SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the Bell-LaPadula Model the Object's Label contains ___________________.
Access Matrix model
Buffer (temporary data storage area)
Security Policy - Orange Book
Its classification label (Top Secret - Secret or confidential)
2. According to the Orange Book - trusted facility management is not required for which security levels?
Need-to-know
B1
B3
A Base Register (Memory Management)
3. What is called the formal acceptance of the adequacy of a system's overall security by management?
No write down
Multitasking
Implement software or systems in a production environment
Accreditation
4. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
The reference monitor
Virtual storage
The Red Book
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Thrashing
Its Clearance Label (Top Secret - Secret - or Confidential)
Disclosure of residual data
Division D - Minimal Protection
6. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
C2 - Controlled Access Protection
The Strong star property rule
Controls the checks
B2 - Structured Protection
7. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Absolute addresses
Labels - Orange Book
A1 - Rating
8. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security perimeter
C2 - Controlled Access Protection
Orange Book interpretations
The security kernel
9. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Fail safe
Life-cycle assurance - O/B
The Trusted Computing Base (TCB)
Orange Book interpretations
10. TCB contains The Security Kernel and all ______________.
Examples of Layered Operating Systems
security protection mechanisms
The reference monitor
System High Security Mode
11. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Indexed addressing
No read down
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Evaluated separately
12. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Files - directories and devices
Virtual storage
Absolute addresses
13. What does the simple security (ss) property mean in the Bell-LaPadula model?
Disclosure of residual data
Files - directories and devices
No read up
Life-cycle assurance - O/B
14. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A lattice of Intergrity Levels
Swap Space
Orange Book - A1
15. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
Most commonly used approach
Basic Security Theorem (used in computer science) definition
A1
16. All users have a clearance for and a formal need to know about - all data processed with the system.
Protection Rings Support
C2 - Controlled Access Protection
Dedicated Security Mode
Administrative declaration
17. A set of objects that a subject is able to access
Division B - Mandatory Protection Architecture
A Domain
Division C - Discretionary Protection
Division D - Minimal Protection
18. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Attributable data
Life-cycle assurance - O/B
Controls the checks
19. Operating System Kernel
Invocation Property
Constrained
Ring 0
Orange Book A
20. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
C2
Mandatory access control
The "No write Down" Rule
Orange Book - B2
21. What does the * (star) property mean in the Bell-LaPadula model?
Pagefile.sys file
No write down
Discretionary Security Property (ds-property)
A security domain
22. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Erasable and Programmable Read-Only Memory (EPROM)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book B
Simple Security Rule
23. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Highly secure systems (B2 - B3 and A1)
Identification - Orange Book
Division C - Discretionary Protection
Dominate the object's sensitivity label
24. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Accountability - Orange Book
The security kernel
Attributable data
B3 - Security Domains
25. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
Models concerned with integrity
Execution Domain
Primary storage
26. As per FDA data should be ______________________________.
Ring 0
The Tranqulity principle (The Bell-LaPadula Model)
Attributable - original - accurate - contemporaneous and legible
The Rule is talking about writing
27. Involves sharing the processor amoung all ready processes
Multitasking
Logical addresses
Isolate processes
Attributable - original - accurate - contemporaneous and legible
28. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
NOT Integrity
The National Computer Security Center (NCSC)
Pagefile.sys file
Direct Addressing
29. Contains the ending address
B3 - Security Domains
Orange Book - B1
Multilevel Security Policies
A Limit Register (Memory Management)
30. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
The Red Book
The "No write Down" Rule
A and B
31. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Simple Security Rule
Process isolation
The Evaluated Products List (EPL) with their corresponding rating
Trusted Distribution
32. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
33. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Swap Space
C2 - Controlled Access Protection
Division D - Minimal Protection
34. Contains an Address of where the instruction and dara reside that need to be processed.
Higher or equal to access class
Buffer overflows
The Thread (memory Management)
Thrashing
35. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Division D - Minimal Protection
Constrained
A1
Disclosure of residual data
36. Contains the beginning address
A Base Register (Memory Management)
Accreditation
Security mechanisms and evalautes their effectivenes
Files - directories and devices
37. Mediates all access and Functions between subjects and objects.
A Thread
The Security Kernel
A security kernel
Assigned labels
38. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Primary storage
Labels - Orange Book
Isolate processes
39. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Orange Book B
B2 rating
Security mechanisms and evalautes their effectivenes
C2 - Controlled Access Protection
40. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Relative Addresses
Orange Book - A1
Security Policy is clearly defined and documented
Types of covert channels
41. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Constrained
Implement software or systems in a production environment
Division B - Mandatory Protection
Trusted Distribution
42. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Simple Integrity Axiom
Subject to Object Model
No write down
The reference monitor
43. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
The "No read Up" rule
Swap Space
Physical security
attributability
44. The Simple Security rule is refered to as______________.
The "No read Up" rule
C2
Orange Book B
The National Computer Security Center (NCSC)
45. The Biba Model adresses _____________________.
B3 - Security Domains
The Integrity of data within applications
Prohibits
The Clark Wilson integrity model
46. What are the components of an object's sensitivity label?
The Biba Model
A single classification and a Compartment Set
Controlling unauthorized downgrading of information
The Thread (memory Management)
47. Based on a known address with an offset value applied.
Erasable and Programmable Read-Only Memory (EPROM)
Relative Addresses
Physical security
Orange Book - D
48. When the contents of the address defined in the program's instruction is added to that of an index register.
Mandatory access control
Indexed addressing
A1
Swap Space
49. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
B2 - Structured Protection
A security kernel
Real storage
50. Which would be designated as objects on a MAC system?
Clark-Wilson
C1
Files - directories and devices
Highly secure systems (B2 - B3 and A1)
