SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model adresses _____________________.
Accreditation
A single classification and a Compartment Set
C1 - Discrection Security Protection is a type of environment
The Integrity of data within applications
2. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Programmable Read-Only Memory (PROM)
C2 - Controlled Access Protection
All Mandatory Access Control (MAC) systems
Simple Security Rule
3. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Ring 0
Constrained
*-Integrity Axiom
The Rule is talking about writing
4. Succesfully Evaluated products are placed on?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Evaluated Products List (EPL) with their corresponding rating
Pipelining
Prevent secret information from being accessed
5. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Swap Space
Examples of Layered Operating Systems
B2 - Structured Protection
Trusted Products Evaluation Program (TPEP)
6. A system uses the Reference Monitor to ___________________ of a subject and an object?
Orange Book - D
Compare the security labels
Orange Book B
Fail safe
7. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
Implement software or systems in a production environment
Overt channel
Complex Instruction Set Computers (CISC)
8. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Ring 0
Continuous protection - O/B
Real storage
9. Discretionary protection
A security domain
Multiprocessing
The Clark Wilson integrity model
Orange Book C
10. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Orange Book - B1
Fail safe
All Mandatory Access Control (MAC) systems
11. Individual subjects must be uniquely identified.
Highly secure systems (B2 - B3 and A1)
Absolute addresses
The National Computer Security Center (NCSC)
Identification - Orange Book
12. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The Integrity of data within applications
Programmable Read-Only Memory (PROM)
Certification
Orange Book A
13. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
A Limit Register (Memory Management)
B3
Assigned labels
C2 - Controlled Access Protection
14. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Documentation - Orange Book
Controlling unauthorized downgrading of information
Absolute addresses
An abstract machine
15. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Most commonly used approach
Complex Instruction Set Computers (CISC)
B2
16. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
C1 - Discrection Security Protection is a type of environment
Be protected from modification
The Integrity of data within applications
Dedicated Security Mode
17. What does the simple security (ss) property mean in the Bell-LaPadula model?
Enforces the rules
Programmable Read-Only Memory (PROM)
The reference monitor
No read up
18. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Documentation - Orange Book
Controlling unauthorized downgrading of information
Dedicated Security Mode
Access control to the objects by the subjects
19. Contains the ending address
A Limit Register (Memory Management)
Covert channels
B3 - Rating
Orange Book - D
20. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Enforces the rules
B3 - Rating
A lattice of Intergrity Levels
Direct addressing
21. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Ring 0
The Monolithic Operation system Architecture
Complex Instruction Set Computers (CISC)
A lattice of Intergrity Levels
22. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Implement software or systems in a production environment
Life-cycle assurance - O/B
Simple Integrity Axiom
23. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Be protected from modification
State machine model
B3
B1
24. What prevents a process from accessing another process' data?
Virtual storage
Process isolation
The National Computer Security Center (NCSC)
Cache Memory
25. The Physical memory address that the CPU uses
A lattice of Intergrity Levels
The National Computer Security Center (NCSC)
C1 - Discretionary Security Protection
Absolute addresses
26. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Real storage
Compare the security labels
Fail safe
No read up
27. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
Orange Book - B2
Documentation - Orange Book
C1 - Discrection Security Protection is a type of environment
28. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
A Base Register (Memory Management)
Clark-Wilson Model
C2
29. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
B3
C1 - Discretionary Security Protection
The Clark Wilson integrity model
System High Security Mode
30. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
C1 - Discretionary Security Protection
Orange Book A
Multilevel Security Policies
31. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Integrity
A Limit Register (Memory Management)
B3 - Security Domains
NOT Integrity
32. A set of objects that a subject is able to access
Programmable Read-Only Memory (PROM)
Stored in Reak Memory
A Domain
Clark-Wilson
33. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Scalar processors
A Thread
Most commonly used approach
34. System Architecture that separates system functionality into Hierarchical layers
NOT Integrity
A single classification and a Compartment Set
A Layered Operating System Architecure
B3
35. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Dedicated Security Mode
Need-to-know
Orange Book - B1
Buffer (temporary data storage area)
36. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Covert channels
Trusted Distribution
Trusted hardware - Software and Firmware
The Integrity of data within applications
37. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Orange Book - B3
'Dominate'
Most commonly used approach
Orange Book ratings
38. What are the components of an object's sensitivity label?
Files - directories and devices
A single classification and a Compartment Set
Constrained
The *-Property rule (Star property)
39. The Reserved hard drive space used to to extend RAM capabilites.
Erasable and Programmable Read-Only Memory (EPROM)
Identification - Orange Book
Swap Space
C2
40. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
A Domain
Basic Security Theorem (used in computer science) definition
Execution Domain
Its Clearance Label (Top Secret - Secret - or Confidential)
41. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
All Mandatory Access Control (MAC) systems
Stored in Reak Memory
No read down
Controls the checks
42. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
The reference monitor
Attributable - original - accurate - contemporaneous and legible
Mandatory access control
B3 - Rating
43. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Accountability - Orange Book
Real storage
Thrashing
Protection Rings Support
44. The Simple Security rule is refered to as______________.
The Integrity of data within applications
Relative Addresses
Trusted Products Evaluation Program (TPEP)
The "No read Up" rule
45. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
The Monolithic Operation system Architecture
'Dominate'
Direct addressing
46. A type of memory used for High-speed writing and reading activities.
The "No write Down" Rule
Overt channel
Cache Memory
Continuous protection - O/B
47. What does the * (star) property mean in the Bell-LaPadula model?
Orange Book - B2
The Rule is talking about writing
No write down
A single classification and a Compartment Set
48. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Buffer (temporary data storage area)
Security Policy is clearly defined and documented
Evaluated separately
The Integrity of data within applications
49. When a computer uses more than one CPU in parallel to execute instructions is known as?
Basic Security Theorem (used in computer science) definition
Security Policy
Multiprocessing
Orange Book B
50. The assignment of a specific individual to administer the security-related functions of a system.
Logical addresses
Most commonly used approach
Trusted facility management
The Integrity of data within applications
