SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The subject must have Need to Know for ONLY the information they are trying to access.
Trusted Distribution
System High Security Mode
The security perimeter
An abstract machine
2. When the address location that is specified in the program instruction contains the address of the final desired location.
B1
A Base Register (Memory Management)
Pipelining
Indirect addressing
3. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The "No write Down" Rule
Buffer (temporary data storage area)
security protection mechanisms
The Red Book
4. The group that oversees the processes of evaluation within TCSEC is?
Access Matrix model
International Standard 15408
A1 - Rating
Trusted Products Evaluation Program (TPEP)
5. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Attributable data
Controls the checks
Life Cycle Assurance Requirement
Implement software or systems in a production environment
6. Applications and user activity
Programmable Read-Only Memory (PROM)
Direct Addressing
Orange Book - B2
Ring 3
7. In the Bell-LaPadula Model the Object's Label contains ___________________.
Identification - Orange Book
C2
The Red Book
Its classification label (Top Secret - Secret or confidential)
8. Permits a database to have two records that are identical except for Their classifications
Logical addresses
Polyinstantiation
B2
Enforces the rules
9. Which in the Orange Book ratings represents the highest level of trust?
Dominate the object's sensitivity label
C1 - Discrection Security Protection is a type of environment
Process isolation
B2
10. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
First evaluation class
'Dominate'
Division B - Mandatory Protection Architecture
Division C - Discretionary Protection
11. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
In C2 - Controlled Access Protection environment
Its Clearance Label (Top Secret - Secret - or Confidential)
The Monolithic Operation system Architecture
B3
12. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Disclosure of residual data
Polyinstantiation
D
Buffer overflows
13. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Indexed addressing
C2
System High Security Mode
attributability
14. According to the Orange Book - trusted facility management is not required for which security levels?
Orange Book B
Compare the security labels
B1
Its classification label (Top Secret - Secret or confidential)
15. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
A single classification and a Compartment Set
The Thread (memory Management)
Invocation Property
The Red Book
16. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
The National Computer Security Center (NCSC)
Fail safe
Orange Book - B3
A security kernel
17. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Certification
C2 - Controlled Access Protection
Implement software or systems in a production environment
Orange Book interpretations
18. Discretionary protection
Trusted hardware - Software and Firmware
C2
Identification - Orange Book
Orange Book C
19. Which describe a condition when RAM and Secondary storage are used together?
State machine model
B1 - Labeled Security
Virtual storage
Orange Book - B2
20. In access control terms - the word "dominate" refers to ___________.
Its classification label (Top Secret - Secret or confidential)
Higher or equal to access class
D
attributability
21. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
'Dominate'
The National Computer Security Center (NCSC)
Ring 2
Division C - Discretionary Protection
22. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
Orange Book - B3
Virtual storage
Absolute addresses
23. The Biba Model adresses _____________________.
Prohibits
Storage and timing
The Integrity of data within applications
C1 - Discretionary Security Protection
24. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
The Security Kernel
Networks and Communications
An abstract machine
25. Execute one instruction at a time.
Execution Domain
The trustworthiness of an information system
Scalar processors
A security kernel
26. Mandatory Access requires that _____________ be attached to all objects.
Clark-Wilson Model
The National Computer Security Center (NCSC)
Sensitivity labels
The reference monitor
27. What is called the formal acceptance of the adequacy of a system's overall security by management?
Constrained
Accreditation
Cache Memory
Evaluated separately
28. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. System Architecture that separates system functionality into Hierarchical layers
Controlling unauthorized downgrading of information
The Simple Security Property
A Layered Operating System Architecure
Thrashing
30. A domain of trust that shares a single security policy and single management
Implement software or systems in a production environment
A security domain
Dedicated Security Mode
Access control to the objects by the subjects
31. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
An abstract machine
Buffer (temporary data storage area)
A lattice of Intergrity Levels
Polyinstantiation
32. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
The Clark Wilson integrity model
Orange Book C
C2 - Controlled Access Protection
Orange Book - B2
33. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Files - directories and devices
Ring 3
Access control to the objects by the subjects
The Monolithic Operation system Architecture
34. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Its classification label (Top Secret - Secret or confidential)
Clark-Wilson
The Red Book
35. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
Security mechanisms and evalautes their effectivenes
attributability
The Clark Wilson integrity model
36. Remaining parts of the operating system
Ring 1
'Dominate'
Pagefile.sys file
Orange Book C
37. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
The "No write Down" Rule
Buffer (temporary data storage area)
No read down
Trusted Distribution
38. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
Basic Security Theorem (used in computer science) definition
The Clark Wilson integrity model
Access Matrix model
39. Mandatory Protection
Orange Book B
Mandatory access control
Dedicated Security Mode
Dedicated Security Mode
40. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
*-Integrity Axiom
Most commonly used approach
A lattice of Intergrity Levels
Simple Integrity Axiom
41. The C2 evaluation class of the _________________ offers controlled access protection.
Division B - Mandatory Protection
Logical addresses
Trusted Network Interpretation (TNI)
Prohibits
42. A Policy based control. All objects and systems have a sensitivity level assigned to them
NOT Integrity
Security Policy - Orange Book
A and B
Mandatory Access Control (MAC)
43. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
The National Computer Security Center (NCSC)
No write down
NOT Integrity
44. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
System High Security Mode
attributability
Security rating B
No write down
45. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Simple Security Rule
Basic Security Theorem (used in computer science) definition
Security Policy
attributability
46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Files - directories and devices
Integrity
Clark-Wilson Model
47. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
A Limit Register (Memory Management)
Trusted facility management
Controlling unauthorized downgrading of information
Programmable Read-Only Memory (PROM)
48. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
C2 - Controlled Access Protection
Secondary Storage
Ring 0
Multiprocessing
49. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Division B - Mandatory Protection
In C2 - Controlled Access Protection environment
The Strong star property rule
The *-Property rule (Star property)
50. Bell-LaPadula model was proposed for enforcing access control in _____________________.
B3 - Rating
Most commonly used approach
Government and military applications
Trusted facility management
