SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The "No read Up" rule
The National Computer Security Center (NCSC)
The Rule is talking about writing
Trusted Distribution
2. Contains the beginning address
Need-to-know
Access control to the objects by the subjects
Pipelining
A Base Register (Memory Management)
3. The *-Property rule is refered to as ____________.
Execution Domain
The "No write Down" Rule
The National Computer Security Center (NCSC)
The Clark Wilson integrity model
4. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Reduced Instruction Set Computers (RISC)
Bell-LaPadula Model
C2 - Controlled Access Protection
5. The Reserved hard drive space used to to extend RAM capabilites.
Attributable data
An abstract machine
No write down
Swap Space
6. The total combination of protection mechanisms within a computer system
Compare the security labels
TCB (Trusted Computing Base)
A security domain
Relative Addresses
7. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
The rule is talking about "Reading"
C1
A lattice of Intergrity Levels
8. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The Clark Wilson integrity model
The Common Criteria
Simple Security Rule
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
9. Which is a straightforward approach that provides access rights to subjects for objects?
Life Cycle Assurance Requirement
Access Matrix model
*-Integrity Axiom
Programmable Read-Only Memory (PROM)
10. In access control terms - the word "dominate" refers to ___________.
Primary storage
B3
Division C - Discretionary Protection
Higher or equal to access class
11. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Physical security
B1
A Domain
12. TCSEC provides a means to evaluate ______________________.
B3 - Security Domains
The trustworthiness of an information system
Implement software or systems in a production environment
Constrained
13. Can be erased - modified and upgraded.
Enforces the rules
Erasable and Programmable Read-Only Memory (EPROM)
Scalar processors
Ring 2
14. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Direct addressing
B3 - Rating
Division B - Mandatory Protection Architecture
Stored in Reak Memory
15. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Security Policy
Need-to-know
Controlling unauthorized downgrading of information
16. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Controls the checks
Scalar processors
attributability
Orange Book ratings
17. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Trusted Distribution
Integrity
Programmable Read-Only Memory (PROM)
Higher or equal to access class
18. Mandatory Access requires that _____________ be attached to all objects.
Complex Instruction Set Computers (CISC)
Sensitivity labels
Covert channels
Scalar processors
19. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
The Clark Wilson integrity model
A Domain
Controls the checks
20. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Dedicated Security Mode
The reference monitor
Implement software or systems in a production environment
21. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Orange Book - B3
Division C - Discretionary Protection
The Tranqulity principle (The Bell-LaPadula Model)
Administrative declaration
22. The Bell-LaPadula model Subjects and Objects are ___________.
Overt channel
C2 - Controlled Access Protection
Assigned labels
A lattice of Intergrity Levels
23. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
*-Integrity Axiom
C1 - Discretionary Security Protection
Multitasking
Dedicated Security Mode
24. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
Types of covert channels
The Strong star property rule
C1 - Discrection Security Protection is a type of environment
25. Intended for environments that require systems to handle classified data.
The *-Property rule (Star property)
Programmable Read-Only Memory (PROM)
A Base Register (Memory Management)
B1 - Labeled Security rating
26. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Compare the security labels
Trusted Products Evaluation Program (TPEP)
Orange Book - A1
27. Which uses Protection Profiles and Security Targets?
International Standard 15408
Absolute addresses
Highly secure systems (B2 - B3 and A1)
Division C - Discretionary Protection
28. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
System High Security Mode
The Clark Wilson integrity model
Be protected from modification
29. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
A Base Register (Memory Management)
B2 rating
Files - directories and devices
30. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Relative Addresses
The Clark Wilson integrity model
Prohibits
31. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Examples of Layered Operating Systems
Direct addressing
B3
An abstract machine
32. Operating System Kernel
Ring 0
Be protected from modification
The reference monitor
B1 - Labeled Security rating
33. According to the Orange Book - trusted facility management is not required for which security levels?
B3
Ring 2
D
B1
34. In the Bell-LaPadula Model the Subject's Label contains ___________________.
A security kernel
Types of covert channels
Its Clearance Label (Top Secret - Secret - or Confidential)
C2 - Controlled Access Protection
35. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Sensitivity labels
Indexed addressing
Primary storage
36. Which describe a condition when RAM and Secondary storage are used together?
Secondary Storage
Sensitivity labels
Administrative declaration
Virtual storage
37. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Simple Security Rule
NOT Integrity
C1 - Discrection Security Protection is a type of environment
B1
38. What are the components of an object's sensitivity label?
Mandatory Access Control (MAC)
Scalar processors
A single classification and a Compartment Set
Division C - Discretionary Protection
39. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Orange Book ratings
B1 - Labeled Security
NOT Integrity
40. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Clark-Wilson Model
Orange Book ratings
Access Matrix model
Examples of Layered Operating Systems
41. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Certification
Orange Book B
Totality of protection mechanisms
C2 - Controlled Access Protection
42. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Administrative declaration
Orange Book - A1
No write down
The National Computer Security Center (NCSC)
43. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
Orange Book ratings
A single classification and a Compartment Set
Physical security
44. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
Disclosure of residual data
Simple Security Rule
System High Security Mode
45. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
Administrative declaration
Logical addresses
security protection mechanisms
46. Which TCSEC level first addresses object reuse?
The rule is talking about "Reading"
The Rule is talking about writing
Dedicated Security Mode
C2
47. Mandatory Protection
Sensitivity labels
Certification
Networks and Communications
Orange Book B
48. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Swap Space
Cache Memory
Security Policy - Orange Book
49. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
No read up
C1
Multitasking
50. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Evaluated separately
Programmable Read-Only Memory (PROM)
The Red Book
The Thread (memory Management)
