SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Operating System Kernel
Be protected from modification
Ring 0
Stored in Reak Memory
C2 - Controlled Access Protection
2. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Orange Book C
A Base Register (Memory Management)
Evaluated separately
Trusted facility management
3. The Bell-LaPadula Model is a _______________.
NOT Integrity
B3 - Security Domains
The security perimeter
Subject to Object Model
4. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
In C2 - Controlled Access Protection environment
Access Matrix model
Totality of protection mechanisms
Bell-LaPadula Model
5. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Labels - Orange Book
Totality of protection mechanisms
The Security Kernel
System High Security Mode
6. Individual subjects must be uniquely identified.
Bell-LaPadula Model
Identification - Orange Book
Implement software or systems in a production environment
Accountability - Orange Book
7. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Prevent secret information from being accessed
Controlling unauthorized downgrading of information
Sensitivity labels
8. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
B2
Government and military applications
Continuous protection - O/B
Access Matrix model
9. A system uses the Reference Monitor to ___________________ of a subject and an object?
Subject to Object Model
A and B
Compare the security labels
Need-to-know
10. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
The *-Property rule (Star property)
Fail safe
B3
11. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Clark-Wilson Model
C1
Orange Book - B1
Discretionary Security Property (ds-property)
12. The Physical memory address that the CPU uses
A Domain
Absolute addresses
Fail safe
Orange Book - A1
13. Execute one instruction at a time.
Scalar processors
The trustworthiness of an information system
attributability
Reduced Instruction Set Computers (RISC)
14. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Orange Book - D
Be protected from modification
No read up
Identification - Orange Book
15. Which is a straightforward approach that provides access rights to subjects for objects?
The security kernel
Access Matrix model
Invocation Property
Trusted Products Evaluation Program (TPEP)
16. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Thrashing
TCB (Trusted Computing Base)
Cache Memory
Orange Book ratings
17. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Orange Book ratings
All Mandatory Access Control (MAC) systems
Implement software or systems in a production environment
Fail safe
18. A domain of trust that shares a single security policy and single management
Discretionary Security Property (ds-property)
A security domain
Highly secure systems (B2 - B3 and A1)
A Domain
19. Which increases the performance in a computer by overlapping the steps of different instructions?
Enforces the rules
Pipelining
B3
Prohibits
20. The Reserved hard drive space used to to extend RAM capabilites.
A Layered Operating System Architecure
Clark-Wilson
First evaluation class
Swap Space
21. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Enforces the rules
Operational assurance requirements
State machine model
Certification
22. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
NOT Integrity
Security Policy
The Rule is talking about writing
23. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Division D - Minimal Protection
The Strong star property rule
Accreditation
24. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Pagefile.sys file
Access control to the objects by the subjects
Security Policy is clearly defined and documented
B3 - Rating
25. The Biba Model adresses _____________________.
The Integrity of data within applications
Primary storage
Documentation - Orange Book
An abstract machine
26. What access control technique is also known as multilevel security?
Mandatory access control
The reference monitor
D
Overt channel
27. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
The Red Book
Models concerned with integrity
security protection mechanisms
The Biba Model
28. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Controlling unauthorized downgrading of information
Division C - Discretionary Protection
C2
Clark-Wilson
29. Which TCSEC level first addresses object reuse?
In C2 - Controlled Access Protection environment
C2
Ring 3
No read down
30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Mandatory Access Control (MAC)
A Domain
Trusted Distribution
The Rule is talking about writing
31. Which uses Protection Profiles and Security Targets?
First evaluation class
International Standard 15408
Reduced Instruction Set Computers (RISC)
Accreditation
32. TCB contains The Security Kernel and all ______________.
Division D - Minimal Protection
B2
Mandatory access control
security protection mechanisms
33. Which in the Orange Book ratings represents the highest level of trust?
B2
Programmable Read-Only Memory (PROM)
The "No read Up" rule
Overt channel
34. What does the Clark-Wilson security model focus on
Buffer overflows
Virtual storage
Integrity
Multilevel Security Policies
35. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Operational assurance requirements
The security perimeter
The Tranqulity principle (The Bell-LaPadula Model)
Administrative declaration
36. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
NOT Integrity
Trusted hardware - Software and Firmware
Relative Addresses
37. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Examples of Layered Operating Systems
Secondary Storage
Division C - Discretionary Protection
38. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy is clearly defined and documented
Security Policy - Orange Book
D
Discretionary Security Property (ds-property)
39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
attributability
The Red Book
A lattice of Intergrity Levels
Covert channels
40. When a vendor submits a product for evaluation - it submits it to the ____________.
Most commonly used approach
Multilevel Security Policies
Division B - Mandatory Protection
The National Computer Security Center (NCSC)
41. Permits a database to have two records that are identical except for Their classifications
A Domain
Prevent secret information from being accessed
Trusted Distribution
Polyinstantiation
42. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Compare the security labels
Identification - Orange Book
Multiprocessing
43. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
No read up
C1 - Discrection Security Protection is a type of environment
Covert channels
Orange Book - A1
44. A subject at a given clearance may not read an object at a higher classification
A security domain
Accreditation
Security rating B
The Simple Security Property
45. When a portion of primary memory is accessed by specifying the actual address of the memory location
C1
Orange Book B
Direct addressing
Isolate processes
46. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
The National Computer Security Center (NCSC)
Programmable Read-Only Memory (PROM)
Ring 3
First evaluation class
47. The Orange book does NOT Cover ________________ - And Database management systems
Process isolation
Networks and Communications
Access control to the objects by the subjects
D
48. Another word for Primary storage and distinguishes physical memory from virtual memory.
Mandatory access control
Controlling unauthorized downgrading of information
The National Computer Security Center (NCSC)
Real storage
49. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
The "No write Down" Rule
An abstract machine
B1 - Labeled Security
Controlling unauthorized downgrading of information
50. Mediates all access and Functions between subjects and objects.
State machine model
Polyinstantiation
Disclosure of residual data
The Security Kernel
