Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The subject must have Need to Know for ONLY the information they are trying to access.






2. A system uses the Reference Monitor to ___________________ of a subject and an object?






3. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






4. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






5. Mandatory Protection






6. The total combination of protection mechanisms within a computer system






7. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






8. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






10. As per FDA data should be ______________________________.






11. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






12. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






13. Execute one instruction at a time.






14. Which is an ISO standard product evaluation criteria that supersedes several different criteria






15. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






16. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






17. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






18. Which increases the performance in a computer by overlapping the steps of different instructions?






19. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






20. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






21. Intended for environments that require systems to handle classified data.






22. According to the Orange Book - trusted facility management is not required for which security levels?






23. What is called the formal acceptance of the adequacy of a system's overall security by management?






24. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






25. The TCB is the ________________ within a computer system that work together to enforce a security policy.






26. Remaining parts of the operating system






27. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






28. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






29. Contains the beginning address






30. Which in the Orange Book ratings represents the highest level of trust?






31. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






32. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






33. In the Bell-LaPadula Model the Object's Label contains ___________________.






34. Based on a known address with an offset value applied.






35. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






36. Which is a straightforward approach that provides access rights to subjects for objects?






37. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






38. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






39. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






40. The Reserved hard drive space used to to extend RAM capabilites.






41. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






42. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






43. Which would be designated as objects on a MAC system?






44. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






45. When a computer uses more than one CPU in parallel to execute instructions is known as?






46. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






47. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






48. Which can be used as a covert channel?






49. TCB contains The Security Kernel and all ______________.






50. What does the * (star) property mean in the Bell-LaPadula model?