SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The Simple Security Property
Division B - Mandatory Protection Architecture
Subject to Object Model
Fail safe
2. The *-Property rule is refered to as ____________.
D
The Tranqulity principle (The Bell-LaPadula Model)
The "No write Down" Rule
Erasable and Programmable Read-Only Memory (EPROM)
3. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
A Thread
Dedicated Security Mode
Scalar processors
4. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
Dedicated Security Mode
A Base Register (Memory Management)
Prohibits
5. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Storage and timing
Cache Memory
Accreditation
6. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Security mechanisms and evalautes their effectivenes
Assigned labels
Isolate processes
7. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
Accountability - Orange Book
No read down
No read up
8. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
B2 rating
The "No write Down" Rule
Files - directories and devices
9. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Labels - Orange Book
The TCSEC - Aka Orange Book
Indexed addressing
D
10. Happen because input data is not checked for appropriate length at time of input
B2 - Structured Protection
The National Computer Security Center (NCSC)
The Integrity of data within applications
Buffer overflows
11. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Buffer overflows
A single classification and a Compartment Set
All Mandatory Access Control (MAC) systems
The rule is talking about "Reading"
12. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Programmable Read-Only Memory (PROM)
Integrity
Pipelining
13. Which is a straightforward approach that provides access rights to subjects for objects?
A security domain
Access Matrix model
Clark-Wilson Model
Prohibits
14. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
The Strong star property rule
Orange Book ratings
Simple Security Rule
Life Cycle Assurance Requirement
15. When the RAM and secondary storage are combined the result is __________.
Complex Instruction Set Computers (CISC)
B2 rating
Virtual Memory
First evaluation class
16. The Availability - Integrity and confidentiality requirements of multitasking operating systems
The rule is talking about "Reading"
Mandatory access control
Protection Rings Support
International Standard 15408
17. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The Strong star property rule
Security rating B
Secondary Storage
Complex Instruction Set Computers (CISC)
18. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Attributable data
Accountability - Orange Book
The reference monitor
19. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
The "No write Down" Rule
The Biba Model
An abstract machine
In C2 - Controlled Access Protection environment
20. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Multitasking
Types of covert channels
The Red Book
Isolate processes
21. The Physical memory address that the CPU uses
Multilevel Security Policies
Types of covert channels
Absolute addresses
The security perimeter
22. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
A security domain
Process isolation
Trusted Distribution
The reference monitor
23. Minimal Security
The Clark Wilson integrity model
B2 - Structured Protection
Orange Book - D
In C2 - Controlled Access Protection environment
24. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Security Policy - Orange Book
Types of covert channels
Multitasking
25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Polyinstantiation
Assigned labels
Discretionary Security Property (ds-property)
Mandatory Access Control (MAC)
26. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Thrashing
The Simple Security Property
Its Clearance Label (Top Secret - Secret - or Confidential)
The Biba Model
27. Each data object must contain a classification label and each subject must have a clearance label.
Absolute addresses
B1 - Labeled Security
Mandatory access control
Labels - Orange Book
28. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Fail safe
C1
Thrashing
Simple Security Rule
29. Contains an Address of where the instruction and dara reside that need to be processed.
Firmware
The Thread (memory Management)
The "No read Up" rule
*-Integrity Axiom
30. When a vendor submits a product for evaluation - it submits it to the ____________.
Labels - Orange Book
Absolute addresses
The National Computer Security Center (NCSC)
Orange Book - B2
31. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
The Clark Wilson integrity model
A1 - Rating
Indirect addressing
Examples of Layered Operating Systems
32. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Need-to-know
Models concerned with integrity
Cache Memory
B2 rating
33. System Architecture that separates system functionality into Hierarchical layers
Controls the checks
A Layered Operating System Architecure
Trusted facility management
Real storage
34. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Execution Domain
State machine model
Need-to-know
Security Policy is clearly defined and documented
35. Remaining parts of the operating system
'Dominate'
No write down
Ring 1
Scalar processors
36. A set of objects that a subject is able to access
Buffer overflows
Identification - Orange Book
A Domain
The Integrity of data within applications
37. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
A1
Pipelining
Buffer (temporary data storage area)
38. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Trusted Products Evaluation Program (TPEP)
The rule is talking about "Reading"
B3
'Dominate'
39. According to the Orange Book - trusted facility management is not required for which security levels?
The Tranqulity principle (The Bell-LaPadula Model)
B1
C1
'Dominate'
40. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
International Standard 15408
Dominate the object's sensitivity label
Simple Security Rule
41. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
C1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C1 - Discrection Security Protection is a type of environment
42. The Bell-LaPadula Model is a _______________.
Mandatory access control
Trusted Distribution
All Mandatory Access Control (MAC) systems
Subject to Object Model
43. The Biba Model adresses _____________________.
Protection Rings Support
Highly secure systems (B2 - B3 and A1)
B3 - Rating
The Integrity of data within applications
44. Which TCSEC level first addresses object reuse?
An abstract machine
Its Clearance Label (Top Secret - Secret - or Confidential)
Buffer overflows
C2
45. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Orange Book B
Direct addressing
Implement software or systems in a production environment
The Rule is talking about writing
46. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
Division B - Mandatory Protection
Assigned labels
Covert channels
47. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B1
Orange Book - B3
Firmware
Identification - Orange Book
48. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Security Policy - Orange Book
The National Computer Security Center (NCSC)
Division B - Mandatory Protection
Indexed addressing
49. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Reduced Instruction Set Computers (RISC)
Fail safe
The "No write Down" Rule
Logical addresses
50. TCB contains The Security Kernel and all ______________.
B3
security protection mechanisms
The Tranqulity principle (The Bell-LaPadula Model)
A Domain
