SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains the beginning address
Overt channel
The Red Book
Orange Book - B2
A Base Register (Memory Management)
2. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Division C - Discretionary Protection
Security Policy is clearly defined and documented
The Integrity of data within applications
State machine model
3. When a computer uses more than one CPU in parallel to execute instructions is known as?
Dominate the object's sensitivity label
C2
Constrained
Multiprocessing
4. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
The Evaluated Products List (EPL) with their corresponding rating
Ring 2
First evaluation class
5. Individual subjects must be uniquely identified.
Most commonly used approach
Higher or equal to access class
Identification - Orange Book
Direct addressing
6. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Logical addresses
security protection mechanisms
C2 - Controlled Access Protection
Multitasking
7. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Division B - Mandatory Protection Architecture
The Evaluated Products List (EPL) with their corresponding rating
Controls the checks
Basic Security Theorem (used in computer science) definition
8. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
All Mandatory Access Control (MAC) systems
Ring 0
The Thread (memory Management)
9. What prevents a process from accessing another process' data?
C1 - Discretionary Security Protection
Process isolation
All Mandatory Access Control (MAC) systems
Orange Book B
10. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Orange Book - D
The Common Criteria
All Mandatory Access Control (MAC) systems
Networks and Communications
11. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Reduced Instruction Set Computers (RISC)
The Common Criteria
Ring 1
Its Clearance Label (Top Secret - Secret - or Confidential)
12. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
The National Computer Security Center (NCSC)
The Tranqulity principle (The Bell-LaPadula Model)
The security kernel
Life Cycle Assurance Requirement
13. What does the simple security (ss) property mean in the Bell-LaPadula model?
Orange Book C
Dominate the object's sensitivity label
System High Security Mode
No read up
14. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Ring 3
Administrative declaration
Firmware
Documentation - Orange Book
15. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Implement software or systems in a production environment
Trusted hardware - Software and Firmware
Secondary Storage
Certification
16. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Division D - Minimal Protection
A1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A1 - Rating
17. The Biba Model adresses _____________________.
State machine model
The Integrity of data within applications
Swap Space
Orange Book - B3
18. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Pipelining
Isolate processes
Orange Book A
The security perimeter
19. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. In access control terms - the word "dominate" refers to ___________.
Mandatory Access Control (MAC)
TCB (Trusted Computing Base)
Higher or equal to access class
Division B - Mandatory Protection
21. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Tranqulity principle (The Bell-LaPadula Model)
Indirect addressing
Life Cycle Assurance Requirement
Operational assurance requirements
22. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Administrative declaration
Orange Book - B3
TCB (Trusted Computing Base)
23. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
The TCSEC - Aka Orange Book
All Mandatory Access Control (MAC) systems
C1 - Discrection Security Protection is a type of environment
Orange Book A
24. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
The Simple Security Property
B3
Multilevel Security Policies
Division D - Minimal Protection
25. What are the components of an object's sensitivity label?
State machine model
Division B - Mandatory Protection Architecture
A single classification and a Compartment Set
Types of covert channels
26. Which TCSEC level first addresses object reuse?
Trusted Products Evaluation Program (TPEP)
No write down
An abstract machine
C2
27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Access Matrix model
Be protected from modification
A and B
Trusted Distribution
28. Can be erased - modified and upgraded.
Integrity
Erasable and Programmable Read-Only Memory (EPROM)
The Monolithic Operation system Architecture
Isolate processes
29. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. The subject must have Need to Know for ONLY the information they are trying to access.
Division B - Mandatory Protection
Trusted Products Evaluation Program (TPEP)
System High Security Mode
The Tranqulity principle (The Bell-LaPadula Model)
31. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
All Mandatory Access Control (MAC) systems
Invocation Property
The Clark Wilson integrity model
Trusted Network Interpretation (TNI)
32. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Division C - Discretionary Protection
Certification
Firmware
33. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Erasable and Programmable Read-Only Memory (EPROM)
Certification
Integrity
Basic Security Theorem (used in computer science) definition
34. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
A Thread
B3
A Layered Operating System Architecure
B2 - Structured Protection
35. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Be protected from modification
The Biba Model
Scalar processors
Pagefile.sys file
36. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Physical security
Thrashing
The Integrity of data within applications
The Strong star property rule
37. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
Trusted Products Evaluation Program (TPEP)
Sensitivity labels
A and B
38. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
*-Integrity Axiom
Indirect addressing
Multilevel Security Policies
Execution Domain
39. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
TCB (Trusted Computing Base)
The Simple Security Property
Overt channel
Life Cycle Assurance Requirement
40. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
NOT Integrity
C2 - Controlled Access Protection
Networks and Communications
41. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Life-cycle assurance - O/B
The reference monitor
Buffer overflows
Dedicated Security Mode
42. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
attributability
Be protected from modification
Ring 2
The Common Criteria
43. Remaining parts of the operating system
The Thread (memory Management)
Ring 1
Process isolation
Primary storage
44. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Access control to the objects by the subjects
Swap Space
Real storage
The reference monitor
45. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
The Clark Wilson integrity model
The National Computer Security Center (NCSC)
Attributable data
Overt channel
46. Execute one instruction at a time.
Totality of protection mechanisms
Higher or equal to access class
Scalar processors
Disclosure of residual data
47. A set of objects that a subject is able to access
Trusted facility management
A Domain
The Common Criteria
The trustworthiness of an information system
48. Based on a known address with an offset value applied.
Relative Addresses
Orange Book B
C2
The security perimeter
49. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
First evaluation class
B1
Totality of protection mechanisms
D
50. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The "No read Up" rule
Fail safe
Clark-Wilson
B1
