CISSP AN ULTIMATE WAY AROUND FOR MAINTAINING SECURITY
Transformation of information technology turns into mega business revenue generation. Companies associated with IT or generally by all means rely on some sort of communication. It is imperative for them to secure information at maximum level to avoid leakage of classified information. In this manner industry gurus form a subject called Information Security to literate IT professionals towards securing organizational processes.
Certified Information Systems Security Professional (CISSP) is certification exam managed and authorized by ISC2. It help professionals to implement security plan for communication whether it’s electronic or physical. The scope of CISSP is confidentiality, integrity and availability of information within organization. Before actually hopping to real exam scenario, mechanism that needs to be understood is security architecture. Such architecture comprise of hardware, security controls, software and documentation. So from designing point of view implementation of security at each of stated level is mandatory to ensure information security. Let’s discuss core concepts of CISSP from exam and gaining knowledge perspective.
In computer core component that exist is Central Processing Unit (CPU), placed on system motherboard that connects all sort of other components to interact with running Operating System (OS). Here is one by one clarification of computer architecture from CISSP standpoint:
A CPU consists of arithmetic Logic Unit (ALU), Control Unit and memory to perform mathematical, logical, memory, decoding and executing of instructions. Primary functions of CPU include:
There are four states in which any CPU operate:
- In Read State where programs are about to resume the processing
- In Supervisor State where whole system can be controlled by program
- In Problem State instructions will be executed those don’t have any privileges
- In Wait State where program must wait until event completion
CPU has very distinct limitation to process certain set of instructions and reason why OS should be developed in a way to support architecture of CPU. It maintains register to store starting and end memory value to recall and execute instructions headed to CPU for processing. As described in below table every CPU evaluated time-to-time places number of resisters on it to determine amount of instructions can be process per second. The speed is measured in Million Instructions per Second (MIPS). By the passage of time size of resisters decreased and number of resisters increased on CPU to perform instruction processing tasks. For instance Intel Core i7 Processor with 3.06GHz having 731,000,000 resisters can process 18 MIPS. The 3.06GHz is actually CPU’s clock speed that affect instruction processing and high clock speed achieved by increasing number of resisters per CPU.
Number of Transistors
Intel Core 2
Intel Core i7
In today’s modern computer there are two basic CPU designs exists:
1. RISC (Reduced Instruction Set Computing) design used to achieve high performance by reducing the number of clock cycles while processing instructions in CPU.
2. CISC (Complex Instruction Set Computing) design used to process low level operations like memory loading, memory storing or arithmetic.
Every CPU needs two type of information as instructions and data to fulfill its duty. Data then transfer to CPU for manipulation that work under problem or supervisor state. Any CPU can be categorized depends upon their functionality after supporting motherboard and OS. Generally computer system can be classified as below:
Multiprogramming – ability to perform more than one processes at same time on a system.
Multitasking – ability to perform more than one tasks or sub tasks on a system concurrently.
Multiprocessor – relatively new term and system ability where OS supports more than one physical processors, at first Windows 98 not supported multiprocessors.
Multiprocessor can be described as below:
· Work as Symmetric or Asymmetric
· Equally resource sharing to all programs under symmetric mode
· Set priority among different programs under Asymmetric mode
· Data that needs to be processed often comes from application
· Every program tracked via PID (Process ID)
If you are familiar with ‘C’ programming language where you printed on screen a line “Information Security” in this case each line of code represent thread. When program used more than one thread at same time is called multithreading as described in below picture:
For smooth running of multiple processes there is a technique called process isolation and categorized into four types as below:
1. Objects Encapsulation – no interaction between applications of dissimilar processes.
2. Virtual Mapping – running application code written in a way that believe to be running alone.
3. Time Multiplexing – resource sharing of multiple processes or applications.
4. Naming distinctions – assigning unique names to running processes.
In order to get attention of CPU an interrupt electrical signal sent along the line, following are the key interrupt methods widely used in computer:
Programmed I/O – data transfer between peripheral devices and CPU.
Interrupt Drives I/O – efficient way of data input and output though need tedious hardware.
I/O using DMA – writing information directly onto memory and bypassing CPU.
Memory Mapped I/O – space reservation, maintaining addresses for memory and I/O devices.
Port Mapped I/O – ability to write even single byte on I/O devices.
Memory management in computers requires professional approach as it ensures smooth operations. It’s even more needed on multitasking OS otherwise memory will be corrupted. Memory management usually used for:
Relocation – data swapping between primary to secondary memory.
Protection – process writing restrictions on certain chunk of memory.
Sharing – memory sharing as per defined user level access such as read or write.
Logical Organization – sharing and logical link libraries.
Physical Organization – manage physical attached memory.
If we study computer closely from architecture point of view then CPU alone is nothing without proper memory to store data and instructions. CPU is only component in computer that can access memory directly without intervention. It’s all about system design that set trust level high between CPU and memory for ease of use. On the other hand CPU uses various types of address schemes like absolute addressing and relative addressing. Further it can be addressed as physically or logically like hard coded addresses or program written addresses respectively. Moreover there are different types of memory used in systems that we are going to discuss later.
RAM or Random Access Memory bear following properties:
· Temporary storage area
· Power failure results in data loss
· RAM can be static that use circuit latches
· RAM can be dynamic where it needs to be refreshed after every milliseconds
· Static RAM(SRAM) need to refresh signal
· Dynamic RAM(DRAM) don’t need to refresh signal
· SRAM is faster than DRAM
Classification of DRAM is a below:
SDRAM (Synchronous DRAM) – equip with synchronous interface work with system bus, it actually waits clock signal then respond to control input.
