SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Real storage
Totality of protection mechanisms
Networks and Communications
The Red Book
2. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Thrashing
System High Security Mode
The Integrity of data within applications
3. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2
The security perimeter
Orange Book C
C2 - Controlled Access Protection
4. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Dominate the object's sensitivity label
A Thread
Orange Book - B2
5. Mandatory Protection
Orange Book B
Compare the security labels
Programmable Read-Only Memory (PROM)
Security Policy is clearly defined and documented
6. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Relative Addresses
A lattice of Intergrity Levels
The Evaluated Products List (EPL) with their corresponding rating
7. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Multilevel Security Policies
*-Integrity Axiom
B2
8. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
C2
Examples of Layered Operating Systems
The Trusted Computing Base (TCB)
9. Can be erased - modified and upgraded.
Orange Book C
A single classification and a Compartment Set
Erasable and Programmable Read-Only Memory (EPROM)
A1 - Rating
10. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
C1 - Discretionary Security Protection
Execution Domain
The Tranqulity principle (The Bell-LaPadula Model)
Orange Book - B1
11. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Orange Book - B1
C1
Trusted facility management
Trusted hardware - Software and Firmware
12. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The Biba Model
Accreditation
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The National Computer Security Center (NCSC)
13. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
A security kernel
Division B - Mandatory Protection Architecture
Mandatory Access Control (MAC)
14. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
A Layered Operating System Architecure
Its Clearance Label (Top Secret - Secret - or Confidential)
A lattice of Intergrity Levels
15. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Relative Addresses
C2
Multiprocessing
The Monolithic Operation system Architecture
16. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Logical addresses
Mandatory access control
Basic Security Theorem (used in computer science) definition
Life-cycle assurance - O/B
17. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The trustworthiness of an information system
The Biba Model
Swap Space
Security rating B
19. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
An abstract machine
Bell-LaPadula Model
Most commonly used approach
20. The *-Property rule is refered to as ____________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C1 - Discretionary Security Protection
Documentation - Orange Book
The "No write Down" Rule
21. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Process isolation
The rule is talking about "Reading"
NOT Integrity
22. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Complex Instruction Set Computers (CISC)
The rule is talking about "Reading"
The Monolithic Operation system Architecture
Types of covert channels
23. A type of memory used for High-speed writing and reading activities.
Cache Memory
Multitasking
Stored in Reak Memory
Orange Book - A1
24. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Erasable and Programmable Read-Only Memory (EPROM)
Files - directories and devices
The Clark Wilson integrity model
Security rating B
25. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Virtual Memory
Certification
Protection Rings Support
C2
26. When the RAM and secondary storage are combined the result is __________.
Constrained
Virtual Memory
Swap Space
In C2 - Controlled Access Protection environment
27. A Policy based control. All objects and systems have a sensitivity level assigned to them
The Clark Wilson integrity model
The rule is talking about "Reading"
Division D - Minimal Protection
Mandatory Access Control (MAC)
28. Permits a database to have two records that are identical except for Their classifications
The National Computer Security Center (NCSC)
Polyinstantiation
No read up
Prevent secret information from being accessed
29. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Attributable data
C2 - Controlled Access Protection
A Domain
30. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
The "No write Down" Rule
No write down
Mandatory Access Control (MAC)
A Thread
31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Virtual Memory
Be protected from modification
Division C - Discretionary Protection
Basic Security Theorem (used in computer science) definition
32. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
The trustworthiness of an information system
B2 rating
Erasable and Programmable Read-Only Memory (EPROM)
33. Audit data must be captured and protected to enforce accountability
Security Policy
Accountability - Orange Book
Totality of protection mechanisms
*-Integrity Axiom
34. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Need-to-know
Polyinstantiation
B2 - Structured Protection
*-Integrity Axiom
35. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
The Evaluated Products List (EPL) with their corresponding rating
First evaluation class
Dedicated Security Mode
Higher or equal to access class
36. Which uses Protection Profiles and Security Targets?
B3 - Security Domains
International Standard 15408
Swap Space
B2 - Structured Protection
37. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Multiprocessing
Prohibits
The Security Kernel
The Integrity of data within applications
38. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Clark-Wilson Model
The *-Property rule (Star property)
The trustworthiness of an information system
B2 - Structured Protection
39. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
The trustworthiness of an information system
Reduced Instruction Set Computers (RISC)
A and B
B3 - Rating
40. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
The TCSEC - Aka Orange Book
In C2 - Controlled Access Protection environment
B3 - Security Domains
41. Should always trace to individuals responsible for observing and recording the data
Types of covert channels
Attributable data
A Thread
C2 - Controlled Access Protection
42. A set of objects that a subject is able to access
Clark-Wilson
The security kernel
B3
A Domain
43. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Continuous protection - O/B
Polyinstantiation
Physical security
Government and military applications
44. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Evaluated separately
Enforces the rules
Administrative declaration
Division C - Discretionary Protection
45. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
The trustworthiness of an information system
Clark-Wilson Model
C2 - Controlled Access Protection
46. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
System High Security Mode
B3 - Rating
Process isolation
47. The Bell-LaPadula Model is a _______________.
Subject to Object Model
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Direct Addressing
Pagefile.sys file
48. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Attributable - original - accurate - contemporaneous and legible
Relative Addresses
Orange Book C
49. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Certification
The Tranqulity principle (The Bell-LaPadula Model)
Documentation - Orange Book
The reference monitor
50. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
C2 - Controlled Access Protection
Orange Book B
A Base Register (Memory Management)
Trusted facility management
