Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






2. The Policy must be explicit and well defined and enforced by the mechanisms within the system






3. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






4. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






5. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






6. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






7. What are the components of an object's sensitivity label?






8. Mandatory Protection






9. Each data object must contain a classification label and each subject must have a clearance label.






10. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






11. The C2 evaluation class of the _________________ offers controlled access protection.






12. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






13. Contains the ending address






14. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






15. The security kernel is the mechanism that _____________ of the reference monitor concept.






16. The total combination of protection mechanisms within a computer system






17. Which uses Protection Profiles and Security Targets?






18. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






19. As per FDA data should be ______________________________.






20. The group that oversees the processes of evaluation within TCSEC is?






21. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






22. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






23. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






24. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






25. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






26. The Bell-LaPadula model Subjects and Objects are ___________.






27. The Orange book does NOT Cover ________________ - And Database management systems






28. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






30. System Architecture that separates system functionality into Hierarchical layers






31. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






32. I/O drivers and utilities






33. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






34. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






35. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






36. When the address location that is specified in the program instruction contains the address of the final desired location.






37. Which in the Orange Book ratings represents the highest level of trust?






38. The combination of RAM - Cache and the Processor Registers






39. The Indexed memory addresses that software uses






40. Which describe a condition when RAM and Secondary storage are used together?






41. Users need to be Identified individually to provide more precise acces control and auditing functionality.






42. Contains the beginning address






43. In access control terms - the word "dominate" refers to ___________.






44. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






45. The *-Property rule is refered to as ____________.






46. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






47. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






48. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






49. What does the simple integrity axiom mean in the Biba model?






50. Another word for Primary storage and distinguishes physical memory from virtual memory.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests