SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
The security perimeter
Mandatory access control
C1 - Discrection Security Protection is a type of environment
Prevent secret information from being accessed
2. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
The security perimeter
Ring 2
C2
Direct addressing
3. In access control terms - the word "dominate" refers to ___________.
Subject to Object Model
Higher or equal to access class
Process isolation
State machine model
4. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Protection Rings Support
Division D - Minimal Protection
C1 - Discrection Security Protection is a type of environment
Complex Instruction Set Computers (CISC)
5. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Virtual Memory
Security Policy
Basic Security Theorem (used in computer science) definition
Life Cycle Assurance Requirement
6. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
Division C - Discretionary Protection
The *-Property rule (Star property)
Protection Rings Support
7. Which TCSEC level first addresses object reuse?
Orange Book ratings
Buffer (temporary data storage area)
C2
A Base Register (Memory Management)
8. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Security mechanisms and evalautes their effectivenes
First evaluation class
Clark-Wilson
B3 - Rating
9. Trusted facility management is an assurance requirement only for ________________.
Security Policy is clearly defined and documented
The Clark Wilson integrity model
Highly secure systems (B2 - B3 and A1)
Isolate processes
10. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Indexed addressing
The Strong star property rule
Orange Book A
11. What does the * (star) property mean in the Bell-LaPadula model?
Programmable Read-Only Memory (PROM)
Logical addresses
No write down
Division C - Discretionary Protection
12. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Highly secure systems (B2 - B3 and A1)
Simple Integrity Axiom
Prohibits
C1 - Discretionary Security Protection
13. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
C2
'Dominate'
A lattice of Intergrity Levels
Prevent secret information from being accessed
14. Applications and user activity
The Simple Security Property
An abstract machine
Ring 3
Fail safe
15. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
The reference monitor
Division B - Mandatory Protection
The security perimeter
16. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
No write down
Be protected from modification
Scalar processors
D
17. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
C2 - Controlled Access Protection
B2 rating
Trusted Network Interpretation (TNI)
An abstract machine
18. The TCB is the ________________ within a computer system that work together to enforce a security policy.
C1
B3 - Security Domains
Totality of protection mechanisms
Primary storage
19. Based on a known address with an offset value applied.
Scalar processors
Multilevel Security Policies
Ring 2
Relative Addresses
20. Execute one instruction at a time.
Controlling unauthorized downgrading of information
Basic Security Theorem (used in computer science) definition
Scalar processors
Ring 2
21. Verification Protection
Documentation - Orange Book
Swap Space
No read down
Orange Book A
22. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Logical addresses
Virtual Memory
B3 - Security Domains
Life-cycle assurance - O/B
23. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
State machine model
Secondary Storage
The National Computer Security Center (NCSC)
Life-cycle assurance - O/B
24. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Attributable - original - accurate - contemporaneous and legible
The security kernel
Physical security
25. Which uses Protection Profiles and Security Targets?
Multitasking
International Standard 15408
Secondary Storage
Access control to the objects by the subjects
26. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Discretionary Security Property (ds-property)
Ring 2
Physical security
27. Which would be designated as objects on a MAC system?
Files - directories and devices
The "No write Down" Rule
security protection mechanisms
The Common Criteria
28. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Programmable Read-Only Memory (PROM)
The Strong star property rule
Simple Security Rule
Accreditation
29. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Orange Book - B3
Dominate the object's sensitivity label
The Biba Model
30. Mandatory Protection
The Evaluated Products List (EPL) with their corresponding rating
Its classification label (Top Secret - Secret or confidential)
Pipelining
Orange Book B
31. I/O drivers and utilities
Buffer overflows
Ring 2
Protection Rings Support
Files - directories and devices
32. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Clark-Wilson
C2
Swap Space
A Thread
33. What does the simple integrity axiom mean in the Biba model?
Orange Book ratings
No read down
Security rating B
Buffer overflows
34. When a computer uses more than one CPU in parallel to execute instructions is known as?
A1
Multiprocessing
A lattice of Intergrity Levels
Direct Addressing
35. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
B3 - Rating
Pipelining
Life Cycle Assurance Requirement
Networks and Communications
36. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Division D - Minimal Protection
Prohibits
A and B
Accreditation
37. What does the Clark-Wilson security model focus on
A and B
A1
Trusted Distribution
Integrity
38. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Security mechanisms and evalautes their effectivenes
Security Policy is clearly defined and documented
39. Each data object must contain a classification label and each subject must have a clearance label.
Orange Book ratings
B3
Orange Book - B3
B1 - Labeled Security
40. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
The "No write Down" Rule
Virtual storage
B3
41. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Controls the checks
No read up
Overt channel
B2 - Structured Protection
42. A Policy based control. All objects and systems have a sensitivity level assigned to them
B2 - Structured Protection
Attributable - original - accurate - contemporaneous and legible
Mandatory Access Control (MAC)
Thrashing
43. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
C1 - Discretionary Security Protection
Orange Book - B1
A1 - Rating
Scalar processors
44. A subject at a given clearance may not read an object at a higher classification
Swap Space
The Simple Security Property
Simple Integrity Axiom
Access control to the objects by the subjects
45. Mediates all access and Functions between subjects and objects.
Implement software or systems in a production environment
The Security Kernel
The Rule is talking about writing
Dedicated Security Mode
46. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
A Thread
Totality of protection mechanisms
Most commonly used approach
47. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Individual subjects must be uniquely identified.
Identification - Orange Book
Networks and Communications
The Integrity of data within applications
A security kernel
49. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
C2
Orange Book ratings
Most commonly used approach
50. Contains the ending address
A Limit Register (Memory Management)
Examples of Layered Operating Systems
The Integrity of data within applications
Life Cycle Assurance Requirement