Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






2. What does the simple security (ss) property mean in the Bell-LaPadula model?






3. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






4. Minimal Security






5. The Orange book requires protection against two_____________ - which are these Timing and Storage






6. Which uses Protection Profiles and Security Targets?






7. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






8. In the Bell-LaPadula Model the Subject's Label contains ___________________.






9. Involves sharing the processor amoung all ready processes






10. The combination of RAM - Cache and the Processor Registers






11. What are the components of an object's sensitivity label?






12. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






13. I/O drivers and utilities






14. Applications and user activity






15. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






16. When the contents of the address defined in the program's instruction is added to that of an index register.






17. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






18. A type of memory used for High-speed writing and reading activities.






19. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






20. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






21. TCB contains The Security Kernel and all ______________.






22. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






23. Which describe a condition when RAM and Secondary storage are used together?






24. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






25. The Reserved hard drive space used to to extend RAM capabilites.






26. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






27. Data in Cache can be accessed much more quickly than Data






28. A system uses the Reference Monitor to ___________________ of a subject and an object?






29. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






30. The C2 evaluation class of the _________________ offers controlled access protection.






31. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






32. The Bell-LaPadula model Subjects and Objects are ___________.






33. A domain of trust that shares a single security policy and single management






34. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






35. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






36. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






37. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






38. Access control labels must be associated properly with objects.






39. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






40. Contains the ending address






41. TCSEC provides a means to evaluate ______________________.






42. A Policy based control. All objects and systems have a sensitivity level assigned to them






43. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






45. Which would be designated as objects on a MAC system?






46. The TCB is the ________________ within a computer system that work together to enforce a security policy.






47. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






48. What is called the formal acceptance of the adequacy of a system's overall security by management?






49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






50. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests