SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
The Monolithic Operation system Architecture
B2 rating
Dedicated Security Mode
D
2. Based on a known address with an offset value applied.
A security domain
Relative Addresses
NOT Integrity
Integrity
3. Contains an Address of where the instruction and dara reside that need to be processed.
C1 - Discrection Security Protection is a type of environment
A1 - Rating
The Thread (memory Management)
Disclosure of residual data
4. Happen because input data is not checked for appropriate length at time of input
Administrative declaration
Covert channels
Pagefile.sys file
Buffer overflows
5. The Indexed memory addresses that software uses
Government and military applications
A lattice of Intergrity Levels
Logical addresses
The National Computer Security Center (NCSC)
6. I/O drivers and utilities
C2 - Controlled Access Protection
Overt channel
Mandatory Access Control (MAC)
Ring 2
7. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
International Standard 15408
The *-Property rule (Star property)
Bell-LaPadula Model
Pipelining
8. Mediates all access and Functions between subjects and objects.
B3 - Security Domains
C2
The Security Kernel
Security Policy is clearly defined and documented
9. The Physical memory address that the CPU uses
'Dominate'
A1
C1
Absolute addresses
10. Mandatory Access requires that _____________ be attached to all objects.
Orange Book B
Sensitivity labels
C1 - Discrection Security Protection is a type of environment
Storage and timing
11. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Pagefile.sys file
A1 - Rating
Stored in Reak Memory
No read up
12. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
The "No read Up" rule
Orange Book ratings
Totality of protection mechanisms
13. Trusted facility management is an assurance requirement only for ________________.
A Layered Operating System Architecure
Totality of protection mechanisms
Highly secure systems (B2 - B3 and A1)
Trusted Products Evaluation Program (TPEP)
14. Mandatory access control is enfored by the use of security labels.
C2 - Controlled Access Protection
'Dominate'
Protection Rings Support
Division B - Mandatory Protection
15. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
The National Computer Security Center (NCSC)
Trusted Network Interpretation (TNI)
Pagefile.sys file
C2 - Controlled Access Protection
16. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The Monolithic Operation system Architecture
Administrative declaration
Multilevel Security Policies
Invocation Property
17. Data in Cache can be accessed much more quickly than Data
The Rule is talking about writing
Security mechanisms and evalautes their effectivenes
Stored in Reak Memory
Invocation Property
18. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
No read up
Simple Integrity Axiom
Multiprocessing
Buffer overflows
19. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Direct addressing
Orange Book interpretations
The Strong star property rule
Real storage
20. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
The Strong star property rule
Direct addressing
B2 - Structured Protection
Certification
21. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Ring 3
C2 - Controlled Access Protection
Storage and timing
Implement software or systems in a production environment
22. What is called the formal acceptance of the adequacy of a system's overall security by management?
Access control to the objects by the subjects
Accreditation
The Biba Model
Certification
23. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A Domain
A Thread
*-Integrity Axiom
Life-cycle assurance - O/B
24. A type of memory used for High-speed writing and reading activities.
International Standard 15408
Its classification label (Top Secret - Secret or confidential)
Logical addresses
Cache Memory
25. Which would be designated as objects on a MAC system?
A Thread
Trusted Distribution
A security kernel
Files - directories and devices
26. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Certification
The Clark Wilson integrity model
Invocation Property
Division C - Discretionary Protection
27. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Thrashing
Primary storage
Attributable - original - accurate - contemporaneous and legible
28. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Orange Book - A1
Basic Security Theorem (used in computer science) definition
Administrative declaration
The Common Criteria
29. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
A lattice of Intergrity Levels
The rule is talking about "Reading"
A1 - Rating
Be protected from modification
30. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Controlling unauthorized downgrading of information
The security kernel
Higher or equal to access class
Direct Addressing
31. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
B2
In C2 - Controlled Access Protection environment
Clark-Wilson Model
32. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Clark-Wilson Model
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Thread (memory Management)
Implement software or systems in a production environment
33. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
The reference monitor
A1 - Rating
First evaluation class
34. Which Orange Book evaluation level is described as "Verified Design"?
Reduced Instruction Set Computers (RISC)
A1
Highly secure systems (B2 - B3 and A1)
Files - directories and devices
35. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Subject to Object Model
B3 - Security Domains
The Strong star property rule
Invocation Property
36. As per FDA data should be ______________________________.
Most commonly used approach
Attributable - original - accurate - contemporaneous and legible
The Monolithic Operation system Architecture
Stored in Reak Memory
37. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Evaluated separately
The *-Property rule (Star property)
Orange Book - D
B2 rating
38. Which in the Orange Book ratings represents the highest level of trust?
B2
The Trusted Computing Base (TCB)
The Tranqulity principle (The Bell-LaPadula Model)
Overt channel
39. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Implement software or systems in a production environment
Programmable Read-Only Memory (PROM)
*-Integrity Axiom
A1 - Rating
40. Audit data must be captured and protected to enforce accountability
All Mandatory Access Control (MAC) systems
Accountability - Orange Book
Physical security
No read up
41. Minimal Security
Certification
Orange Book - D
The Simple Security Property
Compare the security labels
42. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Its Clearance Label (Top Secret - Secret - or Confidential)
The Tranqulity principle (The Bell-LaPadula Model)
Basic Security Theorem (used in computer science) definition
Programmable Read-Only Memory (PROM)
43. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
System High Security Mode
Orange Book C
Simple Integrity Axiom
44. Which describe a condition when RAM and Secondary storage are used together?
First evaluation class
No read up
Orange Book - B3
Virtual storage
45. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Controls the checks
Security Policy is clearly defined and documented
Dedicated Security Mode
Need-to-know
46. The combination of RAM - Cache and the Processor Registers
Primary storage
Trusted Products Evaluation Program (TPEP)
The "No read Up" rule
The Monolithic Operation system Architecture
47. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Controlling unauthorized downgrading of information
Orange Book C
Attributable - original - accurate - contemporaneous and legible
48. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Mandatory access control
Accreditation
The Trusted Computing Base (TCB)
Trusted Network Interpretation (TNI)
49. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
A Thread
Dedicated Security Mode
The Integrity of data within applications
security protection mechanisms
50. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Mandatory Access Control (MAC)
B2 - Structured Protection
Compare the security labels