DDR (Double Data Rate) – it works faster about twice the standard SDRAM.
DDR2 – have ability to split cock pulse to two that eventually offer multiply the information being process.
RDRAM (Rambus Direct RAM) – not common in latest systems and found mainly in gamming or home theater systems.
Read Only Memory (ROM):
Being nonvolatile memory never lost data in case of power failure and used mainly to store system firmware like BIOS. Following are widely recognized ROM types:
EPROM – Erasable Programmable Read Only Memory.
EEPROM – Electrically Erasable Programmable Read Only Memory.
Flash – Flash Memory.
PLD – Programmable Logic Devices.
Apart from primary storage in a system there is always a room for secondary storage to perform jobs efficiently. Below are most common used secondary storage types:
Sequential Storage – bundled into tape drives and read data from beginning to end in sequence.
Direct Access – in such type information can be read or store from any part, Hard Drives are good example of direct access storage.
Floppies – also known as diskettes made of thin plastic and organized information in tracks and sectors.
Compact Disk – or CD is optical media and used laser sensor to read or write data. A CD can be read only or rewriteable and hold up to 800MB of data on one disk.
Digital Video Disks – or DVDs fall under same category of CD the only difference is DVD can hold much more data than CD.
Blu-ray Disk – latest form of optical media that can store up to 50 GB of data on single disk.
I/O Bus Standards:
If you study motherboard closely you will notice that there are whole bunch of lines stretching among every component. These lines used for communication between various components especially CPU. For instance if CPU requires to read data from memory it will send special signal along those lines to retrieve information. Such signal is called Bus that is nothing but an information carrier, below are common types of bus architecture:
ISA – or Industry Standard Architecture at first comes up with IBM PCs and started with 8-Bit bus, now this type is no more in use.
PCI – or Peripheral Component Interface manufactured by Intel to replace the ISA and other similar bus designs. The current standard that is being used by systems is PCI Express.
SCSI – or Small computer systems Interface able to attach all sort of devices on single controller in daisy-chained, most severs reckon this a preferred method for hard drives.
USB and FireWire are other two popular serial standards those are widely used among masses. USB removes limitations associated with serial and offer up to 4.8Gbps transfer speed. Biggest advantage of USB is it can be quickly recognized by any system the moment we attached. FireWire also known as IEEE 1394 is competing with USB that mostly used in Apple systems.
Hardware Cryptographic Components
Hardware can have their own way of security to authenticate before use. A dedicated security device called Trusted Platform Module (TPM) chip installed in hardware for security purpose. As it works at hardware level and reason why, is more credible security feature than software. TPM chip is covered under ISO 11889-1:2009. Following steps involved towards authenticating certain hardware in computers:
· TPM offer hash value after calculation of firmware, configuration detail and OS Kernel.
· While installation the hash value stored in TPM chip
· Then provide attestation.
Virtual Memory & Virtual Machines:
Once hardware have installed in computer it’s all about OS how it will interact with variety of components. Virtual memory is a concept when OS using hard drives and RAM formulate third type of storage that let CPU believes system has extra memory. This type of memory is called virtual memory as described:
· Page Files
· Swap Space
· Swap Partition
After configuring above types of virtual memory CPU can then use them as temporary storage to dump extra load of applications and able to retrieve them upon request.
Virtual Machines bearing same concept transform whole system into virtual using all components of system. It means you can run multiple OS within one OS using same hardware used by primary OS. Hypervisor is used in this way to manage Virtual Machines by maintaining the inventory of resources.
Computers can be configured in number of ways depending upon requirements. Following are most commonly used computer configuration:
Print Server – to correlate all printing related tasks on single system so that number of users can access one system to perform printing task instead of approaching printer directly.
File Server – is used to store data or files on one system that makes easy to access and backup. This type of configuration ease process of storing data as there is no need to upgrade user PC for storage or backup.
Program Server – also known as application server where all frequently used applications installed on single system accessible by every user. This way one system need to upgrade or manage instead of every user-end computer. This concept is very popular these days under thin client environment.
Web Server – is offer services to run web pages on internet or locally.
Database Server – database hold important piece of information for various applications running within setup. Proper configuration is must in order to avoid compromising sensitive data of organization.
Notebooks and Tablets – are easy to move and eventually easy to stole, such mobile devices should be protected in best possible manner.
Smartphones – rather new induction in terms of configuration because size of hand held device with capacity of processing and storage almost equivalent to medium size computer. Today’s smartphones are equipped with lots of storage, excess RAM and Multicore processors can also be easily stole. Protecting such devices is hour of need as companies are promoting a culture of bring your own device (BYOD).
· A processor can execute multiple instructions at same time is called superscalar processor and a processor that can execute only one instruction at a time is called scalar processor. You should be able to distinguish between them from exam viewpoint.
· How CPU assigns names to running processes, enter a command on Linux terminal as ps-aux and note values of unique PID.
· Maskable and non-Maskable are two types of interrupts where application ignore Maskable Interrupts but not non-Maskable Interrupts.
· Protected memory and memory addressing are two concepts attached to storage that needs to be fully understood for exam.
No access can be given to modify content that was used prior to other active programs or process under protected memory. Memoryaddressing can be logical or physical and used by CPU to access the contents.
· If a program use RAM but unable to release memory it’s called Memory leak that eventually eat up all memory and ultimately results in system crash or halt.
· Cloud computing is another form of centralized resource management so Virtualization is not the only way around in workplace.
About the Author
- Certified Information Systems Security Professional (CISSP)
- Cloud computing
- Information Security
- IT professionals
- process isolation