SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Simpler instructions that require fewer clock cycles to execute.
Access control to the objects by the subjects
No write down
Reduced Instruction Set Computers (RISC)
The Thread (memory Management)
2. Which uses Protection Profiles and Security Targets?
International Standard 15408
C1 - Discretionary Security Protection
In C2 - Controlled Access Protection environment
Orange Book - D
3. Which would be designated as objects on a MAC system?
Attributable data
C2
Files - directories and devices
Trusted Network Interpretation (TNI)
4. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Examples of Layered Operating Systems
A Domain
Highly secure systems (B2 - B3 and A1)
5. The Simple Security rule is refered to as______________.
Orange Book B
A lattice of Intergrity Levels
C2 - Controlled Access Protection
The "No read Up" rule
6. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Process isolation
Swap Space
Need-to-know
Buffer overflows
7. Which describe a condition when RAM and Secondary storage are used together?
A Layered Operating System Architecure
In C2 - Controlled Access Protection environment
Virtual storage
Its classification label (Top Secret - Secret or confidential)
8. The Physical memory address that the CPU uses
Absolute addresses
Pagefile.sys file
Swap Space
Networks and Communications
9. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
Networks and Communications
Types of covert channels
Integrity
10. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Overt channel
The "No read Up" rule
B1 - Labeled Security
B2 - Structured Protection
11. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Pagefile.sys file
Prohibits
Trusted facility management
Access control to the objects by the subjects
12. The Orange book does NOT Cover ________________ - And Database management systems
Direct Addressing
Networks and Communications
Prohibits
Orange Book ratings
13. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Need-to-know
Invocation Property
Virtual Memory
14. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Administrative declaration
A and B
Bell-LaPadula Model
A Limit Register (Memory Management)
15. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
State machine model
Direct Addressing
No write down
16. The subject must have Need to Know for ONLY the information they are trying to access.
The Common Criteria
System High Security Mode
The Evaluated Products List (EPL) with their corresponding rating
Ring 3
17. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. Which is a straightforward approach that provides access rights to subjects for objects?
System High Security Mode
In C2 - Controlled Access Protection environment
Access Matrix model
Relative Addresses
19. What is called the formal acceptance of the adequacy of a system's overall security by management?
First evaluation class
Integrity
Reduced Instruction Set Computers (RISC)
Accreditation
20. A set of objects that a subject is able to access
A Domain
Identification - Orange Book
C2
*-Integrity Axiom
21. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Integrity
The *-Property rule (Star property)
Secondary Storage
B2 rating
22. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
C1
Polyinstantiation
Sensitivity labels
Clark-Wilson Model
23. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
C1
Orange Book C
Execution Domain
24. Operating System Kernel
Buffer (temporary data storage area)
Ring 0
An abstract machine
Clark-Wilson
25. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Compare the security labels
Operational assurance requirements
Accreditation
Cache Memory
26. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
International Standard 15408
C2
Ring 2
A Thread
27. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Most commonly used approach
Government and military applications
Trusted Products Evaluation Program (TPEP)
C1 - Discretionary Security Protection
28. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Division C - Discretionary Protection
Orange Book A
Storage and timing
29. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
The "No write Down" Rule
A security kernel
TCB (Trusted Computing Base)
30. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Swap Space
Government and military applications
Multiprocessing
Pagefile.sys file
31. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Government and military applications
The Monolithic Operation system Architecture
Swap Space
Orange Book - A1
32. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
A1 - Rating
Security Policy is clearly defined and documented
International Standard 15408
33. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
The Monolithic Operation system Architecture
A and B
The Integrity of data within applications
34. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Orange Book B
Dedicated Security Mode
Evaluated separately
Ring 3
35. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Real storage
Prevent secret information from being accessed
Programmable Read-Only Memory (PROM)
A Thread
36. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
The security perimeter
Disclosure of residual data
Access control to the objects by the subjects
37. Contains an Address of where the instruction and dara reside that need to be processed.
C2 - Controlled Access Protection
Direct Addressing
The Thread (memory Management)
Absolute addresses
38. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Documentation - Orange Book
Logical addresses
Invocation Property
Orange Book - A1
39. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
The Tranqulity principle (The Bell-LaPadula Model)
Labels - Orange Book
The National Computer Security Center (NCSC)
40. Involves sharing the processor amoung all ready processes
Controls the checks
Multitasking
Division D - Minimal Protection
A single classification and a Compartment Set
41. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Orange Book - D
The reference monitor
Labels - Orange Book
Covert channels
42. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Constrained
security protection mechanisms
Security rating B
Security Policy is clearly defined and documented
43. Which TCSEC level first addresses object reuse?
Networks and Communications
C2
Orange Book B
International Standard 15408
44. Remaining parts of the operating system
Orange Book B
Access control to the objects by the subjects
No read down
Ring 1
45. Can be erased - modified and upgraded.
Buffer (temporary data storage area)
The Thread (memory Management)
Erasable and Programmable Read-Only Memory (EPROM)
Higher or equal to access class
46. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Swap Space
Operational assurance requirements
Invocation Property
Simple Security Rule
47. The C2 evaluation class of the _________________ offers controlled access protection.
Fail safe
Trusted Network Interpretation (TNI)
Division C - Discretionary Protection
Prevent secret information from being accessed
48. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Identification - Orange Book
The Monolithic Operation system Architecture
B3 - Rating
Access control to the objects by the subjects
49. A Policy based control. All objects and systems have a sensitivity level assigned to them
Bell-LaPadula Model
A security domain
Mandatory Access Control (MAC)
Secondary Storage
50. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Storage and timing
Security mechanisms and evalautes their effectivenes
The trustworthiness of an information system
No read down
