SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model adresses _____________________.
The Integrity of data within applications
Accreditation
NOT Integrity
International Standard 15408
2. System Architecture that separates system functionality into Hierarchical layers
Bell-LaPadula Model
A Layered Operating System Architecure
An abstract machine
The Strong star property rule
3. Based on a known address with an offset value applied.
Logical addresses
Absolute addresses
Sensitivity labels
Relative Addresses
4. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The Trusted Computing Base (TCB)
Life Cycle Assurance Requirement
Orange Book C
Prevent secret information from being accessed
5. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Evaluated separately
The "No write Down" Rule
Identification - Orange Book
Trusted Distribution
6. A Policy based control. All objects and systems have a sensitivity level assigned to them
Overt channel
Constrained
Mandatory Access Control (MAC)
International Standard 15408
7. The Reserved hard drive space used to to extend RAM capabilites.
Orange Book interpretations
Division B - Mandatory Protection Architecture
Swap Space
Continuous protection - O/B
8. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
A security domain
'Dominate'
Invocation Property
Isolate processes
9. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Swap Space
Security mechanisms and evalautes their effectivenes
The Integrity of data within applications
Accountability - Orange Book
10. What are the components of an object's sensitivity label?
The Tranqulity principle (The Bell-LaPadula Model)
Storage and timing
Cache Memory
A single classification and a Compartment Set
11. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The security perimeter
B1 - Labeled Security rating
Security rating B
B2
12. TCSEC provides a means to evaluate ______________________.
Assigned labels
The trustworthiness of an information system
Orange Book - D
Mandatory access control
13. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Secondary Storage
System High Security Mode
The security perimeter
14. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
All Mandatory Access Control (MAC) systems
The Security Kernel
Swap Space
Disclosure of residual data
15. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
Accreditation
Orange Book C
Controlling unauthorized downgrading of information
16. In access control terms - the word "dominate" refers to ___________.
Reduced Instruction Set Computers (RISC)
Attributable - original - accurate - contemporaneous and legible
Higher or equal to access class
Orange Book ratings
17. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Files - directories and devices
Implement software or systems in a production environment
C1 - Discrection Security Protection is a type of environment
Division B - Mandatory Protection
18. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Dominate the object's sensitivity label
Orange Book - A1
B3
C2 - Controlled Access Protection
19. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Types of covert channels
First evaluation class
NOT Integrity
20. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
In C2 - Controlled Access Protection environment
Highly secure systems (B2 - B3 and A1)
The security perimeter
21. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Totality of protection mechanisms
The Common Criteria
Programmable Read-Only Memory (PROM)
Pipelining
22. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Trusted hardware - Software and Firmware
Division B - Mandatory Protection Architecture
A1 - Rating
Storage and timing
23. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Prohibits
A single classification and a Compartment Set
Reduced Instruction Set Computers (RISC)
24. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
NOT Integrity
A1
25. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Process isolation
Prohibits
Virtual storage
Stored in Reak Memory
26. I/O drivers and utilities
Prevent secret information from being accessed
B2 - Structured Protection
Examples of Layered Operating Systems
Ring 2
27. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Indexed addressing
Programmable Read-Only Memory (PROM)
B2 rating
A and B
28. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Higher or equal to access class
System High Security Mode
Absolute addresses
The Rule is talking about writing
29. Happen because input data is not checked for appropriate length at time of input
C2 - Controlled Access Protection
Buffer overflows
Storage and timing
Assigned labels
30. Which describe a condition when RAM and Secondary storage are used together?
Types of covert channels
Division B - Mandatory Protection
Government and military applications
Virtual storage
31. When the address location that is specified in the program instruction contains the address of the final desired location.
The security kernel
Implement software or systems in a production environment
Indirect addressing
Direct addressing
32. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Primary storage
A security kernel
Division B - Mandatory Protection Architecture
C2 - Controlled Access Protection
33. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Clark-Wilson Model
The *-Property rule (Star property)
Basic Security Theorem (used in computer science) definition
Indexed addressing
34. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Accreditation
Division B - Mandatory Protection Architecture
Orange Book - A1
35. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Ring 3
C2
An abstract machine
36. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Orange Book C
Access Matrix model
*-Integrity Axiom
Secondary Storage
37. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. Applications and user activity
Subject to Object Model
Ring 3
Fail safe
Its classification label (Top Secret - Secret or confidential)
39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Controlling unauthorized downgrading of information
Orange Book - B3
The Red Book
Compare the security labels
40. What model use an access control triples and requires that the system maintain separation of duty ?
The Clark Wilson integrity model
B2
Complex Instruction Set Computers (CISC)
Clark-Wilson
41. Mediates all access and Functions between subjects and objects.
Invocation Property
Most commonly used approach
Ring 3
The Security Kernel
42. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
D
Pipelining
Fail safe
43. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Documentation - Orange Book
Orange Book ratings
Direct Addressing
Protection Rings Support
44. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
An abstract machine
Administrative declaration
Dedicated Security Mode
45. Trusted facility management is an assurance requirement only for ________________.
Operational assurance requirements
Compare the security labels
Highly secure systems (B2 - B3 and A1)
Most commonly used approach
46. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Integrity
Need-to-know
Security Policy - Orange Book
The Thread (memory Management)
47. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
C1 - Discretionary Security Protection
Certification
Security Policy is clearly defined and documented
Be protected from modification
48. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Life Cycle Assurance Requirement
Bell-LaPadula Model
Multilevel Security Policies
Dedicated Security Mode
49. Access control labels must be associated properly with objects.
Physical security
Division B - Mandatory Protection Architecture
A single classification and a Compartment Set
Labels - Orange Book
50. What prevents a process from accessing another process' data?
Process isolation
A security domain
The Common Criteria
Polyinstantiation
