SLE = AV * EF
- Single Loss Expectancy (SLE) - Negative impact for one-time occurrence
- Asset Value (AV)
- Exposure Factor (EF) - If a flood will damage 40% of your data center, EF is 40%
ARO
- Annual Rate of Occurance
ALE = ARO * SLE
- 🍺 = 😍 (get it?)
- Ale makes arousal
- Annual Loss Expectancy = Rate of Occurrence - Single Loss Expectancy
STRIDE - Microsoft threat modeling tool
- S poofing
- T ampering
- R epudiation - attacker can deny participation
- I nformation disclosure
- D enial of service
- E levation of privilege
PTA keeps the children safe!
- P hysical - Tangible. Locks, guards, alligator moats, etc.
- T echincal/Logical - Automated or electronic systems.
- A dministrative - Policy, signage.
Imagine you have a pool. To protect children and animals from drowning in your pool, you exercise due care by building a fence around the pool. Regularly checking the fence for vulnerabilities and correcting them demonstrates due diligence.
- Due Care - A vendor engaging in a reasonable and expected manner for the circumstance
- Due Diligence - Demonstrates due care
Brewer-Nash is also known as "The Chinese Wall" and protects against conflict of interest. Remember Chinese "brew" tea. 🍵
You must read before you can write. So reading is "simpler" than writing. This makes reading the simple security model and writing the *-security model.
- Integrity Models have the letter "I" in them.
- Bell LaPadula and Biba - Since Biba has an "I" I it, it is integrity. The two are opposite so Bell is confidentiality. For some something confidential you don't want a subject reading up above their security. So Bell has a no read up property. With this we can extract read and write for both Biba and Bell
| Bell | Biba |
|---|---|
| No Read Up | Read Up |
| Write Down | No Write Down |
Found this somewhere else but it made me laugh and was easy to remember: Mr. Diffie-Hellman and Dr. ElGamal are phantom poopers! They leave discreet logs!
Most important thing here is remember strength from weakest to strongest. No clear mnemonic to do this. My approach:
- Remember the first and the last.
- The center 3 are alphabetical by name and/or abbreviation.
- ECB - Electronic Code Block (also the only one that doesn't support an initialization vector)
- CBC - Cipher Block Chaining
- CFB - Cipher Feedback
- OFB - Output Feedback Mode
- CTR - Counter
IaaS, PaaS, SaaS - Remember Pizza as a Service
| Type | Mneumonic | Description |
|---|---|---|
| A | Ash | Ordinary solid combustibles |
| B | Boil, Bubble | Flammable liquids and gasses |
| C | Circuits | Electrical equipment |
| D | Dent | Combustible metals |
| K | Kitchen | Oils and fats |
Remember "Zero KODU"
| Layer | Purpose |
|---|---|
| 0 | Kernal |
| 1 | Operating System |
| 2 | Drivers |
| 3 | User |