SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The Monolithic Operation system Architecture
Assigned labels
The security kernel
The Thread (memory Management)
2. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Labels - Orange Book
Programmable Read-Only Memory (PROM)
A1 - Rating
3. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
4. Used by Windows systems to reserve the "Swap Space"
Highly secure systems (B2 - B3 and A1)
A security domain
Pagefile.sys file
The Clark Wilson integrity model
5. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
C2 - Controlled Access Protection
Accountability - Orange Book
Life Cycle Assurance Requirement
6. Another word for Primary storage and distinguishes physical memory from virtual memory.
Trusted hardware - Software and Firmware
Thrashing
No read down
Real storage
7. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
Fail safe
Sensitivity labels
Higher or equal to access class
8. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
A single classification and a Compartment Set
Cache Memory
The reference monitor
All Mandatory Access Control (MAC) systems
9. Operating System Kernel
Physical security
The Rule is talking about writing
Buffer (temporary data storage area)
Ring 0
10. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Mandatory Access Control (MAC)
No read down
The Tranqulity principle (The Bell-LaPadula Model)
A lattice of Intergrity Levels
11. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The security perimeter
Orange Book - A1
B3 - Security Domains
A single classification and a Compartment Set
12. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A1 - Rating
Government and military applications
*-Integrity Axiom
Ring 1
13. Execute one instruction at a time.
Networks and Communications
'Dominate'
Scalar processors
B1
14. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Orange Book C
The Biba Model
Fail safe
C1
15. When the RAM and secondary storage are combined the result is __________.
Attributable data
Virtual Memory
B3 - Rating
Virtual storage
16. When a computer uses more than one CPU in parallel to execute instructions is known as?
Need-to-know
Isolate processes
Multiprocessing
Administrative declaration
17. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Controlling unauthorized downgrading of information
B1 - Labeled Security rating
Primary storage
18. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
C1 - Discrection Security Protection is a type of environment
The Tranqulity principle (The Bell-LaPadula Model)
Division C - Discretionary Protection
Trusted hardware - Software and Firmware
19. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Division B - Mandatory Protection Architecture
The Trusted Computing Base (TCB)
Reduced Instruction Set Computers (RISC)
20. The Simple Security rule is refered to as______________.
Orange Book - B2
Bell-LaPadula Model
Highly secure systems (B2 - B3 and A1)
The "No read Up" rule
21. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
C1
Orange Book - B3
Simple Integrity Axiom
The security kernel
22. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Types of covert channels
Most commonly used approach
Life Cycle Assurance Requirement
Be protected from modification
23. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
Reduced Instruction Set Computers (RISC)
Compare the security labels
B1
24. Which would be designated as objects on a MAC system?
Access control to the objects by the subjects
Virtual storage
C2 - Controlled Access Protection
Files - directories and devices
25. Discretionary protection
Logical addresses
C2 - Controlled Access Protection
Discretionary Security Property (ds-property)
Orange Book C
26. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Orange Book C
The trustworthiness of an information system
Attributable - original - accurate - contemporaneous and legible
27. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
A and B
C2 - Controlled Access Protection
Bell-LaPadula Model
The TCSEC - Aka Orange Book
28. A set of objects that a subject is able to access
Scalar processors
A Domain
Orange Book - A1
Controls the checks
29. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Life Cycle Assurance Requirement
Evaluated separately
attributability
Networks and Communications
30. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Government and military applications
Subject to Object Model
The Strong star property rule
31. Permits a database to have two records that are identical except for Their classifications
C2
Polyinstantiation
Buffer overflows
Security mechanisms and evalautes their effectivenes
32. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
'Dominate'
The Clark Wilson integrity model
Programmable Read-Only Memory (PROM)
33. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Primary storage
Accreditation
The Tranqulity principle (The Bell-LaPadula Model)
Simple Security Rule
34. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Virtual Memory
Be protected from modification
A Base Register (Memory Management)
Direct Addressing
35. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Most commonly used approach
The Biba Model
Programmable Read-Only Memory (PROM)
C2
36. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The *-Property rule (Star property)
Fail safe
'Dominate'
Security Policy is clearly defined and documented
37. What does the simple security (ss) property mean in the Bell-LaPadula model?
Logical addresses
All Mandatory Access Control (MAC) systems
No read up
Division C - Discretionary Protection
38. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Physical security
Networks and Communications
Orange Book C
A security kernel
39. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Accountability - Orange Book
The reference monitor
Swap Space
The Monolithic Operation system Architecture
40. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
B3 - Security Domains
Life-cycle assurance - O/B
A security kernel
Access control to the objects by the subjects
41. Succesfully Evaluated products are placed on?
B3
security protection mechanisms
The Evaluated Products List (EPL) with their corresponding rating
Direct addressing
42. Should always trace to individuals responsible for observing and recording the data
Pagefile.sys file
The Security Kernel
Attributable data
Physical security
43. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
In C2 - Controlled Access Protection environment
Orange Book A
Continuous protection - O/B
Primary storage
44. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Be protected from modification
TCB (Trusted Computing Base)
C1 - Discrection Security Protection is a type of environment
45. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channel
Trusted facility management
The Strong star property rule
Fail safe
46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Controlling unauthorized downgrading of information
Operational assurance requirements
Prohibits
47. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
security protection mechanisms
B3
Pagefile.sys file
NOT Integrity
48. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
No read down
Higher or equal to access class
TCB (Trusted Computing Base)
49. The *-Property rule is refered to as ____________.
The Evaluated Products List (EPL) with their corresponding rating
The Integrity of data within applications
The "No write Down" Rule
Security rating B
50. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Security Policy - Orange Book
B1 - Labeled Security rating
Controlling unauthorized downgrading of information
Certification
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests