Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






2. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


3. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






4. The Orange book does NOT Cover ________________ - And Database management systems






5. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






6. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






7. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






8. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






9. All users have a clearance for and a formal need to know about - all data processed with the system.






10. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






11. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






12. TCB contains The Security Kernel and all ______________.






13. What does the simple security (ss) property mean in the Bell-LaPadula model?






14. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






15. What does the simple integrity axiom mean in the Biba model?






16. Access control labels must be associated properly with objects.






17. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






18. The Biba Model adresses _____________________.






19. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






20. Data in Cache can be accessed much more quickly than Data






21. Which describe a condition when RAM and Secondary storage are used together?






22. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






23. The subject must have Need to Know for ONLY the information they are trying to access.






24. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


25. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






26. Contains the beginning address






27. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






28. Applications and user activity






29. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






30. Individual subjects must be uniquely identified.






31. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






32. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






33. Mandatory Protection






34. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






35. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






36. Mandatory Access requires that _____________ be attached to all objects.






37. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






38. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






39. Which can be used as a covert channel?






40. Used by Windows systems to reserve the "Swap Space"






41. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






42. Permits a database to have two records that are identical except for Their classifications






43. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






44. Discretionary protection






45. The combination of RAM - Cache and the Processor Registers






46. Operating System Kernel






47. Which Orange Book evaluation level is described as "Verified Design"?






48. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






49. In access control terms - the word "dominate" refers to ___________.






50. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests