SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
The Security Kernel
C2 - Controlled Access Protection
Access Matrix model
D
2. Each data object must contain a classification label and each subject must have a clearance label.
C2 - Controlled Access Protection
Identification - Orange Book
The Monolithic Operation system Architecture
B1 - Labeled Security
3. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Reduced Instruction Set Computers (RISC)
Assigned labels
C2
International Standard 15408
4. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Access Matrix model
Highly secure systems (B2 - B3 and A1)
Orange Book ratings
B3
5. Which uses Protection Profiles and Security Targets?
Security Policy
Operational assurance requirements
International Standard 15408
security protection mechanisms
6. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Multitasking
Security mechanisms and evalautes their effectivenes
Evaluated separately
Dedicated Security Mode
7. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Orange Book - D
Totality of protection mechanisms
The security kernel
The Integrity of data within applications
8. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Accreditation
Files - directories and devices
Prohibits
9. Data in Cache can be accessed much more quickly than Data
A Base Register (Memory Management)
Dominate the object's sensitivity label
Virtual storage
Stored in Reak Memory
10. Contains the ending address
A Domain
The TCSEC - Aka Orange Book
A Limit Register (Memory Management)
Enforces the rules
11. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
C2
Division C - Discretionary Protection
Bell-LaPadula Model
Examples of Layered Operating Systems
12. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Orange Book A
Division D - Minimal Protection
Cache Memory
Continuous protection - O/B
13. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Accountability - Orange Book
C1 - Discrection Security Protection is a type of environment
Virtual storage
14. Contains an Address of where the instruction and dara reside that need to be processed.
Indexed addressing
The Thread (memory Management)
The Clark Wilson integrity model
Trusted Products Evaluation Program (TPEP)
15. Which increases the performance in a computer by overlapping the steps of different instructions?
Stored in Reak Memory
Pipelining
Multiprocessing
Security Policy - Orange Book
16. Permits a database to have two records that are identical except for Their classifications
Constrained
A1
The rule is talking about "Reading"
Polyinstantiation
17. Used by Windows systems to reserve the "Swap Space"
Trusted Distribution
Pagefile.sys file
Overt channel
Scalar processors
18. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Pagefile.sys file
The rule is talking about "Reading"
C2
Constrained
19. Another word for Primary storage and distinguishes physical memory from virtual memory.
Identification - Orange Book
Real storage
Accountability - Orange Book
Division B - Mandatory Protection Architecture
20. The Orange book requires protection against two_____________ - which are these Timing and Storage
Ring 3
Orange Book - B2
Types of covert channels
Scalar processors
21. The Physical memory address that the CPU uses
The Security Kernel
Absolute addresses
Accountability - Orange Book
Dedicated Security Mode
22. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Orange Book B
Trusted Network Interpretation (TNI)
Implement software or systems in a production environment
23. Applications and user activity
Ring 3
The National Computer Security Center (NCSC)
Ring 2
Orange Book ratings
24. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Security Policy is clearly defined and documented
Simple Integrity Axiom
Orange Book - B1
Trusted Products Evaluation Program (TPEP)
25. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
All Mandatory Access Control (MAC) systems
Virtual Memory
C1 - Discretionary Security Protection
26. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Swap Space
Orange Book interpretations
B1 - Labeled Security
Trusted facility management
27. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Attributable - original - accurate - contemporaneous and legible
Covert channels
Firmware
Swap Space
28. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Reduced Instruction Set Computers (RISC)
Division B - Mandatory Protection Architecture
B1 - Labeled Security
29. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Ring 0
The security perimeter
The security kernel
30. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Need-to-know
Stored in Reak Memory
Models concerned with integrity
The National Computer Security Center (NCSC)
31. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Complex Instruction Set Computers (CISC)
Logical addresses
Execution Domain
Buffer (temporary data storage area)
32. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Stored in Reak Memory
B1 - Labeled Security
Dedicated Security Mode
33. When the contents of the address defined in the program's instruction is added to that of an index register.
Ring 0
The "No read Up" rule
Indexed addressing
Subject to Object Model
34. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Virtual storage
Process isolation
An abstract machine
35. The Bell-LaPadula Model is a _______________.
Discretionary Security Property (ds-property)
Subject to Object Model
Life Cycle Assurance Requirement
D
36. Minimal Security
Ring 2
B1 - Labeled Security rating
Orange Book - D
Protection Rings Support
37. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
No read down
State machine model
The reference monitor
Be protected from modification
38. When the RAM and secondary storage are combined the result is __________.
Mandatory Access Control (MAC)
Virtual Memory
The rule is talking about "Reading"
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
39. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Invocation Property
Isolate processes
Orange Book ratings
40. Operating System Kernel
Ring 0
Multiprocessing
Access control to the objects by the subjects
Most commonly used approach
41. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
C2 - Controlled Access Protection
Basic Security Theorem (used in computer science) definition
The Security Kernel
Covert channels
42. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Reduced Instruction Set Computers (RISC)
International Standard 15408
*-Integrity Axiom
Primary storage
43. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Prohibits
Need-to-know
The security kernel
A security kernel
44. Mandatory Access requires that _____________ be attached to all objects.
Ring 3
A security domain
Sensitivity labels
Prohibits
45. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
The security kernel
All Mandatory Access Control (MAC) systems
Ring 3
Highly secure systems (B2 - B3 and A1)
46. Which would be designated as objects on a MAC system?
Files - directories and devices
Operational assurance requirements
C2 - Controlled Access Protection
Mandatory Access Control (MAC)
47. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Orange Book - B3
D
Life Cycle Assurance Requirement
B1
48. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
C1 - Discrection Security Protection is a type of environment
In C2 - Controlled Access Protection environment
Security Policy - Orange Book
49. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Files - directories and devices
Attributable - original - accurate - contemporaneous and legible
An abstract machine
The trustworthiness of an information system
50. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Division B - Mandatory Protection Architecture
Life Cycle Assurance Requirement
C2
Thrashing
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests