Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains the beginning address






2. The Reserved hard drive space used to to extend RAM capabilites.






3. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






4. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






5. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






6. Trusted facility management is an assurance requirement only for ________________.






7. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






8. Contains the ending address






9. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






10. TCB contains The Security Kernel and all ______________.






11. Users need to be Identified individually to provide more precise acces control and auditing functionality.






12. Mandatory Access requires that _____________ be attached to all objects.






13. When the contents of the address defined in the program's instruction is added to that of an index register.






14. The Simple Security rule is refered to as______________.






15. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






16. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






17. Used by Windows systems to reserve the "Swap Space"






18. What prevents a process from accessing another process' data?






19. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






20. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






21. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






22. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






23. Mandatory access control is enfored by the use of security labels.






24. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






25. In the Bell-LaPadula Model the Object's Label contains ___________________.






26. TCSEC provides a means to evaluate ______________________.






27. The combination of RAM - Cache and the Processor Registers






28. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






29. The Security Model Incorporates the ____________ that should be enforced in the system.






30. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






31. Individual subjects must be uniquely identified.






32. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






33. I/O drivers and utilities






34. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






35. Which Orange Book evaluation level is described as "Verified Design"?






36. When a vendor submits a product for evaluation - it submits it to the ____________.






37. Involves sharing the processor amoung all ready processes






38. The Bell-LaPadula Model is a _______________.






39. The group that oversees the processes of evaluation within TCSEC is?






40. Contains an Address of where the instruction and dara reside that need to be processed.






41. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






42. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






43. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






44. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






45. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






46. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






47. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






48. The Physical memory address that the CPU uses






49. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






50. Which Orange Book evaluation level is described as "Discretionary Security Protection"?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests