Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The group that oversees the processes of evaluation within TCSEC is?






2. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






3. A subject at a given clearance may not read an object at a higher classification






4. Access control labels must be associated properly with objects.






5. I/O drivers and utilities






6. What access control technique is also known as multilevel security?






7. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






8. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






9. A domain of trust that shares a single security policy and single management






10. TCSEC provides a means to evaluate ______________________.






11. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






12. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






13. Based on a known address with an offset value applied.






14. In the Bell-LaPadula Model the Object's Label contains ___________________.






15. As per FDA data should be ______________________________.






16. When the address location that is specified in the program instruction contains the address of the final desired location.






17. What does the simple integrity axiom mean in the Biba model?






18. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






19. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






20. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






21. The C2 evaluation class of the _________________ offers controlled access protection.






22. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






23. The *-Property rule is refered to as ____________.






24. The subject must have Need to Know for ONLY the information they are trying to access.






25. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






26. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






27. What does the Clark-Wilson security model focus on






28. Which TCSEC level first addresses object reuse?






29. The combination of RAM - Cache and the Processor Registers






30. Which uses Protection Profiles and Security Targets?






31. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






32. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






33. What does the simple security (ss) property mean in the Bell-LaPadula model?






34. Another word for Primary storage and distinguishes physical memory from virtual memory.






35. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






36. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






37. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






38. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






39. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






40. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






41. Which is a straightforward approach that provides access rights to subjects for objects?






42. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






43. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






44. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






45. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






46. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






47. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






48. TCB contains The Security Kernel and all ______________.






49. When the contents of the address defined in the program's instruction is added to that of an index register.






50. The Orange book does NOT Cover ________________ - And Database management systems