Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






2. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






3. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






4. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






5. A type of memory used for High-speed writing and reading activities.






6. I/O drivers and utilities






7. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






8. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






9. The Policy must be explicit and well defined and enforced by the mechanisms within the system






10. Contains an Address of where the instruction and dara reside that need to be processed.






11. In the Bell-LaPadula Model the Object's Label contains ___________________.






12. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






13. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






14. In access control terms - the word "dominate" refers to ___________.






15. Which is an ISO standard product evaluation criteria that supersedes several different criteria






16. Data in Cache can be accessed much more quickly than Data






17. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






18. Should always trace to individuals responsible for observing and recording the data






19. The subject must have Need to Know for ONLY the information they are trying to access.






20. The security kernel is the mechanism that _____________ of the reference monitor concept.






21. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






22. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






23. According to the Orange Book - trusted facility management is not required for which security levels?






24. A Policy based control. All objects and systems have a sensitivity level assigned to them






25. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






26. Which in the Orange Book ratings represents the highest level of trust?






27. TCB contains The Security Kernel and all ______________.






28. Happen because input data is not checked for appropriate length at time of input






29. The *-Property rule is refered to as ____________.






30. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






31. When a computer uses more than one CPU in parallel to execute instructions is known as?






32. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






33. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






34. Used by Windows systems to reserve the "Swap Space"






35. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






36. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






37. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






38. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






39. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






40. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






41. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






42. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






43. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






44. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






45. Remaining parts of the operating system






46. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






47. The Orange book requires protection against two_____________ - which are these Timing and Storage






48. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






49. Verification Protection






50. Execute one instruction at a time.