SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The Clark Wilson integrity model
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Prevent secret information from being accessed
The Trusted Computing Base (TCB)
2. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Pagefile.sys file
Direct addressing
The Thread (memory Management)
Totality of protection mechanisms
3. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Operational assurance requirements
Direct addressing
The Common Criteria
Orange Book ratings
4. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Invocation Property
Programmable Read-Only Memory (PROM)
Certification
The Security Kernel
5. Permits a database to have two records that are identical except for Their classifications
International Standard 15408
Polyinstantiation
Logical addresses
attributability
6. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
Buffer overflows
Polyinstantiation
Simple Security Rule
7. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Access control to the objects by the subjects
Division B - Mandatory Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
Implement software or systems in a production environment
8. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Attributable - original - accurate - contemporaneous and legible
First evaluation class
A lattice of Intergrity Levels
Bell-LaPadula Model
9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
C2 - Controlled Access Protection
Ring 3
A single classification and a Compartment Set
Trusted Distribution
10. All users have a clearance for and a formal need to know about - all data processed with the system.
Division D - Minimal Protection
Stored in Reak Memory
Trusted facility management
Dedicated Security Mode
11. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
Multiprocessing
B3
Swap Space
12. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
A Limit Register (Memory Management)
A1 - Rating
Implement software or systems in a production environment
The reference monitor
13. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Most commonly used approach
Totality of protection mechanisms
Fail safe
14. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Relative Addresses
Scalar processors
All Mandatory Access Control (MAC) systems
Programmable Read-Only Memory (PROM)
15. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Invocation Property
The Red Book
Virtual storage
16. What prevents a process from accessing another process' data?
The Biba Model
B2 rating
Process isolation
Higher or equal to access class
17. Which Orange Book evaluation level is described as "Verified Design"?
NOT Integrity
Implement software or systems in a production environment
A1
Networks and Communications
18. Which in the Orange Book ratings represents the highest level of trust?
Government and military applications
security protection mechanisms
Swap Space
B2
19. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
The Simple Security Property
Multiprocessing
Trusted Products Evaluation Program (TPEP)
20. Succesfully Evaluated products are placed on?
Administrative declaration
The Evaluated Products List (EPL) with their corresponding rating
Multilevel Security Policies
A Base Register (Memory Management)
21. Which would be designated as objects on a MAC system?
Continuous protection - O/B
The trustworthiness of an information system
Files - directories and devices
Covert channels
22. The Security Model Incorporates the ____________ that should be enforced in the system.
Reduced Instruction Set Computers (RISC)
In C2 - Controlled Access Protection environment
Life Cycle Assurance Requirement
Security Policy
23. Verification Protection
The *-Property rule (Star property)
No read down
Swap Space
Orange Book A
24. Audit data must be captured and protected to enforce accountability
Totality of protection mechanisms
Networks and Communications
A Layered Operating System Architecure
Accountability - Orange Book
25. The security kernel is the mechanism that _____________ of the reference monitor concept.
Mandatory access control
Logical addresses
B3 - Security Domains
Enforces the rules
26. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The Common Criteria
Most commonly used approach
Absolute addresses
Implement software or systems in a production environment
27. Documentation must be provided - including test - design - and specification document - user guides and manuals
Firmware
Operational assurance requirements
Networks and Communications
Documentation - Orange Book
28. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
System High Security Mode
Dedicated Security Mode
D
Security mechanisms and evalautes their effectivenes
29. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Operational assurance requirements
No read down
Firmware
A Domain
30. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Thread (memory Management)
Prohibits
The Biba Model
An abstract machine
31. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Indexed addressing
Clark-Wilson Model
The security perimeter
Totality of protection mechanisms
32. A type of memory used for High-speed writing and reading activities.
Cache Memory
State machine model
Buffer overflows
The Red Book
33. The Indexed memory addresses that software uses
Firmware
C2
Logical addresses
No write down
34. A Policy based control. All objects and systems have a sensitivity level assigned to them
Mandatory Access Control (MAC)
Secondary Storage
The Rule is talking about writing
Reduced Instruction Set Computers (RISC)
35. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
First evaluation class
No write down
Orange Book A
A Thread
36. What does the simple integrity axiom mean in the Biba model?
Isolate processes
First evaluation class
Primary storage
No read down
37. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Its Clearance Label (Top Secret - Secret - or Confidential)
Life-cycle assurance - O/B
Thrashing
Types of covert channels
38. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Continuous protection - O/B
B3
B1
39. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Accreditation
Bell-LaPadula Model
Direct addressing
40. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Accountability - Orange Book
Orange Book - B3
State machine model
Continuous protection - O/B
41. Mandatory access control is enfored by the use of security labels.
A Thread
Erasable and Programmable Read-Only Memory (EPROM)
Division B - Mandatory Protection
Constrained
42. The Orange book requires protection against two_____________ - which are these Timing and Storage
Ring 1
Types of covert channels
A1 - Rating
Documentation - Orange Book
43. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
The Clark Wilson integrity model
Subject to Object Model
Orange Book ratings
Examples of Layered Operating Systems
44. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Invocation Property
C2 - Controlled Access Protection
B2 rating
Orange Book A
45. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The National Computer Security Center (NCSC)
Highly secure systems (B2 - B3 and A1)
B3 - Security Domains
Access control to the objects by the subjects
46. What is called the formal acceptance of the adequacy of a system's overall security by management?
Trusted Network Interpretation (TNI)
NOT Integrity
Accreditation
The TCSEC - Aka Orange Book
47. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
B2 - Structured Protection
Pipelining
The Strong star property rule
A and B
48. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Evaluated separately
The Monolithic Operation system Architecture
Real storage
Documentation - Orange Book
49. Mediates all access and Functions between subjects and objects.
Sensitivity labels
The Security Kernel
C1
Dedicated Security Mode
50. Mandatory Protection
Orange Book B
C2 - Controlled Access Protection
A1 - Rating
B1 - Labeled Security rating