SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Subject to Object Model
Dominate the object's sensitivity label
Orange Book ratings
Cache Memory
2. What does the simple security (ss) property mean in the Bell-LaPadula model?
Division B - Mandatory Protection Architecture
A Thread
No read up
No write down
3. The Indexed memory addresses that software uses
State machine model
B1
Protection Rings Support
Logical addresses
4. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Orange Book - A1
First evaluation class
The "No read Up" rule
Most commonly used approach
5. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Scalar processors
Totality of protection mechanisms
B3
The Trusted Computing Base (TCB)
6. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Stored in Reak Memory
Clark-Wilson Model
Complex Instruction Set Computers (CISC)
The Clark Wilson integrity model
7. Can be erased - modified and upgraded.
The Common Criteria
Erasable and Programmable Read-Only Memory (EPROM)
C1
C2 - Controlled Access Protection
8. The Orange book does NOT Cover ________________ - And Database management systems
Controlling unauthorized downgrading of information
All Mandatory Access Control (MAC) systems
Assigned labels
Networks and Communications
9. The security kernel is the mechanism that _____________ of the reference monitor concept.
Isolate processes
A and B
Enforces the rules
Indexed addressing
10. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2
Integrity
Access Matrix model
B2 - Structured Protection
11. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
Complex Instruction Set Computers (CISC)
Mandatory Access Control (MAC)
Virtual storage
12. The Biba Model adresses _____________________.
Dedicated Security Mode
Isolate processes
Relative Addresses
The Integrity of data within applications
13. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Orange Book - B3
Security mechanisms and evalautes their effectivenes
Ring 0
The *-Property rule (Star property)
14. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Logical addresses
C1 - Discretionary Security Protection
Examples of Layered Operating Systems
15. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Subject to Object Model
Orange Book - B3
The Security Kernel
State machine model
16. Contains an Address of where the instruction and dara reside that need to be processed.
The Red Book
C2 - Controlled Access Protection
The Thread (memory Management)
C2 - Controlled Access Protection
17. Which would be designated as objects on a MAC system?
Need-to-know
Totality of protection mechanisms
Files - directories and devices
Its Clearance Label (Top Secret - Secret - or Confidential)
18. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Trusted Network Interpretation (TNI)
B2 - Structured Protection
A Limit Register (Memory Management)
19. Minimal Security
Mandatory Access Control (MAC)
Division D - Minimal Protection
Attributable data
Orange Book - D
20. TCB contains The Security Kernel and all ______________.
security protection mechanisms
The Thread (memory Management)
Files - directories and devices
Division B - Mandatory Protection
21. The Physical memory address that the CPU uses
Controls the checks
Absolute addresses
Programmable Read-Only Memory (PROM)
A security domain
22. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Overt channel
Attributable - original - accurate - contemporaneous and legible
Process isolation
23. Which uses Protection Profiles and Security Targets?
International Standard 15408
Orange Book interpretations
System High Security Mode
Accreditation
24. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Types of covert channels
Swap Space
D
Controls the checks
25. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Trusted Network Interpretation (TNI)
B3
Compare the security labels
Constrained
26. A Policy based control. All objects and systems have a sensitivity level assigned to them
A security kernel
The Security Kernel
TCB (Trusted Computing Base)
Mandatory Access Control (MAC)
27. Each data object must contain a classification label and each subject must have a clearance label.
Identification - Orange Book
Prevent secret information from being accessed
B1 - Labeled Security
The Common Criteria
28. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Networks and Communications
All Mandatory Access Control (MAC) systems
Clark-Wilson Model
29. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Trusted Products Evaluation Program (TPEP)
First evaluation class
An abstract machine
30. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Networks and Communications
The security kernel
Examples of Layered Operating Systems
Process isolation
31. A domain of trust that shares a single security policy and single management
Orange Book - B2
Trusted Products Evaluation Program (TPEP)
A security domain
An abstract machine
32. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Most commonly used approach
B1 - Labeled Security
Trusted Network Interpretation (TNI)
33. Which in the Orange Book ratings represents the highest level of trust?
Buffer overflows
The TCSEC - Aka Orange Book
Certification
B2
34. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
B3 - Rating
Overt channel
Ring 3
35. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Indirect addressing
security protection mechanisms
Administrative declaration
Simple Integrity Axiom
36. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Absolute addresses
Bell-LaPadula Model
The Rule is talking about writing
37. When a vendor submits a product for evaluation - it submits it to the ____________.
International Standard 15408
A Layered Operating System Architecure
The National Computer Security Center (NCSC)
Administrative declaration
38. In the Bell-LaPadula Model the Object's Label contains ___________________.
An abstract machine
Examples of Layered Operating Systems
Its classification label (Top Secret - Secret or confidential)
Access Matrix model
39. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Discretionary Security Property (ds-property)
Examples of Layered Operating Systems
Multiprocessing
Orange Book - B1
40. The Security Model Incorporates the ____________ that should be enforced in the system.
Multitasking
Trusted facility management
Security Policy
Attributable - original - accurate - contemporaneous and legible
41. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Subject to Object Model
Dedicated Security Mode
The Red Book
42. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Thrashing
The security perimeter
Life Cycle Assurance Requirement
Controlling unauthorized downgrading of information
43. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Models concerned with integrity
No write down
Life-cycle assurance - O/B
The reference monitor
44. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Polyinstantiation
The Monolithic Operation system Architecture
Erasable and Programmable Read-Only Memory (EPROM)
Security mechanisms and evalautes their effectivenes
45. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
The trustworthiness of an information system
A lattice of Intergrity Levels
The "No write Down" Rule
Orange Book interpretations
46. Verification Protection
The Trusted Computing Base (TCB)
Orange Book A
The rule is talking about "Reading"
B3
47. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
A1
Buffer (temporary data storage area)
Swap Space
The Clark Wilson integrity model
48. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
B2 - Structured Protection
The trustworthiness of an information system
Most commonly used approach
Fail safe
49. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Pipelining
Compare the security labels
The Clark Wilson integrity model
attributability
50. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
C2 - Controlled Access Protection
Ring 0
The Red Book
*-Integrity Axiom
