Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The assignment of a specific individual to administer the security-related functions of a system.






2. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






3. Remaining parts of the operating system






4. Permits a database to have two records that are identical except for Their classifications






5. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






6. When the contents of the address defined in the program's instruction is added to that of an index register.






7. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






8. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






9. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






10. The Bell-LaPadula model Subjects and Objects are ___________.






11. The Biba Model adresses _____________________.






12. I/O drivers and utilities






13. Mandatory Access requires that _____________ be attached to all objects.






14. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






15. Audit data must be captured and protected to enforce accountability






16. Succesfully Evaluated products are placed on?






17. The Physical memory address that the CPU uses






18. When the RAM and secondary storage are combined the result is __________.






19. When the address location that is specified in the program instruction contains the address of the final desired location.






20. In the Bell-LaPadula Model the Subject's Label contains ___________________.






21. What does the simple integrity axiom mean in the Biba model?






22. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






23. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






24. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






25. Which in the Orange Book ratings represents the highest level of trust?






26. What access control technique is also known as multilevel security?






27. Which can be used as a covert channel?






28. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






29. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






30. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






31. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






32. When a vendor submits a product for evaluation - it submits it to the ____________.






33. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






34. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


35. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






36. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






37. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






38. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






39. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






40. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






41. The security kernel is the mechanism that _____________ of the reference monitor concept.






42. Individual subjects must be uniquely identified.






43. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






44. The Reserved hard drive space used to to extend RAM capabilites.






45. The group that oversees the processes of evaluation within TCSEC is?






46. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






47. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






48. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






49. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






50. Contains the beginning address







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests