Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






2. Each data object must contain a classification label and each subject must have a clearance label.






3. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






4. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






5. Which uses Protection Profiles and Security Targets?






6. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






7. The TCB is the ________________ within a computer system that work together to enforce a security policy.






8. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






9. Data in Cache can be accessed much more quickly than Data






10. Contains the ending address






11. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






12. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






13. When the address location that is specified in the program instruction contains the address of the final desired location.






14. Contains an Address of where the instruction and dara reside that need to be processed.






15. Which increases the performance in a computer by overlapping the steps of different instructions?






16. Permits a database to have two records that are identical except for Their classifications






17. Used by Windows systems to reserve the "Swap Space"






18. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






19. Another word for Primary storage and distinguishes physical memory from virtual memory.






20. The Orange book requires protection against two_____________ - which are these Timing and Storage






21. The Physical memory address that the CPU uses






22. What does the simple security (ss) property mean in the Bell-LaPadula model?






23. Applications and user activity






24. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






25. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






26. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






27. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






28. Which describe a condition when RAM and Secondary storage are used together?






29. According to the Orange Book - trusted facility management is not required for which security levels?






30. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






31. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






32. When a vendor submits a product for evaluation - it submits it to the ____________.






33. When the contents of the address defined in the program's instruction is added to that of an index register.






34. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






35. The Bell-LaPadula Model is a _______________.






36. Minimal Security






37. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






38. When the RAM and secondary storage are combined the result is __________.






39. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






40. Operating System Kernel






41. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






42. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






43. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






44. Mandatory Access requires that _____________ be attached to all objects.






45. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






46. Which would be designated as objects on a MAC system?






47. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






48. What model use an access control triples and requires that the system maintain separation of duty ?






49. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






50. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests