管理** > [color=blue] **建立與分發** > - Offline Distribution > - Public Key Encryption > - Diffie–Hellman (前兩個無法使用又須直接溝通) > [color=orange] **儲存和銷毀** > - 不將密鑰與被加密數據保存在同一個系統 > - 敏感密鑰,兩人個一個片段 須到場才能重建(分割知識),有人離職須刪除 - **密碼生命週期** - 依業務情境、密碼生命週期考量適當的管制 (思考如果需要保護核武10年) - 訂出組織可接受的演算法 AES、3DES、RSA - 根據敏感性配套使用的可接受密鑰長度 - 列舉可用的安全交易協議 如SSL、TLS ::: ### 3.9.2 Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves) > [color=blue] Ref OSG **CH09.2** > [color=orange] Ref OSG **CH06.3** > [color=green] Ref OSG **CH07** :::info - Ciphers - **Transposition** Ciphers 位移密碼(大風吹) - Use an encryption algorithm to **rearrange the letters** of a plaintext message, forming the ciphertext message. - **Substitution** Ciphers 替換密碼 - Substitution ciphers use the encryption algorithm to **replace each character** or bit of the plaintext message with a different character. - **One-time pad** 極其強力的替換密碼 - **Block Cipher** 同一時間對整個訊息執行加密算法 - **Stream Cipher** 一次在一個 character bit 上運行加密 - **Diffusion** 擴散,改動明文的一點變化導致多個密文中的變化 - 密鑰數要求 - symmetric cryptography : 金鑰數= n(n-1)/2 - 非對稱加密 : 金鑰數=2n - 對照表 ![](https://i.imgur.com/xgh2bpa.png) - 對稱式 - **DES,Data Encryption Standard** 56位元密鑰訊息 - ECB - CBC - CFB - OFB - CTR - 3-DES - DES-EEE3 - DES-EDE3 - DES-EEE2 - DES-EDE2 - IDEA - PGP Pretty Good Privacy - Blowfish - 被許多商用產品採用 - TwoFish : 額外兩項技術 - Prewhitening - Postwhitening - Skipjack - AES,Advanced Encryption (Rijndael 密碼模組) NIST 197規定美國政府使用 ![](https://i.imgur.com/JgIsfbP.png) - 非對稱密碼 (**傳送者**拿**接收者**的**公鑰**進行==加密==,**接收者**用自己的**密鑰**==解密==) > 此公鑰系統使用更長的密鑰 EX.2048 才能產生與對稱式加密相同強度的密碼 - RSA - 質因式分解 - El Gamal - 公開大家使用,但加密訊息會長一倍(大影響傳輸) - Elliptic Curve Cryptography,ECC (橢圓曲線密碼) - 資料更小,強度相同 - HASH 雜湊 > 確保訊息在傳送過程中未曾改動過 - SHA,Secure Hash Algorithm - SHA 256 - SHA 224 - SHA 512 - SHA 384 - MD2 (不安全) - MD4 (不安全) - MD5 (不安全) - HMAC ,Hashed Message Authentication Code - 提供真實性 (不包含 不可否認性) ::: ### 3.9.3 Public Key Infrastructure (PKI) > [color=green] Ref OSG **CH07** :::info - **Certificate** - 數位證書向通信雙方保證,是他們聲稱的 - 遵守 X.509 版本 - **Certificate Authorities** 發證機構 ::: ### 3.9.4 Key management practices > [color=green] Ref OSG **CH07** ### 3.9.5 Digital signatures > [color=green] Ref OSG **CH07** :::info - 數位簽章 (不可否認性、完整性) 透過 PKI 與 HSAH 技術達成 - **Digitally signed** messages assure the recipient that the message truly came from the claimed sender(聲稱的傳送方). They enforce nonrepudiation (that is, they preclude the sender from later claiming that the message is a forgery). - **Digitally signed** messages assure the recipient that the ==message was not altered while in transit== between the sender and recipient. This protects **against both malicious modification** (a third party altering the meaning of the message) and unintentional modification (because of faults in the communications process, such as electrical interference). - 注意 - 數位簽章不對自己所含內容與簽名本身提供任何隱私保護 Note that the **digital signature** process ==does not provide== any **privacy** in and of itself. It only **ensures** that the ==cryptographic goals of integrity, authentication, and nonrepudiation== are met. - 簽章 ![](https://i.imgur.com/98Swj2x.png) - HMAC,Hashed Message Authentication Code - **不提供**不可否認性 - 生成與註銷 - 註冊 - 驗證 - 註銷 - 確認可以透過拖曳將檔案上平台 - 註銷確認 - CRL - OSCP ::: ### 3.9.6 Non-repudiation > [color=green] Ref OSG **CH07** ### 3.9.7 Integrity (e.g., hashing) > [color=blue] Ref OSG **CH09.2** :::info - **Hash 五個基本要求** - The **input** can be of any length. - The **output** has a fixed length. - The hash function is relatively **easy to compute for any input**. - The hash function is **one-way** - The hash function is **collision free** (meaning that it is extremely hard to find two mes sages that produce the same hash value). ::: ### 3.9.8 Understand methods of cryptanalytic attacks > [color=blue] Ref OSG **CH09.2** > [color=green] Ref OSG **CH07** :::info - **Analytic Attack** This is an algebraic manipulation that attempts to reduce the complexity of the algorithm. Analytic attacks focus on the logic of the algorithm itself. - **Implementation Attack** This is a type of attack that exploits weaknesses in the implemen tation of a cryptography system. It focuses on exploiting the software code, not just errors and flaws but the methodology employed to program the encryption system. - **Statistical Attack** A statistical attack exploits statistical weaknesses in a cryptosystem, such as floating-point errors and inability to produce truly random numbers. Statistical attacks attempt to find a vulnerability in the hardware or operating system hosting the cryptography application. - **Brute Force** Brute-force attacks are quite straightforward. Such an attack attempts every possible valid combination for a key or password. They involve using massive amounts of processing power to methodically guess the key used to secure cryptographic communications. - **彩虹表** , 用加鹽保護 - **頻率分析**和**唯有密文**攻擊 > 攻擊者知道的只有密文,透過觀察密文與**出現頻率**來分析 - **已知明文** > 攻擊者掌握了**明文**與加密後的**密文** - **選擇密文** > 攻擊者能解密密文中被選中的那一部分,來發現密鑰 - **選擇明文** > 攻擊者能給他們選中的銘文消息加密,根據加密算法分析密文輸出 - 中間人 **Man** in the Middle - 中間再相見 **Meet** in the Middle , 破DES - 生日 , 破 HASH - 重放 Reply --- - **網路保護** - 線路加密 - Link Encryption 鏈路加密 - End-to-End Encryption 端到端加密 - IPSec - The Authentication Header ,**AH** 提供**完整性**和**不可否認性** - The Encapsulating Security Payload, **ESP** 提供**保密性**和**完整性** ::: ### 3.9.8 Digital Rights Management (DRM) > [color=green] Ref OSG **CH07** :::info - 音樂 - 電影 - 電子書 - 電子遊戲 - 文檔 ::: ### 考題觀點 :::danger - Bit 數與可能的金鑰組合性 2^n - PKI Digital Certificate 建立與驗證標準 The **X.509 standard**, developed by the International Telecommunications Union, contains the specification for digital certificates. - Zero-Knowledge proof 概念 (可以實現需要敏感信息的結果,而無需實際披露敏感信息) ![](https://i.imgur.com/aFbV1kz.png) - 凱薩密碼 The Caesar cipher is a **shift cipher(移位密碼)** that works on a stream of text and is also a **substitution cipher(替代密碼)**. - IPSec 的 ESP 才有提供機密性 The **Encapsulating Security Payload (ESP)** protocol provides **confidentiality and integrity** for packet contents. It encrypts packet payloads and provides limited authentication and protection against replay attacks. - DES **keying material** 長度 ![](https://i.imgur.com/Iwk8zCw.png) - 對稱式密碼金鑰協議 Diffie-Hellman algorithm ![](https://i.imgur.com/Icdkpr3.png) - 現代密碼學觀點 不怕你看算法 ![](https://i.imgur.com/cPn3fPQ.png) - 密鑰託管 In the **Fair Cryptosystem approach to key escrow**, the secret keys used in communications are divided