SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Mandatory Access Control (MAC)
All Mandatory Access Control (MAC) systems
B1 - Labeled Security rating
A security domain
2. Users need to be Identified individually to provide more precise acces control and auditing functionality.
The Biba Model
C2 - Controlled Access Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
Life-cycle assurance - O/B
3. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Orange Book - A1
Models concerned with integrity
No read down
A1
4. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Orange Book C
Implement software or systems in a production environment
Security Policy is clearly defined and documented
Division D - Minimal Protection
5. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
The Evaluated Products List (EPL) with their corresponding rating
Security mechanisms and evalautes their effectivenes
Security Policy
Ring 1
6. Audit data must be captured and protected to enforce accountability
Polyinstantiation
Swap Space
Accountability - Orange Book
The security perimeter
7. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Ring 3
attributability
The security perimeter
The rule is talking about "Reading"
8. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Basic Security Theorem (used in computer science) definition
Swap Space
Multiprocessing
9. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Swap Space
A Thread
A Base Register (Memory Management)
The Rule is talking about writing
10. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
Firmware
The reference monitor
Need-to-know
11. Documentation must be provided - including test - design - and specification document - user guides and manuals
Direct Addressing
Documentation - Orange Book
Attributable data
Multiprocessing
12. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Access Matrix model
In C2 - Controlled Access Protection environment
The "No read Up" rule
Certification
13. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
B3
C1 - Discrection Security Protection is a type of environment
Disclosure of residual data
Multiprocessing
14. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Labels - Orange Book
Constrained
D
A security domain
15. Which uses Protection Profiles and Security Targets?
TCB (Trusted Computing Base)
Most commonly used approach
International Standard 15408
Trusted hardware - Software and Firmware
16. Which would be designated as objects on a MAC system?
System High Security Mode
The Trusted Computing Base (TCB)
A1 - Rating
Files - directories and devices
17. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Fail safe
Execution Domain
B3 - Rating
18. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Ring 1
B2 rating
Controlling unauthorized downgrading of information
The Strong star property rule
19. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Programmable Read-Only Memory (PROM)
Subject to Object Model
Secondary Storage
Primary storage
20. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
attributability
A Domain
Basic Security Theorem (used in computer science) definition
Identification - Orange Book
21. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
A Thread
Covert channels
Programmable Read-Only Memory (PROM)
Constrained
22. When the RAM and secondary storage are combined the result is __________.
The Thread (memory Management)
The *-Property rule (Star property)
Virtual Memory
Ring 2
23. The combination of RAM - Cache and the Processor Registers
Orange Book C
Primary storage
security protection mechanisms
D
24. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
Prohibits
A1 - Rating
25. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Real storage
Attributable - original - accurate - contemporaneous and legible
Security Policy - Orange Book
Controls the checks
26. According to the Orange Book - trusted facility management is not required for which security levels?
The reference monitor
No write down
Sensitivity labels
B1
27. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Indirect addressing
Constrained
A Thread
First evaluation class
28. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Multilevel Security Policies
NOT Integrity
The Simple Security Property
29. Permits a database to have two records that are identical except for Their classifications
C2 - Controlled Access Protection
Polyinstantiation
Ring 1
C1
30. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Logical addresses
The National Computer Security Center (NCSC)
The Red Book
Security Policy is clearly defined and documented
31. When a computer uses more than one CPU in parallel to execute instructions is known as?
Orange Book C
Multiprocessing
Fail safe
Virtual Memory
32. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
The security kernel
A Domain
Execution Domain
33. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
B3 - Security Domains
Orange Book interpretations
The Biba Model
Cache Memory
34. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Clark-Wilson Model
Protection Rings Support
The *-Property rule (Star property)
Government and military applications
35. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Direct addressing
The Rule is talking about writing
Trusted Network Interpretation (TNI)
36. The Orange book does NOT Cover ________________ - And Database management systems
Division B - Mandatory Protection
A lattice of Intergrity Levels
Networks and Communications
Cache Memory
37. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Networks and Communications
Clark-Wilson
A lattice of Intergrity Levels
38. Which Orange Book evaluation level is described as "Verified Design"?
A1
Files - directories and devices
Examples of Layered Operating Systems
C1 - Discrection Security Protection is a type of environment
39. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Totality of protection mechanisms
Ring 2
Swap Space
Higher or equal to access class
40. A Policy based control. All objects and systems have a sensitivity level assigned to them
The rule is talking about "Reading"
Mandatory Access Control (MAC)
C1
Ring 2
41. Contains the beginning address
Orange Book - B2
A Base Register (Memory Management)
Government and military applications
Trusted hardware - Software and Firmware
42. What access control technique is also known as multilevel security?
Attributable - original - accurate - contemporaneous and legible
Mandatory access control
The "No write Down" Rule
Real storage
43. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Dedicated Security Mode
Division C - Discretionary Protection
Compare the security labels
Programmable Read-Only Memory (PROM)
44. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Simple Security Rule
The Red Book
Fail safe
Buffer overflows
45. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Examples of Layered Operating Systems
C1 - Discrection Security Protection is a type of environment
Logical addresses
46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The security kernel
Thrashing
Certification
Direct Addressing
47. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Mandatory access control
Process isolation
Be protected from modification
A and B
48. When the contents of the address defined in the program's instruction is added to that of an index register.
Dedicated Security Mode
Indexed addressing
The Strong star property rule
C1
49. What prevents a process from accessing another process' data?
Identification - Orange Book
Process isolation
Bell-LaPadula Model
The Rule is talking about writing
50. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Security Policy is clearly defined and documented
Stored in Reak Memory
TCB (Trusted Computing Base)