SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
The National Computer Security Center (NCSC)
Multiprocessing
Isolate processes
2. The Biba Model adresses _____________________.
Implement software or systems in a production environment
Life Cycle Assurance Requirement
B2 rating
The Integrity of data within applications
3. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
A security domain
C1
Indexed addressing
4. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Trusted Products Evaluation Program (TPEP)
Government and military applications
Primary storage
Orange Book - D
5. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
B3 - Security Domains
Thrashing
Ring 2
6. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Security rating B
Real storage
Dominate the object's sensitivity label
7. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Orange Book - B2
The Monolithic Operation system Architecture
Compare the security labels
Division C - Discretionary Protection
8. Contains the beginning address
The Simple Security Property
A Base Register (Memory Management)
'Dominate'
Buffer (temporary data storage area)
9. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
No read down
Protection Rings Support
Process isolation
First evaluation class
10. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Multilevel Security Policies
Ring 1
C2
11. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Covert channels
Subject to Object Model
A and B
Fail safe
12. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Security mechanisms and evalautes their effectivenes
Orange Book ratings
Integrity
13. Access control labels must be associated properly with objects.
Orange Book - D
Security mechanisms and evalautes their effectivenes
Labels - Orange Book
Protection Rings Support
14. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
The Red Book
B3 - Rating
Security rating B
Multilevel Security Policies
15. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Relative Addresses
Virtual Memory
Firmware
16. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
C2
Overt channel
Orange Book - B2
The security perimeter
17. Which Orange Book evaluation level is described as "Verified Design"?
Clark-Wilson
The TCSEC - Aka Orange Book
A1
Multiprocessing
18. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Direct Addressing
Assigned labels
B3
attributability
19. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
A1
B3 - Security Domains
Higher or equal to access class
Security Policy - Orange Book
20. The combination of RAM - Cache and the Processor Registers
Process isolation
Primary storage
security protection mechanisms
Attributable - original - accurate - contemporaneous and legible
21. Involves sharing the processor amoung all ready processes
Orange Book C
B3
A Base Register (Memory Management)
Multitasking
22. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Fail safe
C1 - Discrection Security Protection is a type of environment
The Integrity of data within applications
A1
23. Documentation must be provided - including test - design - and specification document - user guides and manuals
First evaluation class
Highly secure systems (B2 - B3 and A1)
Documentation - Orange Book
Orange Book - B3
24. Mediates all access and Functions between subjects and objects.
The "No write Down" Rule
The Security Kernel
A Domain
B2
25. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Enforces the rules
Programmable Read-Only Memory (PROM)
Orange Book A
Ring 1
26. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Examples of Layered Operating Systems
C1
Trusted hardware - Software and Firmware
The rule is talking about "Reading"
27. Minimal Security
Orange Book - D
Attributable - original - accurate - contemporaneous and legible
Direct addressing
Evaluated separately
28. Applications and user activity
Multiprocessing
Protection Rings Support
Ring 3
C2 - Controlled Access Protection
29. Intended for environments that require systems to handle classified data.
B3 - Security Domains
Secondary Storage
Orange Book - D
B1 - Labeled Security rating
30. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
Trusted Products Evaluation Program (TPEP)
First evaluation class
Complex Instruction Set Computers (CISC)
31. What does the Clark-Wilson security model focus on
Integrity
Its classification label (Top Secret - Secret or confidential)
Clark-Wilson Model
The security kernel
32. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
C1 - Discrection Security Protection is a type of environment
The security perimeter
Orange Book - D
33. What is called the formal acceptance of the adequacy of a system's overall security by management?
Swap Space
Accreditation
Fail safe
C1 - Discretionary Security Protection
34. Execute one instruction at a time.
Division C - Discretionary Protection
Attributable data
Scalar processors
Be protected from modification
35. What does the * (star) property mean in the Bell-LaPadula model?
B1 - Labeled Security rating
No write down
Orange Book A
'Dominate'
36. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Life Cycle Assurance Requirement
Complex Instruction Set Computers (CISC)
Subject to Object Model
37. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
B3 - Security Domains
Accreditation
In C2 - Controlled Access Protection environment
The security perimeter
38. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Life Cycle Assurance Requirement
No read up
The Monolithic Operation system Architecture
C1 - Discretionary Security Protection
39. The Physical memory address that the CPU uses
Orange Book A
Simple Integrity Axiom
Absolute addresses
B3 - Rating
40. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Virtual storage
Execution Domain
Swap Space
The trustworthiness of an information system
41. Which TCSEC level first addresses object reuse?
C2
Division D - Minimal Protection
No read down
A single classification and a Compartment Set
42. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Pipelining
The Red Book
Certification
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
43. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Administrative declaration
The rule is talking about "Reading"
Ring 2
Division B - Mandatory Protection Architecture
44. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
First evaluation class
Ring 3
The Rule is talking about writing
A lattice of Intergrity Levels
45. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Security mechanisms and evalautes their effectivenes
A Domain
Basic Security Theorem (used in computer science) definition
46. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Files - directories and devices
The National Computer Security Center (NCSC)
Orange Book A
State machine model
47. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
The rule is talking about "Reading"
B3 - Rating
Access control to the objects by the subjects
49. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Operational assurance requirements
The TCSEC - Aka Orange Book
Relative Addresses
B2 - Structured Protection
50. When a vendor submits a product for evaluation - it submits it to the ____________.
Higher or equal to access class
Logical addresses
The National Computer Security Center (NCSC)
Orange Book A