Scribd
Upload
29 views7 pages

GitHub - DerreckM - CISSP-Mnemonics

Uploaded by

boussahanarimen78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
29 views7 pages

GitHub - DerreckM - CISSP-Mnemonics

Uploaded by

boussahanarimen78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

DerreckM / CISSP-Mnemonics Public

24 stars 8 forks

Star Notifications

Code Issues Pull requests Actions Projects Wiki Security

master Go to file

DerreckM Update README.md … on Sep 3, 2020 29 View code

README.md

CISSP-Mnemonics and Tips


Asymmetric Encryption

Also known as public key encryption (public key can be publicized without
compromising security)
Remember: DEREK

Diffie-Hellman/DSA
El-Gamal
RSA
Elleptical Curve Cryptography (ECC)
Knapsack

Symmetric Encryption

Also known as [s]hared key or [s]ecret key encryption. Private key can be sent out-
of band
Remember: 23BRAIDS

2TwoFish

https://github.com/DerreckM/CISSP-Mnemonics 1/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

3DES
Blowfish
RC5
AES
IDEA
DES
SAFER/Skipjack

Hash Functions:

Think of the good doctor: SHA HAVAL, MD

MD can create a 128-bit hash value. SHA can create a 160-bit hash value (SHA-1),
SHA-256 produces a 256-bit hash , SHA-384 produces a 384-bit hash, and SHA-
512 produces a 512-bit hash.

OSI Model:

Physical (Level 1), Datalink, Network, Transport, Session, Presentation,


Application (Level 7)
Remember:

"Please Do Not Throw Sausage Pizza Away" (going up)


"All People Seem To Need Data Processing" (going down)

Risk Management

ALE = ARO x SLE *think "Ale causes arousle"


SLE = AV x EF *think Italian magician (or Mario) saying "I've got something up
my sleav-ef"

4 D's of Physical Security:

[D]eter → [D]eny → [D]etect → [D]elay

Multi-Factor Authentiation:

https://github.com/DerreckM/CISSP-Mnemonics 2/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

Something you know, something you have, something you are


TCP Header Flags:

URG ACK PSH RST SYN FIN

*think "Unskilled Attackers Pester Real Security Folks"

Confidentiality and Integrity Models

Simple Property: for read "Reading is simpler than writing."


Star Property: for write "It's written in the stars."

Biba and Clark Wilson have the letter i in them, so Integrity Models Bell-LaPadula
is confidential: No read up and No write down. (said another way, Bell is WURD)

Remember: You don't want someone read up above their security

level Biba will be opposite: No read down and no write up (Biba is NO

WURD) Remember: you can't write up as it would "pollute" the data

System Security Modes

that is, for systems that process classified data, what each user is required to have

Dedicated mode - have a security clearance, access approval, and valid need to
know for ALL data processed by Dedicated system

System High mode - have a security clearance and access approval for ALL
data processed by System high mode system. Also, valid need to know for
data PERSONALLY accessed.

Compartmented mode - have a security clearance for ALL data processed by


compartmented mode system. Also, access approval and a valid need to know
for data PERSONALLY accessed.

Multilevel mode - have a security clearance, access approval, and valid need to
know for data PERSONALLY accessed. (Requirements are enforced primarily by
hardware or software on the system, not by limiting physical access)

https://github.com/DerreckM/CISSP-Mnemonics 3/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

Network Topologies

ring topology is most secure. (if it is dedicated with no external connections) bus
topology is cheap, easy to set up, and good for small LANs. (If the single line of
cable breaks, the network is down, devices can see others' packets)
star topology is most common. (more resilient than two above if a device fails, but
still dependent on central switch or hub)
mesh topology is best for redundancy. (with Full mesh if a node fails, network
traffic can be directed to any of the other nodes)

Note: There is also partial mesh, some nodes are organized in a full-mesh scheme,
but others are connected to only one or two in the network. Partial mesh topology is
commonly found in peripheral networks connected to a full meshed backbone network.)

DR Recovery Sites

Hot site- Organization needs site activation immediately; ready to go within


minutes or hours.

Warm site- Organization has alt. site with equipment and data circuits available but
nothing is connected and everything needs to be set up. The main requirement in
bringing a warm site to full operational status is the transportation of appropriate
backup media to the site and restoration of critical data on the standby servers. This
can take from a a one to three days. (Sybex says as little as 12 hrs., other sources
24- 48 hrs.)

Cold site- Organization has alternate site with power and cooling, but equipment
needs to be ordered and may take a few days to several weeks to arrive, be
configured, and then restoration of backup media.

Inherited and Explicit Rights and Permissions

Rights- grant users ability to perform specific actions on a system.


Permissions- enable users to read, write to, or execute files, that is a particular
object on a file system.
Inherited- user account inherits as a result of being a member of a security group
that has been assigned that right.
Explicit- assigned to a user at the user account level.

https://github.com/DerreckM/CISSP-Mnemonics 4/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

Change Management, Configuration Management, Incident Response, BCP, and Electronic


Discovery Steps

Change Management Steps:


i. Request the change
ii. Review the change
iii. Approve or reject the change
iv. Test the change
v. Schedule and implement the change
vi. Document the change

Configuration Management Steps:

i. Baselining
ii. Patch management
iii. Vulnerability management

Incident Response Steps:

i. Detection
ii. Response
iii. Mitigation
iv. Reporting
v. Recovery
vi. Remediation
vii. Lessons Learned

BCP Steps:

i. Develop a BCP policy statement


ii. Conduct a BIA
iii. Identify preventative controls
iv. Develop recovery strategies
v. Develop an IT contingency plan (DRP)
vi. Perform DRP training and testing
vii. Perform BCP/DRP maintenance

Electronic Discovery Steps:

https://github.com/DerreckM/CISSP-Mnemonics 5/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

i. Identification: potentially responsive documents are identified for further analysis


and review
ii. Preservation: data identified as potentially relevant is placed in a legal hold to
ensure it cannot be destroyed
iii. Collection: transfer of data from a company to their legal counsel
iv. Processing: Various data culling techniques are employed during this phase,
such as deduplication and de-NISTing
v. Review: documents are reviewed for responsiveness to discovery requests and
for privilege
vi. Production: documents are turned over to opposing counsel, based on agreed
upon specifications

MISCELLANEOUS

Retinal scan is most intrusive to privacy (*think ret-inal = anal, intrusive!


It's inappropriate, but you remember it!)

Using a condom is due care, taking the steps to decide whether to use the condom
is due diligence. (Source: Luke Ahmed)

Entrapment is when law enforcement persuades someone to commit a crime that they
otherwise would not have committed. Enticement is when the person would have
committed (or intended to commit the crime) anyway. (Source: Sybex OSG 7th Ed.)
(Think: You can entice a criminal, but only entrap an otherwise honest person.)

False Positive (Accept) - ACS identifies unauthorized user as authorized user


False Negative (Reject) - ACS does not validate an authorized user (Note:
more acceptable than false accepts)

Pipelining - method by which CPU can process more than 1 instruction per clock cycle

Fetch -> Decode -> Execute -> Write Once an instruction moves on to next stage,
a new instruction can be fetched

need to know - user has no access to info. that is not required by the user
Example: Restricting a CIO from accessing financial reports

least privilege- user has no more access to a resource than what is required to do that
user's job Example: User who reviews sales figures has read-only access, but cannot
modify them

https://github.com/DerreckM/CISSP-Mnemonics 6/7
1/9/22, 7:58 AM GitHub - DerreckM/CISSP-Mnemonics

WTFPL License

Disclaimer: Some of my mnemonics and tips are my own creations. Some are
freely given on Reddit. I strive to give credit to original source when and where
applicable.
This program is free software. It comes without any warranty, to the extent permitted by
applicable law. You can redistribute it and/or modify it under the terms of the Do What The
Fuck You Want To Public License, Version 2, as published by Sam Hocevar. See
http://www.wtfpl.net/ for more details.

DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE Version 2,

December 2004 Copyright (C) 2004 Sam Hocevar [email protected]

Releases

No releases published

Packages

No packages published

https://github.com/DerreckM/CISSP-Mnemonics 7/7

You might also like