SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The combination of RAM - Cache and the Processor Registers
Orange Book A
The Strong star property rule
Orange Book - A1
Primary storage
2. Documentation must be provided - including test - design - and specification document - user guides and manuals
Orange Book - B1
Documentation - Orange Book
Attributable data
B3 - Security Domains
3. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Multiprocessing
C2 - Controlled Access Protection
The Tranqulity principle (The Bell-LaPadula Model)
Attributable data
4. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Assigned labels
Mandatory Access Control (MAC)
Government and military applications
Constrained
5. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Bell-LaPadula Model
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The rule is talking about "Reading"
6. Happen because input data is not checked for appropriate length at time of input
Trusted facility management
Identification - Orange Book
First evaluation class
Buffer overflows
7. What model use an access control triples and requires that the system maintain separation of duty ?
Access control to the objects by the subjects
Models concerned with integrity
Clark-Wilson
The Security Kernel
8. The security kernel is the mechanism that _____________ of the reference monitor concept.
Swap Space
Models concerned with integrity
Enforces the rules
B3
9. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Virtual Memory
C2 - Controlled Access Protection
Higher or equal to access class
Administrative declaration
10. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
A single classification and a Compartment Set
The *-Property rule (Star property)
Orange Book - B2
C2 - Controlled Access Protection
11. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Controlling unauthorized downgrading of information
Security Policy is clearly defined and documented
A Thread
The Common Criteria
12. Which Orange Book evaluation level is described as "Verified Design"?
A1
C2 - Controlled Access Protection
Logical addresses
The security perimeter
13. A set of objects that a subject is able to access
A Domain
Sensitivity labels
The "No read Up" rule
Ring 1
14. A type of memory used for High-speed writing and reading activities.
The Biba Model
Trusted Network Interpretation (TNI)
Cache Memory
The trustworthiness of an information system
15. When a vendor submits a product for evaluation - it submits it to the ____________.
A and B
The National Computer Security Center (NCSC)
Erasable and Programmable Read-Only Memory (EPROM)
Virtual Memory
16. What does the simple security (ss) property mean in the Bell-LaPadula model?
Storage and timing
Stored in Reak Memory
No read up
A1
17. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Subject to Object Model
Operational assurance requirements
All Mandatory Access Control (MAC) systems
Life-cycle assurance - O/B
18. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Types of covert channels
Security Policy - Orange Book
A single classification and a Compartment Set
Implement software or systems in a production environment
19. When the RAM and secondary storage are combined the result is __________.
B2 rating
Scalar processors
Virtual Memory
The Clark Wilson integrity model
20. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Absolute addresses
Prohibits
Totality of protection mechanisms
Real storage
21. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
The "No write Down" Rule
Trusted hardware - Software and Firmware
Stored in Reak Memory
22. Contains the ending address
Attributable data
Orange Book - A1
A Limit Register (Memory Management)
The security kernel
23. A system uses the Reference Monitor to ___________________ of a subject and an object?
The TCSEC - Aka Orange Book
Protection Rings Support
Compare the security labels
Continuous protection - O/B
24. The Biba Model adresses _____________________.
The Integrity of data within applications
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The National Computer Security Center (NCSC)
Documentation - Orange Book
25. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Models concerned with integrity
'Dominate'
C2 - Controlled Access Protection
Multilevel Security Policies
26. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
Multiprocessing
Files - directories and devices
The Strong star property rule
27. The Orange book requires protection against two_____________ - which are these Timing and Storage
B1 - Labeled Security rating
Types of covert channels
A1
Trusted Distribution
28. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Administrative declaration
B1 - Labeled Security rating
The reference monitor
The security perimeter
29. Should always trace to individuals responsible for observing and recording the data
Thrashing
Attributable data
The reference monitor
C2
30. The Physical memory address that the CPU uses
Accountability - Orange Book
Absolute addresses
Files - directories and devices
security protection mechanisms
31. All users have a clearance for and a formal need to know about - all data processed with the system.
Fail safe
Life-cycle assurance - O/B
Dedicated Security Mode
Constrained
32. Discretionary protection
Orange Book C
The TCSEC - Aka Orange Book
International Standard 15408
Clark-Wilson
33. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Types of covert channels
The Evaluated Products List (EPL) with their corresponding rating
Subject to Object Model
Division C - Discretionary Protection
34. Audit data must be captured and protected to enforce accountability
B3
Real storage
Polyinstantiation
Accountability - Orange Book
35. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. System Architecture that separates system functionality into Hierarchical layers
A single classification and a Compartment Set
security protection mechanisms
Stored in Reak Memory
A Layered Operating System Architecure
37. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Networks and Communications
Stored in Reak Memory
B3 - Rating
Security rating B
38. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Orange Book - A1
Trusted facility management
A1 - Rating
Mandatory access control
39. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
The "No write Down" Rule
Accountability - Orange Book
Security Policy
Continuous protection - O/B
40. Succesfully Evaluated products are placed on?
Identification - Orange Book
The Evaluated Products List (EPL) with their corresponding rating
Isolate processes
First evaluation class
41. The Bell-LaPadula model Subjects and Objects are ___________.
Operational assurance requirements
Assigned labels
Government and military applications
System High Security Mode
42. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
Dedicated Security Mode
The Integrity of data within applications
Accreditation
43. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Isolate processes
The security perimeter
Direct Addressing
Stored in Reak Memory
44. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Trusted Products Evaluation Program (TPEP)
Trusted facility management
Accreditation
45. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Higher or equal to access class
NOT Integrity
B1
Implement software or systems in a production environment
46. What prevents a process from accessing another process' data?
International Standard 15408
Process isolation
The security kernel
Invocation Property
47. Mediates all access and Functions between subjects and objects.
The Security Kernel
C2 - Controlled Access Protection
Operational assurance requirements
Overt channel
48. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Direct Addressing
Division D - Minimal Protection
B3
Multiprocessing
49. Simpler instructions that require fewer clock cycles to execute.
Access control to the objects by the subjects
A Base Register (Memory Management)
Reduced Instruction Set Computers (RISC)
An abstract machine
50. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
B3
The "No read Up" rule
C2
Complex Instruction Set Computers (CISC)