SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
C1 - Discrection Security Protection is a type of environment
Labels - Orange Book
A security kernel
D
2. As per FDA data should be ______________________________.
B1 - Labeled Security
Pagefile.sys file
Attributable - original - accurate - contemporaneous and legible
Life-cycle assurance - O/B
3. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Division C - Discretionary Protection
The Trusted Computing Base (TCB)
The Red Book
Accreditation
4. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Bell-LaPadula Model
B3 - Rating
Examples of Layered Operating Systems
Dedicated Security Mode
5. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
The Tranqulity principle (The Bell-LaPadula Model)
Networks and Communications
Physical security
Life-cycle assurance - O/B
6. Which describe a condition when RAM and Secondary storage are used together?
Complex Instruction Set Computers (CISC)
Dedicated Security Mode
Security Policy - Orange Book
Virtual storage
7. Applications and user activity
Pipelining
A security domain
Ring 3
Be protected from modification
8. A type of memory used for High-speed writing and reading activities.
A Layered Operating System Architecure
Complex Instruction Set Computers (CISC)
Administrative declaration
Cache Memory
9. Which increases the performance in a computer by overlapping the steps of different instructions?
C2 - Controlled Access Protection
Simple Integrity Axiom
Documentation - Orange Book
Pipelining
10. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
A lattice of Intergrity Levels
Higher or equal to access class
Administrative declaration
Covert channels
11. Which can be used as a covert channel?
A Domain
Storage and timing
Covert channels
In C2 - Controlled Access Protection environment
12. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
B2 - Structured Protection
The Tranqulity principle (The Bell-LaPadula Model)
A single classification and a Compartment Set
Discretionary Security Property (ds-property)
13. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Models concerned with integrity
Orange Book - B3
Be protected from modification
Orange Book - B1
14. Mandatory Protection
Disclosure of residual data
Orange Book B
Logical addresses
Attributable - original - accurate - contemporaneous and legible
15. Should always trace to individuals responsible for observing and recording the data
The TCSEC - Aka Orange Book
Attributable data
Networks and Communications
Most commonly used approach
16. The Orange book requires protection against two_____________ - which are these Timing and Storage
A1
Cache Memory
Types of covert channels
Security Policy - Orange Book
17. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Highly secure systems (B2 - B3 and A1)
C2 - Controlled Access Protection
Isolate processes
A Thread
19. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The National Computer Security Center (NCSC)
D
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Storage and timing
20. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Primary storage
Attributable - original - accurate - contemporaneous and legible
Need-to-know
Invocation Property
21. Documentation must be provided - including test - design - and specification document - user guides and manuals
Virtual storage
Integrity
Documentation - Orange Book
D
22. What does the Clark-Wilson security model focus on
Execution Domain
B1 - Labeled Security rating
Integrity
Isolate processes
23. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Protection Rings Support
Security Policy is clearly defined and documented
Be protected from modification
The rule is talking about "Reading"
24. Verification Protection
Real storage
The "No read Up" rule
Orange Book A
Trusted facility management
25. What does the * (star) property mean in the Bell-LaPadula model?
Overt channel
No write down
The Security Kernel
Trusted facility management
26. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Mandatory access control
No write down
Implement software or systems in a production environment
Subject to Object Model
27. Each data object must contain a classification label and each subject must have a clearance label.
Buffer overflows
B1 - Labeled Security
Prevent secret information from being accessed
A1
28. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Government and military applications
Indexed addressing
The "No read Up" rule
The security perimeter
29. What is called the formal acceptance of the adequacy of a system's overall security by management?
Security mechanisms and evalautes their effectivenes
The "No read Up" rule
Accreditation
Bell-LaPadula Model
30. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Trusted facility management
Dedicated Security Mode
The Clark Wilson integrity model
The Biba Model
31. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
No read down
Overt channel
Examples of Layered Operating Systems
32. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Prevent secret information from being accessed
Multiprocessing
Protection Rings Support
33. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
Dedicated Security Mode
Indirect addressing
Orange Book - B2
34. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Attributable data
Trusted facility management
International Standard 15408
35. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Integrity
The trustworthiness of an information system
Division D - Minimal Protection
Most commonly used approach
36. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
C2 - Controlled Access Protection
Security Policy - Orange Book
The reference monitor
attributability
37. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Attributable data
The National Computer Security Center (NCSC)
Protection Rings Support
Cache Memory
38. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Security Policy is clearly defined and documented
Totality of protection mechanisms
Fail safe
39. Which TCSEC level first addresses object reuse?
B3 - Security Domains
The security kernel
Orange Book - B2
C2
40. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
The security perimeter
Storage and timing
The National Computer Security Center (NCSC)
C1
41. TCSEC provides a means to evaluate ______________________.
Ring 0
Implement software or systems in a production environment
The trustworthiness of an information system
C1 - Discrection Security Protection is a type of environment
42. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
No write down
Overt channel
Invocation Property
Constrained
43. A Policy based control. All objects and systems have a sensitivity level assigned to them
Types of covert channels
A1 - Rating
The National Computer Security Center (NCSC)
Mandatory Access Control (MAC)
44. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
A Base Register (Memory Management)
The Strong star property rule
TCB (Trusted Computing Base)
45. Mediates all access and Functions between subjects and objects.
Sensitivity labels
Administrative declaration
Complex Instruction Set Computers (CISC)
The Security Kernel
46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
A single classification and a Compartment Set
Administrative declaration
No write down
Basic Security Theorem (used in computer science) definition
47. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Polyinstantiation
The Trusted Computing Base (TCB)
System High Security Mode
48. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division B - Mandatory Protection Architecture
Division D - Minimal Protection
Mandatory access control
The National Computer Security Center (NCSC)
49. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Direct Addressing
Certification
The TCSEC - Aka Orange Book
50. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
The security perimeter
Life Cycle Assurance Requirement
Accreditation
