SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Attributable data
Certification
C2 - Controlled Access Protection
Examples of Layered Operating Systems
2. The Bell-LaPadula Model is a _______________.
The Evaluated Products List (EPL) with their corresponding rating
Enforces the rules
Subject to Object Model
Higher or equal to access class
3. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
B3
Simple Integrity Axiom
Multilevel Security Policies
Reduced Instruction Set Computers (RISC)
4. Each data object must contain a classification label and each subject must have a clearance label.
'Dominate'
Be protected from modification
B2 rating
B1 - Labeled Security
5. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
B1 - Labeled Security
Disclosure of residual data
The "No read Up" rule
Trusted Products Evaluation Program (TPEP)
6. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Higher or equal to access class
Most commonly used approach
Networks and Communications
7. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Evaluated separately
*-Integrity Axiom
Secondary Storage
Orange Book B
8. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
C1 - Discrection Security Protection is a type of environment
Mandatory access control
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Invocation Property
9. Trusted facility management is an assurance requirement only for ________________.
Simple Integrity Axiom
Highly secure systems (B2 - B3 and A1)
A Thread
Dominate the object's sensitivity label
10. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
C2 - Controlled Access Protection
Compare the security labels
Covert channels
11. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
B3
No write down
A and B
Reduced Instruction Set Computers (RISC)
12. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
The Red Book
The reference monitor
Orange Book B
Examples of Layered Operating Systems
13. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
The Rule is talking about writing
D
International Standard 15408
14. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Basic Security Theorem (used in computer science) definition
The "No write Down" Rule
Orange Book - B3
Integrity
15. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Virtual Memory
The security kernel
Direct Addressing
D
16. Remaining parts of the operating system
Clark-Wilson Model
Ring 1
A Thread
Simple Security Rule
17. Mandatory access control is enfored by the use of security labels.
A security kernel
Logical addresses
Division B - Mandatory Protection
Multitasking
18. TCB contains The Security Kernel and all ______________.
Clark-Wilson Model
Orange Book - B3
security protection mechanisms
Evaluated separately
19. All users have a clearance for and a formal need to know about - all data processed with the system.
The Tranqulity principle (The Bell-LaPadula Model)
The "No write Down" Rule
Orange Book C
Dedicated Security Mode
20. Which uses Protection Profiles and Security Targets?
Accreditation
Direct Addressing
Identification - Orange Book
International Standard 15408
21. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Evaluated separately
C1 - Discrection Security Protection is a type of environment
Direct Addressing
Controlling unauthorized downgrading of information
22. The combination of RAM - Cache and the Processor Registers
Cache Memory
Primary storage
A security kernel
Dedicated Security Mode
23. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
Protection Rings Support
Files - directories and devices
The security perimeter
24. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Ring 3
Its classification label (Top Secret - Secret or confidential)
Invocation Property
Mandatory Access Control (MAC)
25. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
'Dominate'
Covert channels
Subject to Object Model
Ring 1
26. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Simple Integrity Axiom
A single classification and a Compartment Set
Security Policy
28. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
The Monolithic Operation system Architecture
Access control to the objects by the subjects
Controls the checks
29. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Overt channel
C2 - Controlled Access Protection
Examples of Layered Operating Systems
The Clark Wilson integrity model
30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
TCB (Trusted Computing Base)
Trusted Distribution
The Trusted Computing Base (TCB)
The Biba Model
31. The Biba Model adresses _____________________.
C2 - Controlled Access Protection
A and B
A security kernel
The Integrity of data within applications
32. Which TCSEC level first addresses object reuse?
B3 - Rating
C2
Trusted Products Evaluation Program (TPEP)
The Common Criteria
33. The *-Property rule is refered to as ____________.
The Monolithic Operation system Architecture
The "No write Down" Rule
Access control to the objects by the subjects
Continuous protection - O/B
34. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
A security domain
The Evaluated Products List (EPL) with their corresponding rating
The Common Criteria
C2 - Controlled Access Protection
35. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
B3
Orange Book - B3
Orange Book - B1
Reduced Instruction Set Computers (RISC)
36. Which Orange Book evaluation level is described as "Verified Design"?
Prohibits
Direct addressing
A1
Bell-LaPadula Model
37. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
B3 - Security Domains
Logical addresses
Dedicated Security Mode
38. Mandatory Protection
Orange Book B
The Thread (memory Management)
Multiprocessing
Access control to the objects by the subjects
39. Used by Windows systems to reserve the "Swap Space"
Clark-Wilson
The rule is talking about "Reading"
Pagefile.sys file
The security perimeter
40. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Process isolation
Dedicated Security Mode
Pipelining
Orange Book interpretations
41. Based on a known address with an offset value applied.
Accreditation
Protection Rings Support
Dominate the object's sensitivity label
Relative Addresses
42. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Integrity
B3 - Rating
Security rating B
43. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
The Evaluated Products List (EPL) with their corresponding rating
A single classification and a Compartment Set
The trustworthiness of an information system
B2 rating
44. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
D
The Evaluated Products List (EPL) with their corresponding rating
Logical addresses
45. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Simple Security Rule
Isolate processes
Orange Book C
46. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Complex Instruction Set Computers (CISC)
security protection mechanisms
Virtual storage
47. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Swap Space
Life-cycle assurance - O/B
The trustworthiness of an information system
48. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
A Limit Register (Memory Management)
Implement software or systems in a production environment
Accountability - Orange Book
Attributable data
49. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Firmware
The Rule is talking about writing
Security mechanisms and evalautes their effectivenes
Identification - Orange Book
50. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
B3
Controls the checks
Multitasking
Security mechanisms and evalautes their effectivenes