SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
The Strong star property rule
Basic Security Theorem (used in computer science) definition
Security rating B
2. The Indexed memory addresses that software uses
B3 - Security Domains
Logical addresses
Ring 2
Continuous protection - O/B
3. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
C1 - Discrection Security Protection is a type of environment
Orange Book - B3
A lattice of Intergrity Levels
4. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
The security perimeter
A1
Be protected from modification
5. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
No read down
*-Integrity Axiom
Constrained
Simple Integrity Axiom
6. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
The Common Criteria
Trusted Network Interpretation (TNI)
B2 rating
7. Mandatory Protection
The Tranqulity principle (The Bell-LaPadula Model)
Execution Domain
International Standard 15408
Orange Book B
8. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
NOT Integrity
The National Computer Security Center (NCSC)
B3 - Rating
Need-to-know
9. Mediates all access and Functions between subjects and objects.
The Security Kernel
Pipelining
Government and military applications
The Common Criteria
10. Bell-LaPadula model was proposed for enforcing access control in _____________________.
A single classification and a Compartment Set
B3 - Security Domains
C2 - Controlled Access Protection
Government and military applications
11. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Stored in Reak Memory
The National Computer Security Center (NCSC)
Sensitivity labels
Controlling unauthorized downgrading of information
12. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Implement software or systems in a production environment
The Clark Wilson integrity model
Stored in Reak Memory
13. Which in the Orange Book ratings represents the highest level of trust?
Operational assurance requirements
Ring 1
Division B - Mandatory Protection Architecture
B2
14. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Security mechanisms and evalautes their effectivenes
NOT Integrity
First evaluation class
15. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
Fail safe
B3 - Security Domains
Its classification label (Top Secret - Secret or confidential)
16. In the Bell-LaPadula Model the Object's Label contains ___________________.
C2 - Controlled Access Protection
Subject to Object Model
Its classification label (Top Secret - Secret or confidential)
The Integrity of data within applications
17. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
D
Higher or equal to access class
The Clark Wilson integrity model
Security Policy
18. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
Overt channel
Buffer (temporary data storage area)
Sensitivity labels
19. What does the * (star) property mean in the Bell-LaPadula model?
No write down
Security mechanisms and evalautes their effectivenes
Accountability - Orange Book
Ring 1
20. When the address location that is specified in the program instruction contains the address of the final desired location.
Integrity
NOT Integrity
Indirect addressing
Constrained
21. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
B1
C2 - Controlled Access Protection
Relative Addresses
22. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Subject to Object Model
B1
Complex Instruction Set Computers (CISC)
Direct addressing
23. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Trusted Distribution
Secondary Storage
Be protected from modification
24. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Evaluated separately
Orange Book - A1
The Common Criteria
Clark-Wilson Model
25. Trusted facility management is an assurance requirement only for ________________.
The National Computer Security Center (NCSC)
Dedicated Security Mode
Highly secure systems (B2 - B3 and A1)
Implement software or systems in a production environment
26. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Controls the checks
Real storage
Mandatory access control
Security Policy - Orange Book
27. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
First evaluation class
The security perimeter
A Layered Operating System Architecure
B3 - Rating
28. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Scalar processors
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book ratings
In C2 - Controlled Access Protection environment
29. Mandatory access control is enfored by the use of security labels.
Certification
Ring 3
The Simple Security Property
Division B - Mandatory Protection
30. Happen because input data is not checked for appropriate length at time of input
B3 - Security Domains
Ring 2
Buffer overflows
Overt channel
31. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
The security kernel
B1 - Labeled Security rating
Constrained
Orange Book - B1
32. TCB contains The Security Kernel and all ______________.
A Layered Operating System Architecure
Indexed addressing
security protection mechanisms
Ring 1
33. Verification Protection
The "No write Down" Rule
Orange Book B
Orange Book A
NOT Integrity
34. The Physical memory address that the CPU uses
The Integrity of data within applications
Absolute addresses
A Thread
Orange Book - B2
35. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Swap Space
An abstract machine
State machine model
The trustworthiness of an information system
36. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Orange Book - B3
Complex Instruction Set Computers (CISC)
Overt channel
C2 - Controlled Access Protection
37. When a vendor submits a product for evaluation - it submits it to the ____________.
Most commonly used approach
The *-Property rule (Star property)
The National Computer Security Center (NCSC)
Orange Book - B1
38. What access control technique is also known as multilevel security?
A Base Register (Memory Management)
Trusted hardware - Software and Firmware
All Mandatory Access Control (MAC) systems
Mandatory access control
39. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
A Layered Operating System Architecure
*-Integrity Axiom
Physical security
The rule is talking about "Reading"
40. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Clark-Wilson Model
A1
The National Computer Security Center (NCSC)
41. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Mandatory access control
Ring 1
The Tranqulity principle (The Bell-LaPadula Model)
42. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Life-cycle assurance - O/B
Disclosure of residual data
The security perimeter
Swap Space
43. The security kernel is the mechanism that _____________ of the reference monitor concept.
Physical security
Enforces the rules
Controls the checks
First evaluation class
44. Involves sharing the processor amoung all ready processes
Attributable data
Orange Book - B3
Multitasking
The "No write Down" Rule
45. Which can be used as a covert channel?
Documentation - Orange Book
Storage and timing
A lattice of Intergrity Levels
Security mechanisms and evalautes their effectivenes
46. What does the simple integrity axiom mean in the Biba model?
The Monolithic Operation system Architecture
Dedicated Security Mode
No read down
Fail safe
47. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Disclosure of residual data
B3 - Security Domains
C2 - Controlled Access Protection
Be protected from modification
48. The Biba Model adresses _____________________.
The security perimeter
Identification - Orange Book
The Integrity of data within applications
Documentation - Orange Book
49. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Security mechanisms and evalautes their effectivenes
Scalar processors
Continuous protection - O/B
Security rating B
50. Contains the beginning address
Dominate the object's sensitivity label
A Base Register (Memory Management)
B1
Swap Space