SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A Limit Register (Memory Management)
A security kernel
Sensitivity labels
Pagefile.sys file
2. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Examples of Layered Operating Systems
Basic Security Theorem (used in computer science) definition
Attributable data
The Security Kernel
3. A subject at a given clearance may not read an object at a higher classification
The Tranqulity principle (The Bell-LaPadula Model)
A single classification and a Compartment Set
The Simple Security Property
The Monolithic Operation system Architecture
4. Which would be designated as objects on a MAC system?
The Thread (memory Management)
No read up
Files - directories and devices
Process isolation
5. Which uses Protection Profiles and Security Targets?
Secondary Storage
International Standard 15408
Clark-Wilson Model
A1 - Rating
6. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Execution Domain
C1 - Discrection Security Protection is a type of environment
Pipelining
Division B - Mandatory Protection Architecture
7. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Most commonly used approach
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book interpretations
Orange Book - B1
8. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Dedicated Security Mode
Integrity
Multilevel Security Policies
No read up
9. The group that oversees the processes of evaluation within TCSEC is?
Simple Security Rule
Files - directories and devices
Trusted Products Evaluation Program (TPEP)
Orange Book - B3
10. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Orange Book - B3
Subject to Object Model
A Base Register (Memory Management)
Continuous protection - O/B
11. Mediates all access and Functions between subjects and objects.
The Security Kernel
A Base Register (Memory Management)
The National Computer Security Center (NCSC)
Covert channels
12. What access control technique is also known as multilevel security?
Multitasking
Swap Space
Orange Book interpretations
Mandatory access control
13. Mandatory Protection
Bell-LaPadula Model
C1 - Discretionary Security Protection
Indexed addressing
Orange Book B
14. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
A lattice of Intergrity Levels
Primary storage
B2 - Structured Protection
15. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Assigned labels
Multiprocessing
Direct addressing
The security perimeter
16. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
B1
Its Clearance Label (Top Secret - Secret - or Confidential)
17. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
B1 - Labeled Security rating
A and B
Complex Instruction Set Computers (CISC)
Trusted Products Evaluation Program (TPEP)
18. Trusted facility management is an assurance requirement only for ________________.
Scalar processors
Orange Book - D
NOT Integrity
Highly secure systems (B2 - B3 and A1)
19. Mandatory Access requires that _____________ be attached to all objects.
A Domain
Sensitivity labels
TCB (Trusted Computing Base)
Prevent secret information from being accessed
20. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Overt channel
Documentation - Orange Book
The TCSEC - Aka Orange Book
The Rule is talking about writing
21. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
C2 - Controlled Access Protection
security protection mechanisms
Dedicated Security Mode
22. The Orange book requires protection against two_____________ - which are these Timing and Storage
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
Types of covert channels
Documentation - Orange Book
23. When a vendor submits a product for evaluation - it submits it to the ____________.
Constrained
Pagefile.sys file
A Base Register (Memory Management)
The National Computer Security Center (NCSC)
24. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Orange Book C
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C2 - Controlled Access Protection
The Security Kernel
25. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
C2 - Controlled Access Protection
System High Security Mode
No read up
Most commonly used approach
26. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
A1 - Rating
attributability
The Common Criteria
27. Execute one instruction at a time.
Orange Book - D
Erasable and Programmable Read-Only Memory (EPROM)
Scalar processors
Fail safe
28. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Access control to the objects by the subjects
C2 - Controlled Access Protection
Storage and timing
Sensitivity labels
29. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Prevent secret information from being accessed
Secondary Storage
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book - B1
30. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Execution Domain
B2 rating
'Dominate'
B3 - Rating
31. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
The Red Book
Orange Book - B3
Ring 0
32. When a computer uses more than one CPU in parallel to execute instructions is known as?
'Dominate'
The Rule is talking about writing
The Biba Model
Multiprocessing
33. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
The Thread (memory Management)
Orange Book A
NOT Integrity
34. Involves sharing the processor amoung all ready processes
Stored in Reak Memory
Clark-Wilson
Multitasking
Buffer overflows
35. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Dominate the object's sensitivity label
B2 - Structured Protection
The Simple Security Property
36. The assignment of a specific individual to administer the security-related functions of a system.
The "No write Down" Rule
Trusted facility management
NOT Integrity
Assigned labels
37. The combination of RAM - Cache and the Processor Registers
Bell-LaPadula Model
Enforces the rules
Primary storage
B2 - Structured Protection
38. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Orange Book A
NOT Integrity
Prohibits
39. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. Another word for Primary storage and distinguishes physical memory from virtual memory.
Reduced Instruction Set Computers (RISC)
Real storage
Basic Security Theorem (used in computer science) definition
The reference monitor
41. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Clark-Wilson
Direct Addressing
Complex Instruction Set Computers (CISC)
42. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Attributable data
Types of covert channels
The Simple Security Property
43. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
The security perimeter
Trusted Products Evaluation Program (TPEP)
Cache Memory
44. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Reduced Instruction Set Computers (RISC)
Higher or equal to access class
The Rule is talking about writing
Trusted Distribution
45. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Covert channels
A security kernel
The rule is talking about "Reading"
The security perimeter
46. According to the Orange Book - trusted facility management is not required for which security levels?
Multiprocessing
Division C - Discretionary Protection
Protection Rings Support
B1
47. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The Rule is talking about writing
*-Integrity Axiom
Programmable Read-Only Memory (PROM)
Networks and Communications
48. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
security protection mechanisms
Security rating B
Trusted Distribution
B2
49. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The TCSEC - Aka Orange Book
The Common Criteria
Primary storage
Storage and timing
50. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
B2 - Structured Protection
Orange Book - D
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests