SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Security mechanisms and evalautes their effectivenes
Life Cycle Assurance Requirement
Continuous protection - O/B
Trusted Products Evaluation Program (TPEP)
2. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Constrained
Real storage
Most commonly used approach
Fail safe
3. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Isolate processes
Clark-Wilson Model
In C2 - Controlled Access Protection environment
B3
4. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
Ring 3
C2
Life-cycle assurance - O/B
5. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The National Computer Security Center (NCSC)
Security mechanisms and evalautes their effectivenes
Accreditation
The Red Book
6. Should always trace to individuals responsible for observing and recording the data
Firmware
Continuous protection - O/B
Dedicated Security Mode
Attributable data
7. The Bell-LaPadula Model is a _______________.
Subject to Object Model
B3 - Rating
B1 - Labeled Security
The Monolithic Operation system Architecture
8. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Scalar processors
Virtual storage
Continuous protection - O/B
Models concerned with integrity
9. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
C2 - Controlled Access Protection
A Domain
The TCSEC - Aka Orange Book
10. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
A Domain
C2 - Controlled Access Protection
Enforces the rules
11. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Multilevel Security Policies
Examples of Layered Operating Systems
Orange Book - B2
12. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Life-cycle assurance - O/B
A1 - Rating
Ring 3
Controls the checks
13. Which in the Orange Book ratings represents the highest level of trust?
Buffer (temporary data storage area)
The Strong star property rule
B2
The security perimeter
14. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
A1 - Rating
An abstract machine
C1 - Discretionary Security Protection
Cache Memory
15. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
16. A type of memory used for High-speed writing and reading activities.
The National Computer Security Center (NCSC)
Cache Memory
A security kernel
Swap Space
17. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Buffer overflows
The Tranqulity principle (The Bell-LaPadula Model)
A lattice of Intergrity Levels
All Mandatory Access Control (MAC) systems
18. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Accreditation
The Security Kernel
Direct Addressing
The Strong star property rule
19. Contains an Address of where the instruction and dara reside that need to be processed.
Need-to-know
The Thread (memory Management)
Prohibits
The *-Property rule (Star property)
20. When a computer uses more than one CPU in parallel to execute instructions is known as?
Models concerned with integrity
security protection mechanisms
The Biba Model
Multiprocessing
21. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Division C - Discretionary Protection
Pipelining
Polyinstantiation
Security Policy is clearly defined and documented
22. Minimal Security
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book - D
First evaluation class
Bell-LaPadula Model
23. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
No write down
Certification
Complex Instruction Set Computers (CISC)
Multilevel Security Policies
24. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
A Limit Register (Memory Management)
An abstract machine
Labels - Orange Book
Constrained
25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
The Clark Wilson integrity model
The rule is talking about "Reading"
Security Policy is clearly defined and documented
Controlling unauthorized downgrading of information
26. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Prevent secret information from being accessed
B1
Cache Memory
27. Applications and user activity
Orange Book B
A1
Ring 3
B1 - Labeled Security
28. System Architecture that separates system functionality into Hierarchical layers
Trusted facility management
A Layered Operating System Architecure
C2 - Controlled Access Protection
Direct Addressing
29. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Orange Book B
Labels - Orange Book
A Thread
30. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
Virtual storage
C2 - Controlled Access Protection
Sensitivity labels
31. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Its classification label (Top Secret - Secret or confidential)
The Strong star property rule
Firmware
B2 - Structured Protection
32. Data in Cache can be accessed much more quickly than Data
Prohibits
Stored in Reak Memory
Life-cycle assurance - O/B
The "No read Up" rule
33. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Erasable and Programmable Read-Only Memory (EPROM)
Division B - Mandatory Protection Architecture
The Rule is talking about writing
Division C - Discretionary Protection
34. A subject at a given clearance may not read an object at a higher classification
Logical addresses
All Mandatory Access Control (MAC) systems
The Simple Security Property
Security Policy
35. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
C2
Stored in Reak Memory
The rule is talking about "Reading"
36. Mediates all access and Functions between subjects and objects.
Orange Book A
No read down
The Security Kernel
Execution Domain
37. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Multiprocessing
Stored in Reak Memory
Discretionary Security Property (ds-property)
38. Which Orange Book evaluation level is described as "Verified Design"?
The trustworthiness of an information system
A1
Trusted Distribution
Orange Book - A1
39. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Files - directories and devices
Networks and Communications
The security perimeter
40. In the Bell-LaPadula Model the Object's Label contains ___________________.
The National Computer Security Center (NCSC)
Pagefile.sys file
Controlling unauthorized downgrading of information
Its classification label (Top Secret - Secret or confidential)
41. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
The Common Criteria
C2 - Controlled Access Protection
The Biba Model
Swap Space
42. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
security protection mechanisms
A1
The Rule is talking about writing
43. The C2 evaluation class of the _________________ offers controlled access protection.
Documentation - Orange Book
D
Labels - Orange Book
Trusted Network Interpretation (TNI)
44. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
Scalar processors
Invocation Property
An abstract machine
45. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Process isolation
Orange Book ratings
Orange Book - B2
Complex Instruction Set Computers (CISC)
46. Mandatory Protection
attributability
B3 - Security Domains
Orange Book B
Complex Instruction Set Computers (CISC)
47. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
Simple Security Rule
B3
The Strong star property rule
48. Contains the ending address
The Integrity of data within applications
B3 - Security Domains
A Limit Register (Memory Management)
Overt channel
49. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Orange Book - B2
C1
Its classification label (Top Secret - Secret or confidential)
50. The combination of RAM - Cache and the Processor Registers
The Rule is talking about writing
Primary storage
Execution Domain
Stored in Reak Memory
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests