Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






2. The *-Property rule is refered to as ____________.






3. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






4. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






5. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






6. When the address location that is specified in the program instruction contains the address of the final desired location.






7. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






8. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






9. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






10. Happen because input data is not checked for appropriate length at time of input






11. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






12. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






13. Which is a straightforward approach that provides access rights to subjects for objects?






14. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






15. When the RAM and secondary storage are combined the result is __________.






16. The Availability - Integrity and confidentiality requirements of multitasking operating systems






17. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






18. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






19. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






20. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






21. The Physical memory address that the CPU uses






22. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






23. Minimal Security






24. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






26. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






27. Each data object must contain a classification label and each subject must have a clearance label.






28. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






29. Contains an Address of where the instruction and dara reside that need to be processed.






30. When a vendor submits a product for evaluation - it submits it to the ____________.






31. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






32. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






33. System Architecture that separates system functionality into Hierarchical layers






34. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






35. Remaining parts of the operating system






36. A set of objects that a subject is able to access






37. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






38. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






39. According to the Orange Book - trusted facility management is not required for which security levels?






40. Mandatory Access requires that _____________ be attached to all objects.






41. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






42. The Bell-LaPadula Model is a _______________.






43. The Biba Model adresses _____________________.






44. Which TCSEC level first addresses object reuse?






45. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






46. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






47. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






48. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






49. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






50. TCB contains The Security Kernel and all ______________.