Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Discretionary protection






2. Which uses Protection Profiles and Security Targets?






3. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






4. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






5. A subject at a given clearance may not read an object at a higher classification






6. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






7. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






8. Users need to be Identified individually to provide more precise acces control and auditing functionality.






9. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






10. When a portion of primary memory is accessed by specifying the actual address of the memory location






11. The Biba Model adresses _____________________.






12. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






13. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






14. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






15. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






16. The C2 evaluation class of the _________________ offers controlled access protection.






17. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






18. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






19. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






20. Mandatory Access requires that _____________ be attached to all objects.






21. Involves sharing the processor amoung all ready processes






22. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






23. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






24. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






25. Permits a database to have two records that are identical except for Their classifications






26. I/O drivers and utilities






27. A set of objects that a subject is able to access






28. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






29. The Bell-LaPadula Model is a _______________.






30. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






31. Audit data must be captured and protected to enforce accountability






32. Contains an Address of where the instruction and dara reside that need to be processed.






33. The Orange book does NOT Cover ________________ - And Database management systems






34. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






35. Which TCSEC level first addresses object reuse?






36. What does the simple security (ss) property mean in the Bell-LaPadula model?






37. Operating System Kernel






38. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






39. When a computer uses more than one CPU in parallel to execute instructions is known as?






40. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






41. Which Orange Book evaluation level is described as "Verified Design"?






42. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






43. Contains the ending address






44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






45. When a vendor submits a product for evaluation - it submits it to the ____________.






46. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






47. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






48. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






49. When the RAM and secondary storage are combined the result is __________.






50. Used by Windows systems to reserve the "Swap Space"







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests