SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The subject must have Need to Know for ONLY the information they are trying to access.
Ring 1
System High Security Mode
Orange Book C
An abstract machine
2. A system uses the Reference Monitor to ___________________ of a subject and an object?
Continuous protection - O/B
Compare the security labels
The rule is talking about "Reading"
Networks and Communications
3. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
A single classification and a Compartment Set
A Limit Register (Memory Management)
The security perimeter
Primary storage
4. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
In C2 - Controlled Access Protection environment
Direct addressing
TCB (Trusted Computing Base)
5. Mandatory Protection
Division C - Discretionary Protection
Higher or equal to access class
Orange Book B
Scalar processors
6. The total combination of protection mechanisms within a computer system
A1
TCB (Trusted Computing Base)
A Layered Operating System Architecure
security protection mechanisms
7. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Simple Security Rule
C2
Implement software or systems in a production environment
8. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
Storage and timing
Direct addressing
B2 rating
10. As per FDA data should be ______________________________.
B2 - Structured Protection
Attributable - original - accurate - contemporaneous and legible
Pipelining
Models concerned with integrity
11. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Security Policy
Trusted Distribution
Invocation Property
A security kernel
12. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Orange Book - B2
The Simple Security Property
Disclosure of residual data
B3
13. Execute one instruction at a time.
The "No write Down" Rule
Totality of protection mechanisms
Scalar processors
The Thread (memory Management)
14. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Types of covert channels
attributability
The Common Criteria
International Standard 15408
15. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
System High Security Mode
Access Matrix model
Constrained
Swap Space
16. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Trusted Network Interpretation (TNI)
Enforces the rules
NOT Integrity
C2
17. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
A Limit Register (Memory Management)
B3
Erasable and Programmable Read-Only Memory (EPROM)
Overt channel
18. Which increases the performance in a computer by overlapping the steps of different instructions?
Process isolation
Pipelining
No read up
Identification - Orange Book
19. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Fail safe
Examples of Layered Operating Systems
Dedicated Security Mode
20. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Simple Security Rule
Implement software or systems in a production environment
A1
The Trusted Computing Base (TCB)
21. Intended for environments that require systems to handle classified data.
Trusted hardware - Software and Firmware
Trusted facility management
B1 - Labeled Security rating
Attributable - original - accurate - contemporaneous and legible
22. According to the Orange Book - trusted facility management is not required for which security levels?
Absolute addresses
B1
The security perimeter
Scalar processors
23. What is called the formal acceptance of the adequacy of a system's overall security by management?
Totality of protection mechanisms
Accreditation
The Biba Model
Multilevel Security Policies
24. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Ring 3
Division D - Minimal Protection
NOT Integrity
25. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
TCB (Trusted Computing Base)
System High Security Mode
C2 - Controlled Access Protection
26. Remaining parts of the operating system
Ring 1
The reference monitor
Fail safe
No read up
27. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Virtual storage
Orange Book - A1
Administrative declaration
Mandatory Access Control (MAC)
28. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
Life-cycle assurance - O/B
Dominate the object's sensitivity label
Multilevel Security Policies
29. Contains the beginning address
B2 rating
The "No read Up" rule
A Base Register (Memory Management)
Basic Security Theorem (used in computer science) definition
30. Which in the Orange Book ratings represents the highest level of trust?
A security kernel
B2
Multilevel Security Policies
Ring 3
31. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Networks and Communications
Life-cycle assurance - O/B
Process isolation
Programmable Read-Only Memory (PROM)
32. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Ring 1
*-Integrity Axiom
State machine model
D
33. In the Bell-LaPadula Model the Object's Label contains ___________________.
Administrative declaration
Its classification label (Top Secret - Secret or confidential)
Division B - Mandatory Protection Architecture
The Thread (memory Management)
34. Based on a known address with an offset value applied.
A Thread
C2
Orange Book ratings
Relative Addresses
35. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
A1
Virtual storage
Clark-Wilson Model
Simple Integrity Axiom
36. Which is a straightforward approach that provides access rights to subjects for objects?
Controlling unauthorized downgrading of information
D
Access Matrix model
Direct addressing
37. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
B1 - Labeled Security rating
Prohibits
Orange Book - D
38. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
Certification
A Layered Operating System Architecure
B2 rating
39. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Dedicated Security Mode
Orange Book - D
Multilevel Security Policies
Controlling unauthorized downgrading of information
40. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
The National Computer Security Center (NCSC)
Files - directories and devices
The Rule is talking about writing
41. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Bell-LaPadula Model
Orange Book - B3
A single classification and a Compartment Set
Buffer (temporary data storage area)
42. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
Pipelining
security protection mechanisms
Multilevel Security Policies
43. Which would be designated as objects on a MAC system?
The TCSEC - Aka Orange Book
Files - directories and devices
A Thread
Security rating B
44. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Enforces the rules
B1 - Labeled Security rating
Compare the security labels
45. When a computer uses more than one CPU in parallel to execute instructions is known as?
Orange Book - A1
The TCSEC - Aka Orange Book
Multiprocessing
First evaluation class
46. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Controls the checks
Division C - Discretionary Protection
A Base Register (Memory Management)
47. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Process isolation
An abstract machine
Trusted Distribution
Attributable data
48. Which can be used as a covert channel?
D
Storage and timing
attributability
Networks and Communications
49. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Stored in Reak Memory
Simple Security Rule
Trusted facility management
50. What does the * (star) property mean in the Bell-LaPadula model?
A lattice of Intergrity Levels
Accountability - Orange Book
System High Security Mode
No write down
