SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the * (star) property mean in the Bell-LaPadula model?
Disclosure of residual data
C2 - Controlled Access Protection
No write down
Accreditation
2. The *-Property rule is refered to as ____________.
The "No write Down" Rule
Life Cycle Assurance Requirement
A1
*-Integrity Axiom
3. Discretionary protection
Firmware
Types of covert channels
Mandatory access control
Orange Book C
4. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Security Policy
Orange Book ratings
Absolute addresses
Firmware
5. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Government and military applications
C2 - Controlled Access Protection
Erasable and Programmable Read-Only Memory (EPROM)
6. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
A Thread
C2 - Controlled Access Protection
B3
'Dominate'
7. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Implement software or systems in a production environment
Attributable data
Ring 3
8. Access control labels must be associated properly with objects.
The security kernel
Labels - Orange Book
Trusted Products Evaluation Program (TPEP)
B1 - Labeled Security rating
9. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Ring 2
Reduced Instruction Set Computers (RISC)
Programmable Read-Only Memory (PROM)
No read up
10. The Bell-LaPadula Model is a _______________.
A1 - Rating
Assigned labels
Process isolation
Subject to Object Model
11. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Ring 0
Orange Book - B2
A1 - Rating
The Rule is talking about writing
12. When a portion of primary memory is accessed by specifying the actual address of the memory location
Multilevel Security Policies
Direct addressing
Programmable Read-Only Memory (PROM)
Security rating B
13. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Ring 0
Trusted Distribution
Orange Book interpretations
Clark-Wilson Model
14. The Physical memory address that the CPU uses
Absolute addresses
Clark-Wilson
The security perimeter
The Rule is talking about writing
15. Should always trace to individuals responsible for observing and recording the data
B3 - Rating
Attributable data
Ring 3
Trusted facility management
16. As per FDA data should be ______________________________.
Life Cycle Assurance Requirement
Division D - Minimal Protection
State machine model
Attributable - original - accurate - contemporaneous and legible
17. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
The Thread (memory Management)
No read up
Multilevel Security Policies
18. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Indirect addressing
C2
A Domain
No read down
19. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Division B - Mandatory Protection
Orange Book - A1
An abstract machine
The National Computer Security Center (NCSC)
20. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Programmable Read-Only Memory (PROM)
Access control to the objects by the subjects
C2
Evaluated separately
21. Succesfully Evaluated products are placed on?
Types of covert channels
The reference monitor
Real storage
The Evaluated Products List (EPL) with their corresponding rating
22. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
A1 - Rating
Buffer overflows
Disclosure of residual data
The security perimeter
23. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
The Simple Security Property
An abstract machine
All Mandatory Access Control (MAC) systems
Networks and Communications
24. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B3 - Rating
Firmware
Operational assurance requirements
attributability
25. What does the simple integrity axiom mean in the Biba model?
No read down
A Base Register (Memory Management)
B1
In C2 - Controlled Access Protection environment
26. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Multitasking
B3 - Security Domains
Trusted Products Evaluation Program (TPEP)
Trusted Distribution
27. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Ring 2
Trusted Products Evaluation Program (TPEP)
C2 - Controlled Access Protection
Access control to the objects by the subjects
28. All users have a clearance for and a formal need to know about - all data processed with the system.
The Tranqulity principle (The Bell-LaPadula Model)
Dedicated Security Mode
A Base Register (Memory Management)
The rule is talking about "Reading"
29. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. What access control technique is also known as multilevel security?
Examples of Layered Operating Systems
Mandatory access control
Constrained
Orange Book - B1
31. Based on a known address with an offset value applied.
Relative Addresses
The Clark Wilson integrity model
*-Integrity Axiom
Direct Addressing
32. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Division C - Discretionary Protection
Orange Book B
Multilevel Security Policies
Absolute addresses
33. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
C1 - Discrection Security Protection is a type of environment
Process isolation
Orange Book - A1
34. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Types of covert channels
Trusted facility management
Reduced Instruction Set Computers (RISC)
An abstract machine
35. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Physical security
Thrashing
Identification - Orange Book
Disclosure of residual data
36. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Operational assurance requirements
NOT Integrity
Totality of protection mechanisms
Absolute addresses
37. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
A Layered Operating System Architecure
Bell-LaPadula Model
Prevent secret information from being accessed
38. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
The Security Kernel
Orange Book - B1
Cache Memory
Complex Instruction Set Computers (CISC)
39. A subject at a given clearance may not read an object at a higher classification
Indirect addressing
State machine model
The Simple Security Property
Basic Security Theorem (used in computer science) definition
40. A domain of trust that shares a single security policy and single management
A security domain
Swap Space
An abstract machine
Orange Book - B3
41. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Certification
State machine model
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
42. The subject must have Need to Know for ONLY the information they are trying to access.
All Mandatory Access Control (MAC) systems
Pagefile.sys file
System High Security Mode
Erasable and Programmable Read-Only Memory (EPROM)
43. Contains an Address of where the instruction and dara reside that need to be processed.
Orange Book interpretations
The Thread (memory Management)
Models concerned with integrity
Operational assurance requirements
44. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Relative Addresses
Swap Space
A1 - Rating
Highly secure systems (B2 - B3 and A1)
45. Which TCSEC level first addresses object reuse?
C2 - Controlled Access Protection
Complex Instruction Set Computers (CISC)
Subject to Object Model
C2
46. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Storage and timing
Sensitivity labels
B2
47. Which in the Orange Book ratings represents the highest level of trust?
B2
Be protected from modification
Storage and timing
The Monolithic Operation system Architecture
48. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Trusted Products Evaluation Program (TPEP)
Discretionary Security Property (ds-property)
Virtual storage
The Biba Model
49. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Be protected from modification
*-Integrity Axiom
Covert channels
50. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Discretionary Security Property (ds-property)
Integrity
Dedicated Security Mode