into **two** or **more** pieces, each of which is given to an independent third party. - **Steganography隱寫術** ![](https://i.imgur.com/ZC0Qvvo.png) - 密文與 Code (編碼)的差異 ![](https://i.imgur.com/lgFpONQ.png) - Nonrepudiation 不可否認性時機 ![](https://i.imgur.com/UkWyksi.png) - **Known Plain Text** 已知明文 ![](https://i.imgur.com/0GVn5FB.png) - **TOCTOU**攻擊 ![](https://i.imgur.com/1PgU9l7.png) - 非對稱式金鑰數 2*n ![](https://i.imgur.com/7S2DNL0.png) - **Chain of Custody** ![](https://i.imgur.com/J9nwrEI.png) - 憑證的撤銷是列序號 ![](https://i.imgur.com/NFzqslh.png) - Blowfish 的金鑰長度可以 從 32 ~ 448 Bits ![](https://i.imgur.com/9tU2BB4.png) - Transposition cipher 換位密碼 ![](https://i.imgur.com/wuJtRHv.png) - 2DES 破密 ![](https://i.imgur.com/MjOiZq3.png) - 數位簽章 ![](https://i.imgur.com/U5GGKDI.png) - TLS 平時傳輸用什麼加密 **Ephemeral(暫時) session key** ![](https://i.imgur.com/s0fHPFu.png) - 數位憑證 ![](https://i.imgur.com/o8NyVL5.png) - DRM ![](https://i.imgur.com/CE1Vj7c.png) ::: ## 3.10 Apply security principles to site and facility design > [color=blue] Ref OSG **CH10** ### 3.10.1 Wiring closets/intermediate distribution facilities ### 3.10.2 Server rooms/data centers ### 3.10.3 Media storage facilities ### 3.10.4 Evidence storage ### 3.10.5 Restricted and work area security ### 3.10.6 Utilities and Heating, Ventilation, and Air Conditioning (HVAC) ### 3.10.7 Environmental issues ### 3.10.8 Fire prevention, detection, and suppression ### 考題觀點 :::danger - 資料中心的溼度 **Data center humidity** should be maintained ==between 40% and 60%==. Values below this range increase the risk of **static electricity靜電**, while values above this range may generate **moisture濕氣** that damages equipment. - 滅火系統類型 **Preaction Fire Suppression** ![](https://i.imgur.com/RUEw2a5.png) - 建築物的防護 Mantrap ![](https://i.imgur.com/hc0HqxU.png) - 配線間 ![](https://i.imgur.com/GG63VyQ.png) - Mean Time To Failure (MTTF) ![](https://i.imgur.com/h23kdGm.png) - **Extinguisher 滅火器** ![](https://i.imgur.com/yPp4b7j.png) - **Class A** fire extinguishers are useful only against ==**common combustible(可燃物) materials**==. They use **water or soda acid** as their suppressant. - **Class B** extinguishers are for ==**liquid fires(液體火災)**==. - **Class C** extinguishers are for ==**electrical fires(電器火災)**==, and - **Class D** fire extinguishers are for ==**combustible metals(可燃金屬)**==. - **SSD 刪除方式** ![](https://i.imgur.com/mo9AYcb.png) - **至少六呎啦** ![](https://i.imgur.com/R9Xdr7G.png) - **Halon 不再使用** ![](https://i.imgur.com/aDD5TXU.png) - **Heartbeat Sensor** ![](https://i.imgur.com/JeSevWC.png) - **滅火器** ![](https://i.imgur.com/pK7NPLQ.png) - 電磁場 ![](https://i.imgur.com/kSGjrCe.png) - Farady cage ![](https://i.imgur.com/5lCuFdN.png) - UPS 無法保護 **Blackout 長期停電** ![](https://i.imgur.com/oScFZ1T.png) - redudent 設計 ![](https://i.imgur.com/iqwuxLj.png) ::: ### D3 考題觀點未分類 :::danger - 軍方系統存取 ![](https://i.imgur.com/LlbFLLF.png) - 受感染的處理與可能的途徑 ![](https://i.imgur.com/9uaLDug.png) - 黑/白名單 ![](https://i.imgur.com/SrrLNtL.png) - OOP 抽象化 ![](https://i.imgur.com/IeJiHwg.png) - (Certification 驗證) (Accrediation 認證) https://www.isoleader.com.tw/home/iso_news_detail/1315 ![](https://i.imgur.com/sWo8ED2.png) - 資料?? ![](https://i.imgur.com/gOBPBoo.png) :::