SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Operational assurance requirements
Direct addressing
Programmable Read-Only Memory (PROM)
attributability
3. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
No write down
The reference monitor
The security perimeter
4. TCB contains The Security Kernel and all ______________.
Direct addressing
Attributable data
Access control to the objects by the subjects
security protection mechanisms
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
A Domain
Certification
Operational assurance requirements
Its Clearance Label (Top Secret - Secret - or Confidential)
6. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
Security Policy
A Domain
State machine model
7. A domain of trust that shares a single security policy and single management
A security domain
Trusted hardware - Software and Firmware
The security perimeter
C2 - Controlled Access Protection
8. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Higher or equal to access class
Life-cycle assurance - O/B
The "No read Up" rule
State machine model
9. When a portion of primary memory is accessed by specifying the actual address of the memory location
Division C - Discretionary Protection
Ring 2
Direct addressing
Secondary Storage
10. System Architecture that separates system functionality into Hierarchical layers
The Security Kernel
'Dominate'
Multiprocessing
A Layered Operating System Architecure
11. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Secondary Storage
C2
The *-Property rule (Star property)
Totality of protection mechanisms
12. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Dominate the object's sensitivity label
Controlling unauthorized downgrading of information
State machine model
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
13. The Physical memory address that the CPU uses
Absolute addresses
Primary storage
Accountability - Orange Book
Division D - Minimal Protection
14. The Indexed memory addresses that software uses
Execution Domain
Programmable Read-Only Memory (PROM)
C2 - Controlled Access Protection
Logical addresses
15. Another word for Primary storage and distinguishes physical memory from virtual memory.
Virtual storage
Real storage
Swap Space
Multiprocessing
16. Minimal Security
The Tranqulity principle (The Bell-LaPadula Model)
Erasable and Programmable Read-Only Memory (EPROM)
The National Computer Security Center (NCSC)
Orange Book - D
17. Execute one instruction at a time.
Orange Book interpretations
The Evaluated Products List (EPL) with their corresponding rating
Scalar processors
Indirect addressing
18. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
'Dominate'
Physical security
The National Computer Security Center (NCSC)
Complex Instruction Set Computers (CISC)
19. Data in Cache can be accessed much more quickly than Data
Process isolation
No read down
Stored in Reak Memory
Trusted Network Interpretation (TNI)
20. What access control technique is also known as multilevel security?
Types of covert channels
Mandatory access control
Virtual storage
The Clark Wilson integrity model
21. Verification Protection
Physical security
The Security Kernel
Orange Book A
*-Integrity Axiom
22. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Ring 3
Clark-Wilson Model
Access Matrix model
23. Used by Windows systems to reserve the "Swap Space"
No read down
Pagefile.sys file
Totality of protection mechanisms
B3
24. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Clark-Wilson Model
Division D - Minimal Protection
Process isolation
B1 - Labeled Security rating
25. As per FDA data should be ______________________________.
Division C - Discretionary Protection
All Mandatory Access Control (MAC) systems
attributability
Attributable - original - accurate - contemporaneous and legible
26. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Attributable data
Isolate processes
Totality of protection mechanisms
27. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
The Trusted Computing Base (TCB)
A Limit Register (Memory Management)
Orange Book ratings
State machine model
28. Based on a known address with an offset value applied.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C1 - Discrection Security Protection is a type of environment
Relative Addresses
A1
29. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Multilevel Security Policies
The Common Criteria
Security Policy - Orange Book
A Thread
30. What does the simple integrity axiom mean in the Biba model?
No read down
Security Policy - Orange Book
Physical security
Relative Addresses
31. A Policy based control. All objects and systems have a sensitivity level assigned to them
Mandatory Access Control (MAC)
The Integrity of data within applications
Swap Space
Orange Book - D
32. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
B3 - Rating
Swap Space
The Strong star property rule
33. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Stored in Reak Memory
Multilevel Security Policies
Dominate the object's sensitivity label
Mandatory Access Control (MAC)
34. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Security Policy is clearly defined and documented
B1 - Labeled Security
An abstract machine
Overt channel
35. Intended for environments that require systems to handle classified data.
Orange Book ratings
B1 - Labeled Security rating
Cache Memory
Access control to the objects by the subjects
36. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
A and B
Security Policy - Orange Book
Access control to the objects by the subjects
Isolate processes
37. Which in the Orange Book ratings represents the highest level of trust?
Physical security
A and B
B2
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
38. Mandatory Access requires that _____________ be attached to all objects.
B1
An abstract machine
Execution Domain
Sensitivity labels
39. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
B3
The Evaluated Products List (EPL) with their corresponding rating
The Security Kernel
40. Access control labels must be associated properly with objects.
Bell-LaPadula Model
Trusted hardware - Software and Firmware
Labels - Orange Book
Sensitivity labels
41. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The Thread (memory Management)
Most commonly used approach
Continuous protection - O/B
Logical addresses
42. Should always trace to individuals responsible for observing and recording the data
Implement software or systems in a production environment
The rule is talking about "Reading"
A lattice of Intergrity Levels
Attributable data
43. What are the components of an object's sensitivity label?
The Red Book
C2 - Controlled Access Protection
A single classification and a Compartment Set
Indirect addressing
44. Individual subjects must be uniquely identified.
Identification - Orange Book
Firmware
Covert channels
The Rule is talking about writing
45. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Firmware
Enforces the rules
Physical security
The security kernel
46. Applications and user activity
Clark-Wilson Model
Ring 3
Disclosure of residual data
Cache Memory
47. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
No read up
Its Clearance Label (Top Secret - Secret - or Confidential)
Orange Book interpretations
48. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Physical security
NOT Integrity
Isolate processes
Bell-LaPadula Model
49. The assignment of a specific individual to administer the security-related functions of a system.
The Rule is talking about writing
Clark-Wilson Model
Trusted facility management
The Integrity of data within applications
50. A system uses the Reference Monitor to ___________________ of a subject and an object?
Virtual storage
Compare the security labels
Trusted Network Interpretation (TNI)
B1
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests