Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The Monolithic Operation system Architecture
Assigned labels
The security kernel
The Thread (memory Management)

2. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Labels - Orange Book
Programmable Read-Only Memory (PROM)
A1 - Rating

3. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

4. Used by Windows systems to reserve the "Swap Space"
Highly secure systems (B2 - B3 and A1)
A security domain
Pagefile.sys file
The Clark Wilson integrity model

5. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
C2 - Controlled Access Protection
Accountability - Orange Book
Life Cycle Assurance Requirement

6. Another word for Primary storage and distinguishes physical memory from virtual memory.
Trusted hardware - Software and Firmware
Thrashing
No read down
Real storage

7. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
Fail safe
Sensitivity labels
Higher or equal to access class

8. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
A single classification and a Compartment Set
Cache Memory
The reference monitor
All Mandatory Access Control (MAC) systems

9. Operating System Kernel
Physical security
The Rule is talking about writing
Buffer (temporary data storage area)
Ring 0

10. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Mandatory Access Control (MAC)
No read down
The Tranqulity principle (The Bell-LaPadula Model)
A lattice of Intergrity Levels

11. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The security perimeter
Orange Book - A1
B3 - Security Domains
A single classification and a Compartment Set

12. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A1 - Rating
Government and military applications
*-Integrity Axiom
Ring 1

13. Execute one instruction at a time.
Networks and Communications
'Dominate'
Scalar processors
B1

14. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Orange Book C
The Biba Model
Fail safe
C1

15. When the RAM and secondary storage are combined the result is __________.
Attributable data
Virtual Memory
B3 - Rating
Virtual storage

16. When a computer uses more than one CPU in parallel to execute instructions is known as?
Need-to-know
Isolate processes
Multiprocessing
Administrative declaration

17. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Controlling unauthorized downgrading of information
B1 - Labeled Security rating
Primary storage

18. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
C1 - Discrection Security Protection is a type of environment
The Tranqulity principle (The Bell-LaPadula Model)
Division C - Discretionary Protection
Trusted hardware - Software and Firmware

19. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Division B - Mandatory Protection Architecture
The Trusted Computing Base (TCB)
Reduced Instruction Set Computers (RISC)

20. The Simple Security rule is refered to as______________.
Orange Book - B2
Bell-LaPadula Model
Highly secure systems (B2 - B3 and A1)
The "No read Up" rule

21. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
C1
Orange Book - B3
Simple Integrity Axiom
The security kernel

22. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Types of covert channels
Most commonly used approach
Life Cycle Assurance Requirement
Be protected from modification

23. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
Reduced Instruction Set Computers (RISC)
Compare the security labels
B1

24. Which would be designated as objects on a MAC system?
Access control to the objects by the subjects
Virtual storage
C2 - Controlled Access Protection
Files - directories and devices

25. Discretionary protection
Logical addresses
C2 - Controlled Access Protection
Discretionary Security Property (ds-property)
Orange Book C

26. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Orange Book C
The trustworthiness of an information system
Attributable - original - accurate - contemporaneous and legible

27. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
A and B
C2 - Controlled Access Protection
Bell-LaPadula Model
The TCSEC - Aka Orange Book

28. A set of objects that a subject is able to access
Scalar processors
A Domain
Orange Book - A1
Controls the checks

29. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Life Cycle Assurance Requirement
Evaluated separately
attributability
Networks and Communications

30. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Government and military applications
Subject to Object Model
The Strong star property rule

31. Permits a database to have two records that are identical except for Their classifications
C2
Polyinstantiation
Buffer overflows
Security mechanisms and evalautes their effectivenes

32. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
'Dominate'
The Clark Wilson integrity model
Programmable Read-Only Memory (PROM)

33. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Primary storage
Accreditation
The Tranqulity principle (The Bell-LaPadula Model)
Simple Security Rule

34. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Virtual Memory
Be protected from modification
A Base Register (Memory Management)
Direct Addressing

35. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Most commonly used approach
The Biba Model
Programmable Read-Only Memory (PROM)
C2

36. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The *-Property rule (Star property)
Fail safe
'Dominate'
Security Policy is clearly defined and documented

37. What does the simple security (ss) property mean in the Bell-LaPadula model?
Logical addresses
All Mandatory Access Control (MAC) systems
No read up
Division C - Discretionary Protection

38. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Physical security
Networks and Communications
Orange Book C
A security kernel

39. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Accountability - Orange Book
The reference monitor
Swap Space
The Monolithic Operation system Architecture

40. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
B3 - Security Domains
Life-cycle assurance - O/B
A security kernel
Access control to the objects by the subjects

41. Succesfully Evaluated products are placed on?
B3
security protection mechanisms
The Evaluated Products List (EPL) with their corresponding rating
Direct addressing

42. Should always trace to individuals responsible for observing and recording the data
Pagefile.sys file
The Security Kernel
Attributable data
Physical security

43. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
In C2 - Controlled Access Protection environment
Orange Book A
Continuous protection - O/B
Primary storage

44. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Be protected from modification
TCB (Trusted Computing Base)
C1 - Discrection Security Protection is a type of environment

45. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channel
Trusted facility management
The Strong star property rule
Fail safe

46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Controlling unauthorized downgrading of information
Operational assurance requirements
Prohibits

47. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
security protection mechanisms
B3
Pagefile.sys file
NOT Integrity

48. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
No read down
Higher or equal to access class
TCB (Trusted Computing Base)

49. The *-Property rule is refered to as ____________.
The Evaluated Products List (EPL) with their corresponding rating
The Integrity of data within applications
The "No write Down" Rule
Security rating B

50. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Security Policy - Orange Book
B1 - Labeled Security rating
Controlling unauthorized downgrading of information
Certification

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests