SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Verification Protection
Orange Book A
C1 - Discrection Security Protection is a type of environment
A lattice of Intergrity Levels
Be protected from modification
2. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Swap Space
The reference monitor
Sensitivity labels
3. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Physical security
A Layered Operating System Architecure
Security Policy is clearly defined and documented
4. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
International Standard 15408
Indirect addressing
Orange Book B
5. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
A security domain
Dedicated Security Mode
The Simple Security Property
Real storage
6. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Ring 2
Orange Book - B3
C2 - Controlled Access Protection
7. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Orange Book interpretations
The Tranqulity principle (The Bell-LaPadula Model)
A lattice of Intergrity Levels
8. Minimal Security
Orange Book - D
International Standard 15408
Division C - Discretionary Protection
Firmware
9. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
NOT Integrity
Evaluated separately
Polyinstantiation
Discretionary Security Property (ds-property)
10. Contains the ending address
A and B
Dedicated Security Mode
A security domain
A Limit Register (Memory Management)
11. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
C2 - Controlled Access Protection
Clark-Wilson
Complex Instruction Set Computers (CISC)
A1
12. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
The National Computer Security Center (NCSC)
A and B
Invocation Property
A Domain
13. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Higher or equal to access class
Highly secure systems (B2 - B3 and A1)
Identification - Orange Book
14. The assignment of a specific individual to administer the security-related functions of a system.
Orange Book - B1
Trusted facility management
Accountability - Orange Book
Scalar processors
15. The Bell-LaPadula Model is a _______________.
The Evaluated Products List (EPL) with their corresponding rating
Subject to Object Model
No read up
International Standard 15408
16. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Virtual Memory
Security mechanisms and evalautes their effectivenes
Administrative declaration
B2 rating
17. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
The security perimeter
Logical addresses
Sensitivity labels
18. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Multiprocessing
Controls the checks
Simple Integrity Axiom
Enforces the rules
19. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Division D - Minimal Protection
Ring 1
The Evaluated Products List (EPL) with their corresponding rating
20. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
The Security Kernel
Polyinstantiation
Life-cycle assurance - O/B
All Mandatory Access Control (MAC) systems
21. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Its classification label (Top Secret - Secret or confidential)
Clark-Wilson Model
B2 rating
22. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
B2 - Structured Protection
Need-to-know
Compare the security labels
23. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Virtual storage
Continuous protection - O/B
Erasable and Programmable Read-Only Memory (EPROM)
24. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Its Clearance Label (Top Secret - Secret - or Confidential)
Polyinstantiation
security protection mechanisms
25. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
B3 - Security Domains
The rule is talking about "Reading"
B3
C1
26. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Division B - Mandatory Protection Architecture
Trusted Products Evaluation Program (TPEP)
Its Clearance Label (Top Secret - Secret - or Confidential)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
27. Which TCSEC level first addresses object reuse?
An abstract machine
C2
Be protected from modification
Controls the checks
28. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Invocation Property
Buffer (temporary data storage area)
B3 - Security Domains
29. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Relative Addresses
Orange Book - B3
Operational assurance requirements
Division D - Minimal Protection
30. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
C2 - Controlled Access Protection
Programmable Read-Only Memory (PROM)
A1 - Rating
31. What access control technique is also known as multilevel security?
B3
Identification - Orange Book
Mandatory access control
Ring 3
32. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
The National Computer Security Center (NCSC)
'Dominate'
Buffer (temporary data storage area)
The National Computer Security Center (NCSC)
33. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The security perimeter
B3
Discretionary Security Property (ds-property)
B3 - Security Domains
34. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Trusted facility management
Multiprocessing
Compare the security labels
attributability
35. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The "No write Down" Rule
Division B - Mandatory Protection Architecture
Attributable data
Security Policy is clearly defined and documented
36. The Security Model Incorporates the ____________ that should be enforced in the system.
A security kernel
Higher or equal to access class
Security Policy
A1 - Rating
37. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
A1
First evaluation class
NOT Integrity
The Simple Security Property
38. The Simple Security rule is refered to as______________.
First evaluation class
B3
The "No read Up" rule
Types of covert channels
39. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
Cache Memory
Division D - Minimal Protection
The security kernel
40. What model use an access control triples and requires that the system maintain separation of duty ?
The Common Criteria
Clark-Wilson
A security domain
Fail safe
41. The combination of RAM - Cache and the Processor Registers
A and B
Ring 1
Dedicated Security Mode
Primary storage
42. Which describe a condition when RAM and Secondary storage are used together?
Programmable Read-Only Memory (PROM)
Attributable - original - accurate - contemporaneous and legible
Virtual storage
Enforces the rules
43. The subject must have Need to Know for ONLY the information they are trying to access.
Life-cycle assurance - O/B
System High Security Mode
A Limit Register (Memory Management)
Firmware
44. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
attributability
Multilevel Security Policies
B1 - Labeled Security
C2 - Controlled Access Protection
45. When the address location that is specified in the program instruction contains the address of the final desired location.
Certification
Indirect addressing
C2 - Controlled Access Protection
Ring 3
46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Clark-Wilson Model
Basic Security Theorem (used in computer science) definition
The Biba Model
Security mechanisms and evalautes their effectivenes
47. Operating System Kernel
B3 - Rating
The trustworthiness of an information system
TCB (Trusted Computing Base)
Ring 0
48. In access control terms - the word "dominate" refers to ___________.
Orange Book - B2
Bell-LaPadula Model
Higher or equal to access class
C1 - Discrection Security Protection is a type of environment
49. Contains the beginning address
Protection Rings Support
A Base Register (Memory Management)
The Red Book
Clark-Wilson Model
50. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Bell-LaPadula Model
Firmware
Orange Book interpretations
Controls the checks
