SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the * (star) property mean in the Bell-LaPadula model?
The *-Property rule (Star property)
No write down
Absolute addresses
Security Policy - Orange Book
2. As per FDA data should be ______________________________.
Trusted hardware - Software and Firmware
Programmable Read-Only Memory (PROM)
Multiprocessing
Attributable - original - accurate - contemporaneous and legible
3. What prevents a process from accessing another process' data?
Prohibits
No read down
Process isolation
Relative Addresses
4. Applications and user activity
Ring 3
Scalar processors
Cache Memory
B1 - Labeled Security
5. Which increases the performance in a computer by overlapping the steps of different instructions?
TCB (Trusted Computing Base)
Pipelining
Simple Security Rule
The security perimeter
6. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Mandatory access control
The Red Book
A Base Register (Memory Management)
7. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Dedicated Security Mode
'Dominate'
Isolate processes
The Evaluated Products List (EPL) with their corresponding rating
8. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
The National Computer Security Center (NCSC)
Dedicated Security Mode
Prevent secret information from being accessed
The Monolithic Operation system Architecture
9. Execute one instruction at a time.
In C2 - Controlled Access Protection environment
Types of covert channels
Government and military applications
Scalar processors
10. Users need to be Identified individually to provide more precise acces control and auditing functionality.
The Common Criteria
The Biba Model
Protection Rings Support
C2 - Controlled Access Protection
11. Which would be designated as objects on a MAC system?
Orange Book B
Files - directories and devices
Primary storage
Orange Book A
12. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
No write down
Multiprocessing
Orange Book B
B3
13. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Security mechanisms and evalautes their effectivenes
The reference monitor
Evaluated separately
Virtual Memory
14. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Orange Book ratings
The Trusted Computing Base (TCB)
Orange Book - D
15. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Buffer (temporary data storage area)
The Strong star property rule
Files - directories and devices
16. The subject must have Need to Know for ONLY the information they are trying to access.
Firmware
A and B
System High Security Mode
A Base Register (Memory Management)
17. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Simple Security Property
Complex Instruction Set Computers (CISC)
The National Computer Security Center (NCSC)
18. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Models concerned with integrity
Constrained
Prohibits
Attributable data
19. I/O drivers and utilities
Ring 2
Accreditation
Orange Book A
Dedicated Security Mode
20. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Simple Integrity Axiom
Mandatory access control
security protection mechanisms
21. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Clark-Wilson
Protection Rings Support
A Domain
Types of covert channels
22. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Prevent secret information from being accessed
Relative Addresses
Identification - Orange Book
23. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Programmable Read-Only Memory (PROM)
Indexed addressing
An abstract machine
24. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
security protection mechanisms
The trustworthiness of an information system
B2 - Structured Protection
Higher or equal to access class
25. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
NOT Integrity
'Dominate'
Prevent secret information from being accessed
Orange Book - A1
26. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
The Biba Model
Prevent secret information from being accessed
Be protected from modification
27. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The Security Kernel
Virtual Memory
Programmable Read-Only Memory (PROM)
A Limit Register (Memory Management)
28. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
A single classification and a Compartment Set
Ring 0
A and B
The National Computer Security Center (NCSC)
29. Which is a straightforward approach that provides access rights to subjects for objects?
Trusted hardware - Software and Firmware
Orange Book - B3
Access Matrix model
B1
30. When a vendor submits a product for evaluation - it submits it to the ____________.
Buffer overflows
The National Computer Security Center (NCSC)
Government and military applications
C2 - Controlled Access Protection
31. The Orange book requires protection against two_____________ - which are these Timing and Storage
Constrained
All Mandatory Access Control (MAC) systems
Types of covert channels
Complex Instruction Set Computers (CISC)
32. Contains the ending address
A Limit Register (Memory Management)
Disclosure of residual data
Certification
Implement software or systems in a production environment
33. Happen because input data is not checked for appropriate length at time of input
Direct addressing
The National Computer Security Center (NCSC)
Documentation - Orange Book
Buffer overflows
34. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Polyinstantiation
Indirect addressing
C1 - Discretionary Security Protection
Secondary Storage
35. A type of memory used for High-speed writing and reading activities.
Cache Memory
The security kernel
Polyinstantiation
A Base Register (Memory Management)
36. The Bell-LaPadula model Subjects and Objects are ___________.
Continuous protection - O/B
Life-cycle assurance - O/B
Virtual storage
Assigned labels
37. Which in the Orange Book ratings represents the highest level of trust?
The security kernel
Subject to Object Model
B2
Absolute addresses
38. The Security Model Incorporates the ____________ that should be enforced in the system.
Trusted Products Evaluation Program (TPEP)
Clark-Wilson
Firmware
Security Policy
39. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Security Policy - Orange Book
Security mechanisms and evalautes their effectivenes
Trusted facility management
40. Mandatory Protection
No read down
Orange Book B
attributability
NOT Integrity
41. When the address location that is specified in the program instruction contains the address of the final desired location.
*-Integrity Axiom
Orange Book - B1
Accountability - Orange Book
Indirect addressing
42. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Sensitivity labels
Implement software or systems in a production environment
Ring 1
Security Policy is clearly defined and documented
43. TCB contains The Security Kernel and all ______________.
Direct Addressing
Clark-Wilson Model
Division C - Discretionary Protection
security protection mechanisms
44. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Discretionary Security Property (ds-property)
Polyinstantiation
C1 - Discretionary Security Protection
Fail safe
45. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Programmable Read-Only Memory (PROM)
A and B
Discretionary Security Property (ds-property)
Trusted Products Evaluation Program (TPEP)
46. Simpler instructions that require fewer clock cycles to execute.
The Rule is talking about writing
Reduced Instruction Set Computers (RISC)
Orange Book - B1
The Monolithic Operation system Architecture
47. Trusted facility management is an assurance requirement only for ________________.
System High Security Mode
C2 - Controlled Access Protection
B2 - Structured Protection
Highly secure systems (B2 - B3 and A1)
48. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
Simple Security Rule
Invocation Property
Relative Addresses
49. The Bell-LaPadula Model is a _______________.
A Limit Register (Memory Management)
Covert channels
Subject to Object Model
Identification - Orange Book
50. The total combination of protection mechanisms within a computer system
A and B
TCB (Trusted Computing Base)
The *-Property rule (Star property)
A1 - Rating
