SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What prevents a process from accessing another process' data?
Government and military applications
C2
Its classification label (Top Secret - Secret or confidential)
Process isolation
2. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Orange Book interpretations
B3
Multiprocessing
Totality of protection mechanisms
3. A system uses the Reference Monitor to ___________________ of a subject and an object?
Its classification label (Top Secret - Secret or confidential)
Indexed addressing
Trusted hardware - Software and Firmware
Compare the security labels
4. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Bell-LaPadula Model
Thrashing
Administrative declaration
The Biba Model
5. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
A Domain
Multiprocessing
The Strong star property rule
The security kernel
6. The Security Model Incorporates the ____________ that should be enforced in the system.
C1
System High Security Mode
Security Policy
B2
7. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Complex Instruction Set Computers (CISC)
C2 - Controlled Access Protection
The *-Property rule (Star property)
8. System Architecture that separates system functionality into Hierarchical layers
Orange Book B
A Layered Operating System Architecure
Constrained
Government and military applications
9. Verification Protection
B2 - Structured Protection
Multilevel Security Policies
Orange Book A
Examples of Layered Operating Systems
10. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
attributability
Examples of Layered Operating Systems
The Common Criteria
Dedicated Security Mode
11. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Ring 2
Documentation - Orange Book
Multilevel Security Policies
12. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
B1 - Labeled Security
A single classification and a Compartment Set
Prohibits
Life-cycle assurance - O/B
13. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Stored in Reak Memory
C2 - Controlled Access Protection
D
C2 - Controlled Access Protection
14. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Access control to the objects by the subjects
Dedicated Security Mode
attributability
No read up
15. Contains an Address of where the instruction and dara reside that need to be processed.
B2 - Structured Protection
C1 - Discretionary Security Protection
The Thread (memory Management)
Government and military applications
16. The Physical memory address that the CPU uses
The Red Book
Division C - Discretionary Protection
Absolute addresses
C1
17. Used by Windows systems to reserve the "Swap Space"
Simple Security Rule
The trustworthiness of an information system
Pagefile.sys file
Attributable data
18. According to the Orange Book - trusted facility management is not required for which security levels?
Security Policy is clearly defined and documented
Firmware
Basic Security Theorem (used in computer science) definition
B1
19. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Programmable Read-Only Memory (PROM)
No write down
B1 - Labeled Security rating
B3
20. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
A Domain
Controls the checks
Pipelining
State machine model
21. A type of memory used for High-speed writing and reading activities.
The Clark Wilson integrity model
Cache Memory
Networks and Communications
B2
22. Each data object must contain a classification label and each subject must have a clearance label.
*-Integrity Axiom
B1 - Labeled Security
A Limit Register (Memory Management)
Controls the checks
23. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The Red Book
Division B - Mandatory Protection Architecture
All Mandatory Access Control (MAC) systems
Buffer overflows
24. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
No read down
Direct Addressing
Models concerned with integrity
B3 - Rating
25. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Polyinstantiation
TCB (Trusted Computing Base)
Covert channels
Direct Addressing
26. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
State machine model
Fail safe
Integrity
Controlling unauthorized downgrading of information
27. In the Bell-LaPadula Model the Subject's Label contains ___________________.
The Common Criteria
Its Clearance Label (Top Secret - Secret - or Confidential)
Certification
B1
28. In the Bell-LaPadula Model the Object's Label contains ___________________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Identification - Orange Book
Need-to-know
Its classification label (Top Secret - Secret or confidential)
29. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
The Common Criteria
Real storage
Models concerned with integrity
30. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Real storage
Orange Book C
Accreditation
31. Mandatory access control is enfored by the use of security labels.
The Trusted Computing Base (TCB)
Security rating B
Division B - Mandatory Protection
A Thread
32. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
33. Applications and user activity
Ring 3
The Integrity of data within applications
Clark-Wilson
B3
34. The *-Property rule is refered to as ____________.
C2 - Controlled Access Protection
The Security Kernel
The "No write Down" Rule
Clark-Wilson
35. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Networks and Communications
Execution Domain
Erasable and Programmable Read-Only Memory (EPROM)
36. The Bell-LaPadula Model is a _______________.
Subject to Object Model
The Strong star property rule
Prohibits
A Domain
37. Documentation must be provided - including test - design - and specification document - user guides and manuals
Be protected from modification
Documentation - Orange Book
Types of covert channels
Trusted hardware - Software and Firmware
38. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
An abstract machine
A single classification and a Compartment Set
Orange Book interpretations
39. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Government and military applications
Pipelining
'Dominate'
40. What is called the formal acceptance of the adequacy of a system's overall security by management?
Dominate the object's sensitivity label
The security perimeter
Security Policy
Accreditation
41. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Types of covert channels
Controlling unauthorized downgrading of information
Pipelining
42. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Firmware
D
The Trusted Computing Base (TCB)
Protection Rings Support
43. Which in the Orange Book ratings represents the highest level of trust?
The TCSEC - Aka Orange Book
Be protected from modification
An abstract machine
B2
44. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
Overt channel
The Evaluated Products List (EPL) with their corresponding rating
Integrity
45. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Overt channel
A1
Security Policy is clearly defined and documented
Pipelining
46. Intended for environments that require systems to handle classified data.
Orange Book C
B1 - Labeled Security rating
Enforces the rules
All Mandatory Access Control (MAC) systems
47. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Discretionary Security Property (ds-property)
Networks and Communications
Swap Space
48. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Logical addresses
Be protected from modification
Administrative declaration
Implement software or systems in a production environment
49. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
B1
A Domain
C2
Trusted facility management
50. A subject at a given clearance may not read an object at a higher classification
Mandatory access control
Division B - Mandatory Protection
Overt channel
The Simple Security Property
