SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Minimal Security
The TCSEC - Aka Orange Book
The National Computer Security Center (NCSC)
Orange Book - D
Implement software or systems in a production environment
2. When the address location that is specified in the program instruction contains the address of the final desired location.
A and B
Most commonly used approach
Indirect addressing
C1 - Discrection Security Protection is a type of environment
3. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Ring 3
Prohibits
Implement software or systems in a production environment
Controlling unauthorized downgrading of information
4. The Orange book requires protection against two_____________ - which are these Timing and Storage
Virtual storage
B1 - Labeled Security rating
Types of covert channels
attributability
5. Involves sharing the processor amoung all ready processes
B1 - Labeled Security rating
Files - directories and devices
Virtual Memory
Multitasking
6. The C2 evaluation class of the _________________ offers controlled access protection.
Clark-Wilson
Trusted Network Interpretation (TNI)
Storage and timing
Access Matrix model
7. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Orange Book - B1
Accreditation
Orange Book A
The Trusted Computing Base (TCB)
8. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Direct addressing
Prohibits
B1 - Labeled Security rating
9. Contains the ending address
C1 - Discretionary Security Protection
A Limit Register (Memory Management)
Discretionary Security Property (ds-property)
Ring 0
10. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Buffer overflows
B3
security protection mechanisms
Controlling unauthorized downgrading of information
11. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
Erasable and Programmable Read-Only Memory (EPROM)
The *-Property rule (Star property)
Enforces the rules
12. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Virtual storage
Security mechanisms and evalautes their effectivenes
attributability
13. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Simple Integrity Axiom
Orange Book - B1
The Common Criteria
The Security Kernel
14. Simpler instructions that require fewer clock cycles to execute.
Security mechanisms and evalautes their effectivenes
Division D - Minimal Protection
Evaluated separately
Reduced Instruction Set Computers (RISC)
15. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
A and B
Constrained
Multilevel Security Policies
The Trusted Computing Base (TCB)
16. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
A Layered Operating System Architecure
No read up
Logical addresses
D
17. In the Bell-LaPadula Model the Object's Label contains ___________________.
The security perimeter
Reduced Instruction Set Computers (RISC)
Its classification label (Top Secret - Secret or confidential)
Absolute addresses
18. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
B1 - Labeled Security rating
Networks and Communications
Dedicated Security Mode
Attributable - original - accurate - contemporaneous and legible
19. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
C1 - Discretionary Security Protection
The security perimeter
Discretionary Security Property (ds-property)
20. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Real storage
Ring 1
Orange Book - B2
Invocation Property
21. Based on a known address with an offset value applied.
Ring 2
B1 - Labeled Security rating
Storage and timing
Relative Addresses
22. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Be protected from modification
Multilevel Security Policies
Types of covert channels
23. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Pipelining
*-Integrity Axiom
Division B - Mandatory Protection
Direct Addressing
24. Which in the Orange Book ratings represents the highest level of trust?
Ring 2
B2
Covert channels
Security Policy - Orange Book
25. The combination of RAM - Cache and the Processor Registers
Security rating B
Accountability - Orange Book
Primary storage
Controls the checks
26. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Accreditation
Controlling unauthorized downgrading of information
Complex Instruction Set Computers (CISC)
27. Which TCSEC level first addresses object reuse?
A single classification and a Compartment Set
A security domain
C2
B1 - Labeled Security
28. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Multilevel Security Policies
First evaluation class
Orange Book C
A1 - Rating
29. What model use an access control triples and requires that the system maintain separation of duty ?
The Integrity of data within applications
Dominate the object's sensitivity label
Clark-Wilson
B1
30. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Dedicated Security Mode
Its classification label (Top Secret - Secret or confidential)
All Mandatory Access Control (MAC) systems
Security mechanisms and evalautes their effectivenes
31. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Basic Security Theorem (used in computer science) definition
Be protected from modification
TCB (Trusted Computing Base)
Documentation - Orange Book
32. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
C2
Security Policy - Orange Book
Covert channels
The Clark Wilson integrity model
33. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Controlling unauthorized downgrading of information
Division C - Discretionary Protection
Orange Book A
B3 - Rating
34. Can be erased - modified and upgraded.
Simple Security Rule
Life-cycle assurance - O/B
Erasable and Programmable Read-Only Memory (EPROM)
A Base Register (Memory Management)
35. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Controlling unauthorized downgrading of information
Indexed addressing
An abstract machine
Examples of Layered Operating Systems
36. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
B2 rating
Ring 3
The Thread (memory Management)
Most commonly used approach
37. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. Should always trace to individuals responsible for observing and recording the data
Attributable data
Security mechanisms and evalautes their effectivenes
Orange Book - A1
Documentation - Orange Book
39. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
The Security Kernel
B3 - Security Domains
Orange Book - A1
40. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
The trustworthiness of an information system
Models concerned with integrity
A and B
41. The Security Model Incorporates the ____________ that should be enforced in the system.
The security perimeter
Higher or equal to access class
B1 - Labeled Security rating
Security Policy
42. The Indexed memory addresses that software uses
C2
Reduced Instruction Set Computers (RISC)
Logical addresses
Multitasking
43. A system uses the Reference Monitor to ___________________ of a subject and an object?
Orange Book - D
Multitasking
Indirect addressing
Compare the security labels
44. Verification Protection
Integrity
Orange Book A
Prevent secret information from being accessed
Fail safe
45. Users need to be Identified individually to provide more precise acces control and auditing functionality.
The National Computer Security Center (NCSC)
A Thread
C2 - Controlled Access Protection
The Biba Model
46. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
A Domain
C2
State machine model
C2 - Controlled Access Protection
47. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Multilevel Security Policies
Security Policy is clearly defined and documented
The *-Property rule (Star property)
Buffer overflows
48. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Constrained
Trusted Products Evaluation Program (TPEP)
Its Clearance Label (Top Secret - Secret - or Confidential)
The Clark Wilson integrity model
49. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Simple Integrity Axiom
A1
The Security Kernel
Its Clearance Label (Top Secret - Secret - or Confidential)
50. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Mandatory Access Control (MAC)
Prohibits
Life-cycle assurance - O/B
Physical security
