SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
Continuous protection - O/B
A and B
A Base Register (Memory Management)
2. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
B3 - Rating
Orange Book ratings
The security perimeter
Orange Book B
3. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Most commonly used approach
Polyinstantiation
The Red Book
Orange Book - B3
4. The Bell-LaPadula Model is a _______________.
The Rule is talking about writing
Erasable and Programmable Read-Only Memory (EPROM)
Integrity
Subject to Object Model
5. Permits a database to have two records that are identical except for Their classifications
System High Security Mode
The "No read Up" rule
Polyinstantiation
All Mandatory Access Control (MAC) systems
6. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Complex Instruction Set Computers (CISC)
First evaluation class
Networks and Communications
Compare the security labels
7. Succesfully Evaluated products are placed on?
A lattice of Intergrity Levels
The Evaluated Products List (EPL) with their corresponding rating
Enforces the rules
Pagefile.sys file
8. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Ring 2
Bell-LaPadula Model
Ring 0
Administrative declaration
9. A type of memory used for High-speed writing and reading activities.
Orange Book A
Cache Memory
The trustworthiness of an information system
Isolate processes
10. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
No read down
The security perimeter
Erasable and Programmable Read-Only Memory (EPROM)
The Security Kernel
11. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
The Tranqulity principle (The Bell-LaPadula Model)
Orange Book - B3
Cache Memory
12. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Fail safe
The Biba Model
The Strong star property rule
Cache Memory
13. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Labels - Orange Book
Thrashing
All Mandatory Access Control (MAC) systems
Disclosure of residual data
14. The Simple Security rule is refered to as______________.
The "No read Up" rule
State machine model
Trusted Network Interpretation (TNI)
C1
15. What prevents a process from accessing another process' data?
The Security Kernel
Attributable - original - accurate - contemporaneous and legible
Process isolation
Highly secure systems (B2 - B3 and A1)
16. TCB contains The Security Kernel and all ______________.
*-Integrity Axiom
B2 - Structured Protection
security protection mechanisms
Integrity
17. Audit data must be captured and protected to enforce accountability
'Dominate'
Accountability - Orange Book
Continuous protection - O/B
Execution Domain
18. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Virtual storage
Administrative declaration
NOT Integrity
C2 - Controlled Access Protection
19. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Real storage
Security Policy is clearly defined and documented
The trustworthiness of an information system
Swap Space
20. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The Simple Security Property
A1 - Rating
Access control to the objects by the subjects
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
21. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Trusted Products Evaluation Program (TPEP)
A lattice of Intergrity Levels
Most commonly used approach
22. Which is a straightforward approach that provides access rights to subjects for objects?
Need-to-know
Access Matrix model
The Monolithic Operation system Architecture
Continuous protection - O/B
23. What does the * (star) property mean in the Bell-LaPadula model?
No write down
In C2 - Controlled Access Protection environment
A single classification and a Compartment Set
Types of covert channels
24. Each data object must contain a classification label and each subject must have a clearance label.
Process isolation
B1 - Labeled Security
Need-to-know
A Thread
25. What does the simple integrity axiom mean in the Biba model?
No read down
Life Cycle Assurance Requirement
Evaluated separately
Trusted Products Evaluation Program (TPEP)
26. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Operational assurance requirements
Prevent secret information from being accessed
Dedicated Security Mode
The "No read Up" rule
27. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Subject to Object Model
C2 - Controlled Access Protection
Mandatory Access Control (MAC)
The trustworthiness of an information system
28. Should always trace to individuals responsible for observing and recording the data
Labels - Orange Book
Orange Book - B1
Attributable data
B3 - Security Domains
29. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
An abstract machine
Identification - Orange Book
The rule is talking about "Reading"
Polyinstantiation
30. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
B1 - Labeled Security rating
Thrashing
Constrained
The reference monitor
31. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Firmware
The security perimeter
Life-cycle assurance - O/B
Division B - Mandatory Protection Architecture
32. System Architecture that separates system functionality into Hierarchical layers
Buffer overflows
A Layered Operating System Architecure
Virtual storage
Ring 3
33. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
'Dominate'
Multitasking
Trusted Distribution
Networks and Communications
34. When the RAM and secondary storage are combined the result is __________.
Security Policy - Orange Book
Accountability - Orange Book
Virtual Memory
Security mechanisms and evalautes their effectivenes
35. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Identification - Orange Book
Orange Book - B2
Protection Rings Support
The Rule is talking about writing
36. The security kernel is the mechanism that _____________ of the reference monitor concept.
Be protected from modification
Enforces the rules
Relative Addresses
Erasable and Programmable Read-Only Memory (EPROM)
37. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Its classification label (Top Secret - Secret or confidential)
Sensitivity labels
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The *-Property rule (Star property)
38. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Multiprocessing
C1 - Discretionary Security Protection
Primary storage
Networks and Communications
39. Intended for environments that require systems to handle classified data.
B2 rating
Clark-Wilson
Assigned labels
B1 - Labeled Security rating
40. What does the simple security (ss) property mean in the Bell-LaPadula model?
Trusted hardware - Software and Firmware
No read up
Division C - Discretionary Protection
The Simple Security Property
41. Which can be used as a covert channel?
The Evaluated Products List (EPL) with their corresponding rating
C1 - Discrection Security Protection is a type of environment
Storage and timing
Division B - Mandatory Protection
42. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Government and military applications
The Biba Model
In C2 - Controlled Access Protection environment
Highly secure systems (B2 - B3 and A1)
43. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Identification - Orange Book
System High Security Mode
Orange Book interpretations
A Layered Operating System Architecure
44. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
The *-Property rule (Star property)
Isolate processes
A1 - Rating
45. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
A security kernel
Most commonly used approach
The Clark Wilson integrity model
Discretionary Security Property (ds-property)
46. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
Continuous protection - O/B
B2 - Structured Protection
The "No read Up" rule
47. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Ring 3
Access Matrix model
Direct Addressing
C1
48. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Pagefile.sys file
Buffer (temporary data storage area)
The Thread (memory Management)
Implement software or systems in a production environment
49. The Physical memory address that the CPU uses
C1 - Discretionary Security Protection
Controlling unauthorized downgrading of information
Continuous protection - O/B
Absolute addresses
50. Used by Windows systems to reserve the "Swap Space"
International Standard 15408
Indirect addressing
Pagefile.sys file
Life-cycle assurance - O/B
