Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which TCSEC level first addresses object reuse?






2. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






3. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






4. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






5. A domain of trust that shares a single security policy and single management






6. In the Bell-LaPadula Model the Subject's Label contains ___________________.






7. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






8. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






9. I/O drivers and utilities






10. What model use an access control triples and requires that the system maintain separation of duty ?






11. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






12. What is called the formal acceptance of the adequacy of a system's overall security by management?






13. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






14. The group that oversees the processes of evaluation within TCSEC is?






15. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






16. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






17. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






18. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






19. The Policy must be explicit and well defined and enforced by the mechanisms within the system






20. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






21. All users have a clearance for and a formal need to know about - all data processed with the system.






22. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






23. Permits a database to have two records that are identical except for Their classifications






24. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






25. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






26. Verification Protection






27. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






28. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






29. System Architecture that separates system functionality into Hierarchical layers






30. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






31. The Orange book requires protection against two_____________ - which are these Timing and Storage






32. According to the Orange Book - trusted facility management is not required for which security levels?






33. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






34. What are the components of an object's sensitivity label?






35. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.


36. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






37. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






38. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






39. Contains the beginning address






40. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






41. What does the Clark-Wilson security model focus on






42. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






43. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






44. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






45. The TCB is the ________________ within a computer system that work together to enforce a security policy.






46. The Reserved hard drive space used to to extend RAM capabilites.






47. Audit data must be captured and protected to enforce accountability






48. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






49. Which uses Protection Profiles and Security Targets?






50. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.