SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The group that oversees the processes of evaluation within TCSEC is?
Trusted Distribution
The Red Book
Programmable Read-Only Memory (PROM)
Trusted Products Evaluation Program (TPEP)
2. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Multitasking
Prohibits
*-Integrity Axiom
Examples of Layered Operating Systems
3. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
C1 - Discrection Security Protection is a type of environment
Multilevel Security Policies
Orange Book interpretations
Totality of protection mechanisms
4. As per FDA data should be ______________________________.
Implement software or systems in a production environment
No write down
Attributable - original - accurate - contemporaneous and legible
Virtual Memory
5. What model use an access control triples and requires that the system maintain separation of duty ?
Continuous protection - O/B
The "No write Down" Rule
Cache Memory
Clark-Wilson
6. A system uses the Reference Monitor to ___________________ of a subject and an object?
Direct addressing
Discretionary Security Property (ds-property)
C2 - Controlled Access Protection
Compare the security labels
7. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Stored in Reak Memory
The security perimeter
Protection Rings Support
8. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Evaluated separately
Controlling unauthorized downgrading of information
Orange Book - B1
Continuous protection - O/B
9. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Prevent secret information from being accessed
A single classification and a Compartment Set
Government and military applications
All Mandatory Access Control (MAC) systems
10. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Subject to Object Model
NOT Integrity
Complex Instruction Set Computers (CISC)
The Evaluated Products List (EPL) with their corresponding rating
11. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
The Common Criteria
Isolate processes
Higher or equal to access class
12. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
Prevent secret information from being accessed
C2 - Controlled Access Protection
A Limit Register (Memory Management)
13. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
The Common Criteria
Multilevel Security Policies
Evaluated separately
C2 - Controlled Access Protection
14. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Mandatory Access Control (MAC)
No read down
The rule is talking about "Reading"
Absolute addresses
15. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Life Cycle Assurance Requirement
Enforces the rules
C2 - Controlled Access Protection
Integrity
16. The Indexed memory addresses that software uses
Programmable Read-Only Memory (PROM)
Logical addresses
security protection mechanisms
Simple Integrity Axiom
17. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
All Mandatory Access Control (MAC) systems
Compare the security labels
Virtual Memory
18. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
Subject to Object Model
Its classification label (Top Secret - Secret or confidential)
Security Policy is clearly defined and documented
19. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
The Red Book
B3 - Rating
Identification - Orange Book
20. I/O drivers and utilities
Pagefile.sys file
Ring 2
Dominate the object's sensitivity label
The Clark Wilson integrity model
21. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Orange Book ratings
Dominate the object's sensitivity label
Compare the security labels
22. Data in Cache can be accessed much more quickly than Data
Orange Book C
Virtual storage
Stored in Reak Memory
Ring 0
23. Remaining parts of the operating system
Ring 1
State machine model
Attributable data
Totality of protection mechanisms
24. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
A1
NOT Integrity
The Thread (memory Management)
25. What are the components of an object's sensitivity label?
The trustworthiness of an information system
Mandatory Access Control (MAC)
A single classification and a Compartment Set
Access Matrix model
26. When a vendor submits a product for evaluation - it submits it to the ____________.
The TCSEC - Aka Orange Book
Security mechanisms and evalautes their effectivenes
Trusted hardware - Software and Firmware
The National Computer Security Center (NCSC)
27. Which in the Orange Book ratings represents the highest level of trust?
A1 - Rating
B2
Covert channels
System High Security Mode
28. The Simple Security rule is refered to as______________.
The "No read Up" rule
Documentation - Orange Book
Simple Security Rule
A lattice of Intergrity Levels
29. A Policy based control. All objects and systems have a sensitivity level assigned to them
Mandatory Access Control (MAC)
Bell-LaPadula Model
Orange Book - B1
Storage and timing
30. The Bell-LaPadula Model is a _______________.
B3
Ring 0
Subject to Object Model
Controlling unauthorized downgrading of information
31. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Accountability - Orange Book
Constrained
The security perimeter
Its Clearance Label (Top Secret - Secret - or Confidential)
32. Contains the beginning address
Certification
Orange Book A
A Base Register (Memory Management)
Orange Book B
33. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
C1 - Discretionary Security Protection
Certification
No read up
34. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The Evaluated Products List (EPL) with their corresponding rating
Controls the checks
B2 rating
Security rating B
35. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Documentation - Orange Book
A1 - Rating
A Thread
Most commonly used approach
36. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Subject to Object Model
Absolute addresses
Security rating B
Division C - Discretionary Protection
37. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Multiprocessing
The security perimeter
Buffer (temporary data storage area)
Life Cycle Assurance Requirement
38. The total combination of protection mechanisms within a computer system
Mandatory access control
TCB (Trusted Computing Base)
Orange Book - B2
The Integrity of data within applications
39. Which uses Protection Profiles and Security Targets?
International Standard 15408
Accreditation
First evaluation class
The security perimeter
40. In access control terms - the word "dominate" refers to ___________.
The rule is talking about "Reading"
Controls the checks
Higher or equal to access class
Attributable data
41. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
A1
Storage and timing
The Trusted Computing Base (TCB)
The security kernel
42. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Reduced Instruction Set Computers (RISC)
The security perimeter
The Strong star property rule
Simple Integrity Axiom
43. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Trusted Products Evaluation Program (TPEP)
Labels - Orange Book
International Standard 15408
44. Applications and user activity
Multilevel Security Policies
All Mandatory Access Control (MAC) systems
Ring 3
Stored in Reak Memory
45. The combination of RAM - Cache and the Processor Registers
Division D - Minimal Protection
Orange Book ratings
Primary storage
Models concerned with integrity
46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
A and B
The Evaluated Products List (EPL) with their corresponding rating
Accountability - Orange Book
Basic Security Theorem (used in computer science) definition
47. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Basic Security Theorem (used in computer science) definition
Security mechanisms and evalautes their effectivenes
Simple Security Rule
Identification - Orange Book
48. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
A Limit Register (Memory Management)
Networks and Communications
Discretionary Security Property (ds-property)
Dedicated Security Mode
49. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Sensitivity labels
Direct addressing
Orange Book - B2
50. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
C2
Orange Book - B3
Models concerned with integrity