SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on a known address with an offset value applied.
Direct addressing
Relative Addresses
Virtual Memory
No read up
2. A type of memory used for High-speed writing and reading activities.
Security Policy - Orange Book
A Domain
Clark-Wilson
Cache Memory
3. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Absolute addresses
Dominate the object's sensitivity label
Orange Book ratings
Firmware
4. Remaining parts of the operating system
Ring 1
The Rule is talking about writing
Dominate the object's sensitivity label
*-Integrity Axiom
5. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
The National Computer Security Center (NCSC)
No read up
Networks and Communications
6. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Controlling unauthorized downgrading of information
C2
The security kernel
Division C - Discretionary Protection
7. Which in the Orange Book ratings represents the highest level of trust?
Dedicated Security Mode
B2
Security Policy - Orange Book
Security Policy
8. Discretionary protection
Mandatory Access Control (MAC)
Constrained
Orange Book C
Compare the security labels
9. Which can be used as a covert channel?
Swap Space
Storage and timing
No write down
Orange Book ratings
10. Subjects and Objects cannot change their security levels once they have been instantiated (created)
In C2 - Controlled Access Protection environment
An abstract machine
Physical security
The Tranqulity principle (The Bell-LaPadula Model)
11. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Integrity
Orange Book A
Direct addressing
B3
12. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Cache Memory
B3
Disclosure of residual data
Execution Domain
13. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Security Policy - Orange Book
B2 - Structured Protection
*-Integrity Axiom
Documentation - Orange Book
14. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Direct addressing
Dedicated Security Mode
The Common Criteria
Disclosure of residual data
15. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
The Red Book
B2 rating
Access Matrix model
Division C - Discretionary Protection
16. When a computer uses more than one CPU in parallel to execute instructions is known as?
Controls the checks
Access Matrix model
Higher or equal to access class
Multiprocessing
17. Operating System Kernel
A and B
A1 - Rating
A Thread
Ring 0
18. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Multiprocessing
The *-Property rule (Star property)
The reference monitor
19. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Security Policy
Implement software or systems in a production environment
No read down
20. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Trusted Products Evaluation Program (TPEP)
The Common Criteria
Operational assurance requirements
Most commonly used approach
21. The combination of RAM - Cache and the Processor Registers
Orange Book - B3
Primary storage
System High Security Mode
The rule is talking about "Reading"
22. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The Tranqulity principle (The Bell-LaPadula Model)
B3 - Security Domains
C1 - Discretionary Security Protection
Certification
23. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Government and military applications
*-Integrity Axiom
The Tranqulity principle (The Bell-LaPadula Model)
Orange Book - B3
24. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Trusted hardware - Software and Firmware
Absolute addresses
Attributable data
Continuous protection - O/B
25. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Operational assurance requirements
C1 - Discrection Security Protection is a type of environment
The TCSEC - Aka Orange Book
26. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
The security perimeter
Execution Domain
Orange Book interpretations
27. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Integrity
Controls the checks
Firmware
Multitasking
28. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
A and B
Firmware
B1 - Labeled Security
29. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Polyinstantiation
C1
Logical addresses
30. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
Ring 2
Stored in Reak Memory
Mandatory access control
31. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Evaluated separately
Access control to the objects by the subjects
The trustworthiness of an information system
Need-to-know
32. What access control technique is also known as multilevel security?
The reference monitor
Mandatory access control
B3 - Security Domains
Clark-Wilson
33. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Enforces the rules
Government and military applications
Dominate the object's sensitivity label
*-Integrity Axiom
34. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Implement software or systems in a production environment
All Mandatory Access Control (MAC) systems
Security Policy is clearly defined and documented
35. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
System High Security Mode
C1 - Discrection Security Protection is a type of environment
B2 - Structured Protection
Attributable - original - accurate - contemporaneous and legible
36. What is called the formal acceptance of the adequacy of a system's overall security by management?
Physical security
Orange Book C
C1 - Discretionary Security Protection
Accreditation
37. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
Direct addressing
Dominate the object's sensitivity label
A security domain
38. Mediates all access and Functions between subjects and objects.
security protection mechanisms
The Security Kernel
First evaluation class
Orange Book - B3
39. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Isolate processes
C2
Models concerned with integrity
Indexed addressing
40. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Overt channel
Continuous protection - O/B
First evaluation class
41. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
A1 - Rating
Simple Integrity Axiom
B3
42. Which is a straightforward approach that provides access rights to subjects for objects?
B3 - Rating
Access Matrix model
Simple Security Rule
The Evaluated Products List (EPL) with their corresponding rating
43. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Dedicated Security Mode
Storage and timing
Compare the security labels
Multilevel Security Policies
44. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Discretionary Security Property (ds-property)
State machine model
Identification - Orange Book
The rule is talking about "Reading"
45. The group that oversees the processes of evaluation within TCSEC is?
The Trusted Computing Base (TCB)
A Base Register (Memory Management)
The *-Property rule (Star property)
Trusted Products Evaluation Program (TPEP)
46. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Controlling unauthorized downgrading of information
Certification
The National Computer Security Center (NCSC)
47. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Compare the security labels
Pagefile.sys file
NOT Integrity
The National Computer Security Center (NCSC)
48. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Ring 2
In C2 - Controlled Access Protection environment
Assigned labels
Indirect addressing
49. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Execution Domain
B3 - Rating
Complex Instruction Set Computers (CISC)
C1
50. Intended for environments that require systems to handle classified data.
No read up
Accreditation
Security Policy
B1 - Labeled Security rating
