SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Minimal Security
Orange Book - D
Labels - Orange Book
B1 - Labeled Security rating
Access control to the objects by the subjects
2. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
A Limit Register (Memory Management)
Security rating B
Types of covert channels
Simple Integrity Axiom
3. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Labels - Orange Book
Orange Book - B2
Covert channels
4. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Primary storage
B3
Files - directories and devices
5. What model use an access control triples and requires that the system maintain separation of duty ?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Controlling unauthorized downgrading of information
Clark-Wilson
The Biba Model
6. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Attributable data
Multilevel Security Policies
*-Integrity Axiom
The National Computer Security Center (NCSC)
7. Mandatory access control is enfored by the use of security labels.
Mandatory Access Control (MAC)
Absolute addresses
C1 - Discrection Security Protection is a type of environment
Division B - Mandatory Protection
8. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A security kernel
A lattice of Intergrity Levels
Buffer overflows
B1 - Labeled Security
9. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Security Policy is clearly defined and documented
Primary storage
Prevent secret information from being accessed
Pagefile.sys file
10. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Pagefile.sys file
Swap Space
Certification
Clark-Wilson
11. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The security perimeter
The Trusted Computing Base (TCB)
A Thread
C2 - Controlled Access Protection
12. Each data object must contain a classification label and each subject must have a clearance label.
International Standard 15408
B1 - Labeled Security
Attributable data
A Limit Register (Memory Management)
13. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Scalar processors
In C2 - Controlled Access Protection environment
NOT Integrity
14. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Cache Memory
The Simple Security Property
B3 - Rating
The security kernel
15. Which is an ISO standard product evaluation criteria that supersedes several different criteria
B3 - Rating
The Common Criteria
C2
Clark-Wilson
16. Bell-LaPadula model was proposed for enforcing access control in _____________________.
A Limit Register (Memory Management)
Swap Space
Government and military applications
Prohibits
17. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
The Strong star property rule
Controls the checks
18. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. Permits a database to have two records that are identical except for Their classifications
C1 - Discrection Security Protection is a type of environment
The Trusted Computing Base (TCB)
Polyinstantiation
Division C - Discretionary Protection
20. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
Models concerned with integrity
The Rule is talking about writing
Pagefile.sys file
21. TCB contains The Security Kernel and all ______________.
Compare the security labels
Dominate the object's sensitivity label
Access Matrix model
security protection mechanisms
22. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
The Clark Wilson integrity model
Access control to the objects by the subjects
Storage and timing
Mandatory access control
23. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Enforces the rules
Discretionary Security Property (ds-property)
Buffer (temporary data storage area)
Ring 1
24. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
A Limit Register (Memory Management)
Multiprocessing
Access Matrix model
D
25. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Overt channel
attributability
Mandatory Access Control (MAC)
26. Documentation must be provided - including test - design - and specification document - user guides and manuals
The Integrity of data within applications
C2 - Controlled Access Protection
Dedicated Security Mode
Documentation - Orange Book
27. Succesfully Evaluated products are placed on?
Indexed addressing
Access control to the objects by the subjects
The Evaluated Products List (EPL) with their corresponding rating
Evaluated separately
28. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Process isolation
Ring 2
Orange Book - B2
B3
29. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Stored in Reak Memory
Reduced Instruction Set Computers (RISC)
B1
30. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Implement software or systems in a production environment
attributability
Orange Book B
Multilevel Security Policies
31. What are the components of an object's sensitivity label?
Relative Addresses
A single classification and a Compartment Set
Trusted Distribution
Complex Instruction Set Computers (CISC)
32. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Isolate processes
Orange Book - B1
Access Matrix model
33. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
First evaluation class
Programmable Read-Only Memory (PROM)
Assigned labels
Ring 3
34. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
System High Security Mode
Cache Memory
Covert channels
35. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
The National Computer Security Center (NCSC)
Simple Security Rule
Process isolation
B2
36. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
Overt channel
Bell-LaPadula Model
Orange Book - D
37. Execute one instruction at a time.
An abstract machine
Trusted facility management
Constrained
Scalar processors
38. Mediates all access and Functions between subjects and objects.
The Security Kernel
An abstract machine
Security Policy
B1
39. Which Orange Book evaluation level is described as "Verified Design"?
Ring 1
A1
Security Policy is clearly defined and documented
Highly secure systems (B2 - B3 and A1)
40. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Controlling unauthorized downgrading of information
The Simple Security Property
Isolate processes
The TCSEC - Aka Orange Book
41. When the contents of the address defined in the program's instruction is added to that of an index register.
Security Policy - Orange Book
Evaluated separately
Indexed addressing
Orange Book - A1
42. The *-Property rule is refered to as ____________.
The security perimeter
The Thread (memory Management)
Clark-Wilson
The "No write Down" Rule
43. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Division D - Minimal Protection
Dedicated Security Mode
Need-to-know
Enforces the rules
44. The Reserved hard drive space used to to extend RAM capabilites.
Examples of Layered Operating Systems
Reduced Instruction Set Computers (RISC)
Swap Space
Constrained
45. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
Discretionary Security Property (ds-property)
C1 - Discretionary Security Protection
Compare the security labels
46. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Direct Addressing
Erasable and Programmable Read-Only Memory (EPROM)
Division B - Mandatory Protection Architecture
Scalar processors
47. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Security mechanisms and evalautes their effectivenes
Scalar processors
The security kernel
48. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
The Trusted Computing Base (TCB)
Orange Book - A1
Multitasking
Orange Book B
49. Subjects and Objects cannot change their security levels once they have been instantiated (created)
A1
Virtual Memory
B3 - Security Domains
The Tranqulity principle (The Bell-LaPadula Model)
50. The Orange book does NOT Cover ________________ - And Database management systems
Physical security
Networks and Communications
Programmable Read-Only Memory (PROM)
Security Policy - Orange Book
