SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model adresses _____________________.
A Domain
Simple Integrity Axiom
The Integrity of data within applications
Most commonly used approach
2. Access control labels must be associated properly with objects.
No read down
Files - directories and devices
Labels - Orange Book
The security kernel
3. The C2 evaluation class of the _________________ offers controlled access protection.
*-Integrity Axiom
Trusted Network Interpretation (TNI)
Logical addresses
Invocation Property
4. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
D
Implement software or systems in a production environment
B3
5. When a portion of primary memory is accessed by specifying the actual address of the memory location
Trusted hardware - Software and Firmware
Direct addressing
Virtual Memory
Overt channel
6. Audit data must be captured and protected to enforce accountability
Life-cycle assurance - O/B
C2
Scalar processors
Accountability - Orange Book
7. All users have a clearance for and a formal need to know about - all data processed with the system.
Isolate processes
Scalar processors
Trusted Products Evaluation Program (TPEP)
Dedicated Security Mode
8. The Orange book requires protection against two_____________ - which are these Timing and Storage
Prevent secret information from being accessed
Types of covert channels
security protection mechanisms
Stored in Reak Memory
9. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
10. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Swap Space
B3 - Rating
Bell-LaPadula Model
The Integrity of data within applications
11. The Physical memory address that the CPU uses
Constrained
Absolute addresses
Security Policy - Orange Book
B2 rating
12. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Most commonly used approach
Protection Rings Support
Division D - Minimal Protection
A and B
13. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Constrained
Physical security
B2 - Structured Protection
Scalar processors
14. Which describe a condition when RAM and Secondary storage are used together?
Security Policy - Orange Book
Orange Book A
Execution Domain
Virtual storage
15. Which TCSEC level first addresses object reuse?
Its classification label (Top Secret - Secret or confidential)
The Strong star property rule
Security rating B
C2
16. The security kernel is the mechanism that _____________ of the reference monitor concept.
The Tranqulity principle (The Bell-LaPadula Model)
Bell-LaPadula Model
Enforces the rules
Most commonly used approach
17. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
The reference monitor
The National Computer Security Center (NCSC)
Orange Book - B1
Trusted Products Evaluation Program (TPEP)
18. A system uses the Reference Monitor to ___________________ of a subject and an object?
Bell-LaPadula Model
The Simple Security Property
A security domain
Compare the security labels
19. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
A Thread
Buffer overflows
The National Computer Security Center (NCSC)
The Trusted Computing Base (TCB)
20. Which in the Orange Book ratings represents the highest level of trust?
Orange Book interpretations
B2
Accountability - Orange Book
The Trusted Computing Base (TCB)
21. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Trusted facility management
State machine model
Orange Book - B1
22. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Mandatory access control
Process isolation
Simple Security Rule
23. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
*-Integrity Axiom
Access control to the objects by the subjects
Fail safe
Multilevel Security Policies
24. Mandatory access control is enfored by the use of security labels.
Stored in Reak Memory
Division B - Mandatory Protection
The security perimeter
Access Matrix model
25. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Government and military applications
B1 - Labeled Security
Integrity
Models concerned with integrity
26. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Logical addresses
C2 - Controlled Access Protection
Security Policy
The Common Criteria
27. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
B3 - Rating
Be protected from modification
The Rule is talking about writing
28. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Verification Protection
Continuous protection - O/B
Dedicated Security Mode
The Clark Wilson integrity model
Orange Book A
30. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
B1 - Labeled Security rating
B3 - Security Domains
Evaluated separately
31. As per FDA data should be ______________________________.
Prohibits
Networks and Communications
Accreditation
Attributable - original - accurate - contemporaneous and legible
32. Involves sharing the processor amoung all ready processes
Physical security
Clark-Wilson Model
Discretionary Security Property (ds-property)
Multitasking
33. I/O drivers and utilities
A Domain
A Layered Operating System Architecure
Relative Addresses
Ring 2
34. A type of memory used for High-speed writing and reading activities.
A security domain
Labels - Orange Book
Compare the security labels
Cache Memory
35. Which uses Protection Profiles and Security Targets?
Overt channel
B2 - Structured Protection
International Standard 15408
Orange Book ratings
36. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The *-Property rule (Star property)
Real storage
Simple Integrity Axiom
37. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Mandatory Access Control (MAC)
Covert channels
A Layered Operating System Architecure
C1 - Discretionary Security Protection
38. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Accountability - Orange Book
Controlling unauthorized downgrading of information
Most commonly used approach
39. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
International Standard 15408
The reference monitor
Programmable Read-Only Memory (PROM)
B3 - Rating
40. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Dedicated Security Mode
B3
Sensitivity labels
Complex Instruction Set Computers (CISC)
41. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Orange Book C
Higher or equal to access class
Its classification label (Top Secret - Secret or confidential)
Prohibits
42. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
The security kernel
Orange Book - B2
Thrashing
Mandatory access control
43. Mandatory Access requires that _____________ be attached to all objects.
Security Policy
attributability
The Biba Model
Sensitivity labels
44. Permits a database to have two records that are identical except for Their classifications
Enforces the rules
Polyinstantiation
Attributable data
In C2 - Controlled Access Protection environment
45. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Programmable Read-Only Memory (PROM)
*-Integrity Axiom
The reference monitor
46. Execute one instruction at a time.
The Clark Wilson integrity model
Scalar processors
security protection mechanisms
Orange Book - B2
47. A subject at a given clearance may not read an object at a higher classification
The Evaluated Products List (EPL) with their corresponding rating
The Simple Security Property
A and B
No read up
48. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Virtual Memory
Implement software or systems in a production environment
The Red Book
The Strong star property rule
49. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Ring 3
Trusted Products Evaluation Program (TPEP)
A single classification and a Compartment Set
50. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
B1
The rule is talking about "Reading"
security protection mechanisms
attributability
