SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Integrity
The TCSEC - Aka Orange Book
Simple Security Rule
2. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Administrative declaration
Examples of Layered Operating Systems
Totality of protection mechanisms
The security perimeter
3. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
The reference monitor
Orange Book interpretations
Accreditation
Continuous protection - O/B
4. I/O drivers and utilities
The "No write Down" Rule
TCB (Trusted Computing Base)
Ring 2
Orange Book - D
5. Individual subjects must be uniquely identified.
Identification - Orange Book
Dominate the object's sensitivity label
The security kernel
attributability
6. A set of objects that a subject is able to access
Attributable - original - accurate - contemporaneous and legible
Identification - Orange Book
A Domain
Swap Space
7. What access control technique is also known as multilevel security?
Storage and timing
Orange Book - B1
A1 - Rating
Mandatory access control
8. Mandatory Access requires that _____________ be attached to all objects.
Totality of protection mechanisms
B1 - Labeled Security rating
The security kernel
Sensitivity labels
9. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Stored in Reak Memory
Basic Security Theorem (used in computer science) definition
Certification
Dedicated Security Mode
10. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Certification
The Tranqulity principle (The Bell-LaPadula Model)
Prohibits
11. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Simple Security Rule
Security rating B
Ring 2
Prohibits
12. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
The Evaluated Products List (EPL) with their corresponding rating
Prevent secret information from being accessed
Polyinstantiation
B3 - Rating
13. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
14. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Swap Space
Ring 2
Need-to-know
Its Clearance Label (Top Secret - Secret - or Confidential)
15. The Bell-LaPadula model Subjects and Objects are ___________.
Secondary Storage
Assigned labels
Files - directories and devices
Multilevel Security Policies
16. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
The rule is talking about "Reading"
Fail safe
Prohibits
17. When the address location that is specified in the program instruction contains the address of the final desired location.
Orange Book - A1
Physical security
Examples of Layered Operating Systems
Indirect addressing
18. When a portion of primary memory is accessed by specifying the actual address of the memory location
Pagefile.sys file
Direct addressing
Buffer overflows
Orange Book C
19. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Controlling unauthorized downgrading of information
Indirect addressing
C2 - Controlled Access Protection
B2 - Structured Protection
20. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Totality of protection mechanisms
Sensitivity labels
The National Computer Security Center (NCSC)
21. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Attributable data
Trusted hardware - Software and Firmware
The Thread (memory Management)
security protection mechanisms
22. In the Bell-LaPadula Model the Object's Label contains ___________________.
Prohibits
Its classification label (Top Secret - Secret or confidential)
An abstract machine
B3 - Security Domains
23. When a computer uses more than one CPU in parallel to execute instructions is known as?
Swap Space
Access Matrix model
Need-to-know
Multiprocessing
24. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Execution Domain
First evaluation class
Access Matrix model
Trusted Distribution
25. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
C1
B2 rating
The Trusted Computing Base (TCB)
All Mandatory Access Control (MAC) systems
26. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Examples of Layered Operating Systems
The Clark Wilson integrity model
Dominate the object's sensitivity label
The "No write Down" Rule
27. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Orange Book - A1
Orange Book - B2
Protection Rings Support
Controlling unauthorized downgrading of information
28. Which increases the performance in a computer by overlapping the steps of different instructions?
Trusted Products Evaluation Program (TPEP)
A Thread
Primary storage
Pipelining
29. Minimal Security
The Trusted Computing Base (TCB)
C2
Division B - Mandatory Protection
Orange Book - D
30. A subject at a given clearance may not read an object at a higher classification
Models concerned with integrity
B3 - Security Domains
B1 - Labeled Security
The Simple Security Property
31. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
C2 - Controlled Access Protection
Access control to the objects by the subjects
B2 rating
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
32. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
The Biba Model
Controls the checks
Ring 0
33. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Access control to the objects by the subjects
The reference monitor
Programmable Read-Only Memory (PROM)
A Thread
34. Which would be designated as objects on a MAC system?
Life-cycle assurance - O/B
Files - directories and devices
Security Policy is clearly defined and documented
Controls the checks
35. Which TCSEC level first addresses object reuse?
Higher or equal to access class
C2
Direct addressing
Need-to-know
36. When the contents of the address defined in the program's instruction is added to that of an index register.
B3
A Limit Register (Memory Management)
Indexed addressing
Dominate the object's sensitivity label
37. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The Tranqulity principle (The Bell-LaPadula Model)
The TCSEC - Aka Orange Book
Attributable - original - accurate - contemporaneous and legible
The security kernel
38. The Simple Security rule is refered to as______________.
The "No read Up" rule
The *-Property rule (Star property)
Be protected from modification
Documentation - Orange Book
39. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Scalar processors
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Implement software or systems in a production environment
40. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The Monolithic Operation system Architecture
Trusted Products Evaluation Program (TPEP)
Most commonly used approach
Security Policy - Orange Book
41. Based on a known address with an offset value applied.
Higher or equal to access class
Ring 3
Relative Addresses
The rule is talking about "Reading"
42. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Ring 0
Attributable - original - accurate - contemporaneous and legible
The trustworthiness of an information system
Isolate processes
43. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
B1 - Labeled Security
C2
The Integrity of data within applications
44. The Orange book does NOT Cover ________________ - And Database management systems
Direct addressing
B3
Access Matrix model
Networks and Communications
45. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Division D - Minimal Protection
Trusted Products Evaluation Program (TPEP)
Accreditation
The Monolithic Operation system Architecture
46. Applications and user activity
Scalar processors
The National Computer Security Center (NCSC)
Primary storage
Ring 3
47. Discretionary protection
Orange Book - B1
Orange Book C
Orange Book - A1
security protection mechanisms
48. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
No read down
Accountability - Orange Book
The trustworthiness of an information system
attributability
49. Mandatory access control is enfored by the use of security labels.
Indirect addressing
A single classification and a Compartment Set
The trustworthiness of an information system
Division B - Mandatory Protection
50. In access control terms - the word "dominate" refers to ___________.
C1 - Discretionary Security Protection
Dedicated Security Mode
Higher or equal to access class
International Standard 15408
