SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
The *-Property rule (Star property)
Orange Book B
Need-to-know
2. The subject must have Need to Know for ONLY the information they are trying to access.
The Thread (memory Management)
Identification - Orange Book
No read down
System High Security Mode
3. Which in the Orange Book ratings represents the highest level of trust?
B2
Models concerned with integrity
Sensitivity labels
Division B - Mandatory Protection
4. Each data object must contain a classification label and each subject must have a clearance label.
Trusted Distribution
Physical security
B1 - Labeled Security
Division C - Discretionary Protection
5. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Indirect addressing
Overt channel
Dedicated Security Mode
The Simple Security Property
6. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Multitasking
A security kernel
All Mandatory Access Control (MAC) systems
C2 - Controlled Access Protection
7. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Files - directories and devices
The Trusted Computing Base (TCB)
Integrity
Protection Rings Support
8. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
B3 - Rating
First evaluation class
A security domain
Multitasking
9. Which uses Protection Profiles and Security Targets?
The National Computer Security Center (NCSC)
Accreditation
International Standard 15408
Higher or equal to access class
10. What model use an access control triples and requires that the system maintain separation of duty ?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Clark-Wilson
Absolute addresses
Protection Rings Support
11. According to the Orange Book - trusted facility management is not required for which security levels?
Division B - Mandatory Protection
Totality of protection mechanisms
B1
A1
12. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
A Limit Register (Memory Management)
Its classification label (Top Secret - Secret or confidential)
Security mechanisms and evalautes their effectivenes
13. Verification Protection
Life-cycle assurance - O/B
Controlling unauthorized downgrading of information
Orange Book A
A Layered Operating System Architecure
14. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Trusted Distribution
Evaluated separately
Mandatory Access Control (MAC)
15. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Multilevel Security Policies
Evaluated separately
Discretionary Security Property (ds-property)
Administrative declaration
16. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Dominate the object's sensitivity label
Be protected from modification
Orange Book - B3
The security perimeter
17. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
No read up
Government and military applications
Security rating B
Implement software or systems in a production environment
18. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
System High Security Mode
Indirect addressing
The security kernel
Most commonly used approach
19. The Simple Security rule is refered to as______________.
Direct addressing
Fail safe
International Standard 15408
The "No read Up" rule
20. In access control terms - the word "dominate" refers to ___________.
Relative Addresses
Buffer overflows
Higher or equal to access class
Need-to-know
21. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
The Red Book
Orange Book C
Accreditation
22. What does the * (star) property mean in the Bell-LaPadula model?
Discretionary Security Property (ds-property)
Real storage
NOT Integrity
No write down
23. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
The security perimeter
B3 - Rating
Trusted Distribution
Prevent secret information from being accessed
24. Which TCSEC level first addresses object reuse?
The Trusted Computing Base (TCB)
Virtual storage
Operational assurance requirements
C2
25. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
The trustworthiness of an information system
The Red Book
Orange Book interpretations
Thrashing
26. Remaining parts of the operating system
Ring 1
Direct addressing
Clark-Wilson
Identification - Orange Book
27. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Protection Rings Support
Programmable Read-Only Memory (PROM)
The Strong star property rule
B3 - Security Domains
28. The Physical memory address that the CPU uses
The TCSEC - Aka Orange Book
Absolute addresses
Orange Book A
Simple Integrity Axiom
29. Minimal Security
Orange Book - D
Access control to the objects by the subjects
Most commonly used approach
Buffer (temporary data storage area)
30. The assignment of a specific individual to administer the security-related functions of a system.
Indirect addressing
Accountability - Orange Book
Swap Space
Trusted facility management
31. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
The rule is talking about "Reading"
The Red Book
Reduced Instruction Set Computers (RISC)
32. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
No write down
Division C - Discretionary Protection
Controlling unauthorized downgrading of information
Relative Addresses
33. The Indexed memory addresses that software uses
Logical addresses
Orange Book - B2
Prohibits
Disclosure of residual data
34. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
B2
C2 - Controlled Access Protection
System High Security Mode
Orange Book - B1
35. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
TCB (Trusted Computing Base)
The rule is talking about "Reading"
Its Clearance Label (Top Secret - Secret - or Confidential)
C2 - Controlled Access Protection
36. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
Process isolation
The security perimeter
Scalar processors
37. Which Orange Book evaluation level is described as "Verified Design"?
Multilevel Security Policies
Primary storage
The Monolithic Operation system Architecture
A1
38. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Absolute addresses
B3 - Rating
Certification
Pagefile.sys file
39. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Virtual Memory
The Biba Model
Trusted hardware - Software and Firmware
Erasable and Programmable Read-Only Memory (EPROM)
40. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Virtual Memory
Prohibits
Life-cycle assurance - O/B
Security Policy - Orange Book
41. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Prohibits
Secondary Storage
A1
42. When a computer uses more than one CPU in parallel to execute instructions is known as?
Storage and timing
Highly secure systems (B2 - B3 and A1)
Multiprocessing
Attributable data
43. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Stored in Reak Memory
Isolate processes
Models concerned with integrity
Orange Book - B3
44. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1
The TCSEC - Aka Orange Book
Controlling unauthorized downgrading of information
A1 - Rating
45. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Pagefile.sys file
First evaluation class
Firmware
46. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Tranqulity principle (The Bell-LaPadula Model)
'Dominate'
B1
Life Cycle Assurance Requirement
47. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Fail safe
No read up
Primary storage
48. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
The Common Criteria
Pipelining
Evaluated separately
Orange Book - A1
49. Applications and user activity
Highly secure systems (B2 - B3 and A1)
Networks and Communications
Ring 3
Access Matrix model
50. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Mandatory access control
C2 - Controlled Access Protection
Isolate processes
Firmware
