SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Individual subjects must be uniquely identified.
C2
Identification - Orange Book
Discretionary Security Property (ds-property)
Dedicated Security Mode
2. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. A set of objects that a subject is able to access
C1 - Discretionary Security Protection
A Domain
Operational assurance requirements
Mandatory Access Control (MAC)
4. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
Division B - Mandatory Protection
Real storage
Attributable - original - accurate - contemporaneous and legible
5. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
The security perimeter
The National Computer Security Center (NCSC)
Controls the checks
6. Execute one instruction at a time.
The Common Criteria
Scalar processors
Access control to the objects by the subjects
Multiprocessing
7. Data in Cache can be accessed much more quickly than Data
Government and military applications
Polyinstantiation
Stored in Reak Memory
Mandatory access control
8. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Multilevel Security Policies
B2 rating
Access Matrix model
9. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Cache Memory
Orange Book - B1
B1
10. What does the simple security (ss) property mean in the Bell-LaPadula model?
Identification - Orange Book
Government and military applications
Orange Book - B1
No read up
11. Which would be designated as objects on a MAC system?
Files - directories and devices
Constrained
The Security Kernel
Firmware
12. Which is a straightforward approach that provides access rights to subjects for objects?
The Red Book
Real storage
Access Matrix model
Life-cycle assurance - O/B
13. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Trusted Products Evaluation Program (TPEP)
Highly secure systems (B2 - B3 and A1)
Orange Book - A1
14. The Availability - Integrity and confidentiality requirements of multitasking operating systems
A security domain
Protection Rings Support
Physical security
State machine model
15. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Clark-Wilson Model
The Trusted Computing Base (TCB)
No read down
16. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Integrity
Fail safe
Process isolation
A Limit Register (Memory Management)
17. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
C1
The reference monitor
Prohibits
Division B - Mandatory Protection Architecture
18. A Policy based control. All objects and systems have a sensitivity level assigned to them
Discretionary Security Property (ds-property)
Security mechanisms and evalautes their effectivenes
Mandatory Access Control (MAC)
Security rating B
19. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The security perimeter
Administrative declaration
A security domain
Execution Domain
20. When a portion of primary memory is accessed by specifying the actual address of the memory location
Scalar processors
C2
Direct addressing
security protection mechanisms
21. When a computer uses more than one CPU in parallel to execute instructions is known as?
Government and military applications
Multiprocessing
B2
TCB (Trusted Computing Base)
22. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Higher or equal to access class
Clark-Wilson
Examples of Layered Operating Systems
23. What prevents a process from accessing another process' data?
Fail safe
Government and military applications
The Simple Security Property
Process isolation
24. What access control technique is also known as multilevel security?
Fail safe
Mandatory access control
The Clark Wilson integrity model
A Thread
25. When the RAM and secondary storage are combined the result is __________.
Cache Memory
Virtual Memory
Reduced Instruction Set Computers (RISC)
Primary storage
26. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
An abstract machine
A Thread
Firmware
*-Integrity Axiom
27. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Prevent secret information from being accessed
Invocation Property
C1 - Discretionary Security Protection
The "No read Up" rule
28. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
C1 - Discretionary Security Protection
Discretionary Security Property (ds-property)
A Limit Register (Memory Management)
29. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
The Clark Wilson integrity model
Real storage
The "No write Down" Rule
Isolate processes
30. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Thrashing
Security Policy
First evaluation class
Buffer overflows
31. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Attributable data
A security domain
The National Computer Security Center (NCSC)
Mandatory Access Control (MAC)
32. Minimal Security
B1 - Labeled Security
Orange Book - D
Attributable data
The reference monitor
33. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
All Mandatory Access Control (MAC) systems
Trusted Distribution
Execution Domain
Buffer (temporary data storage area)
34. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
Ring 2
Division B - Mandatory Protection Architecture
Operational assurance requirements
35. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
*-Integrity Axiom
Dominate the object's sensitivity label
Constrained
36. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Orange Book ratings
B2 rating
Direct Addressing
Pagefile.sys file
37. What does the simple integrity axiom mean in the Biba model?
Attributable data
Logical addresses
No read down
D
38. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Simple Security Rule
Polyinstantiation
Be protected from modification
Orange Book - D
39. The Reserved hard drive space used to to extend RAM capabilites.
The Trusted Computing Base (TCB)
Swap Space
Relative Addresses
First evaluation class
40. Which can be used as a covert channel?
The Security Kernel
Attributable - original - accurate - contemporaneous and legible
Storage and timing
Orange Book ratings
41. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Logical addresses
Orange Book - B1
Sensitivity labels
Security mechanisms and evalautes their effectivenes
42. What are the components of an object's sensitivity label?
Orange Book - B3
Implement software or systems in a production environment
Virtual storage
A single classification and a Compartment Set
43. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
The Security Kernel
Covert channels
The Evaluated Products List (EPL) with their corresponding rating
Ring 0
44. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Orange Book - B2
The rule is talking about "Reading"
Bell-LaPadula Model
Orange Book - B1
45. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
B1
Scalar processors
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
46. Happen because input data is not checked for appropriate length at time of input
The Common Criteria
Accountability - Orange Book
Buffer overflows
B1 - Labeled Security
47. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Mandatory access control
Orange Book - B3
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
System High Security Mode
48. What does the * (star) property mean in the Bell-LaPadula model?
TCB (Trusted Computing Base)
A security domain
No write down
A and B
49. When the address location that is specified in the program instruction contains the address of the final desired location.
Life-cycle assurance - O/B
Higher or equal to access class
Compare the security labels
Indirect addressing
50. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
*-Integrity Axiom
C1 - Discretionary Security Protection
Pagefile.sys file
