SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Access Matrix model
No read down
The security perimeter
2. The Bell-LaPadula Model is a _______________.
Subject to Object Model
Labels - Orange Book
Operational assurance requirements
No read down
3. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The "No write Down" Rule
Controls the checks
The security perimeter
The security kernel
4. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Orange Book - D
Covert channels
Real storage
5. What are the components of an object's sensitivity label?
Life Cycle Assurance Requirement
Prevent secret information from being accessed
The Clark Wilson integrity model
A single classification and a Compartment Set
6. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
Prohibits
Firmware
In C2 - Controlled Access Protection environment
7. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Attributable - original - accurate - contemporaneous and legible
B1 - Labeled Security rating
Erasable and Programmable Read-Only Memory (EPROM)
Physical security
8. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
A1
Division C - Discretionary Protection
Multiprocessing
9. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Buffer (temporary data storage area)
C2 - Controlled Access Protection
Complex Instruction Set Computers (CISC)
Orange Book - B3
10. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Thrashing
Overt channel
Trusted Distribution
Protection Rings Support
11. System Architecture that separates system functionality into Hierarchical layers
Examples of Layered Operating Systems
A Layered Operating System Architecure
Indexed addressing
An abstract machine
12. Involves sharing the processor amoung all ready processes
Stored in Reak Memory
Multitasking
Ring 1
A Base Register (Memory Management)
13. Access control labels must be associated properly with objects.
Trusted facility management
No read down
Dominate the object's sensitivity label
Labels - Orange Book
14. The Orange book does NOT Cover ________________ - And Database management systems
Life Cycle Assurance Requirement
C2 - Controlled Access Protection
Physical security
Networks and Communications
15. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Accountability - Orange Book
B1 - Labeled Security
B3 - Rating
B3 - Security Domains
16. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
C2 - Controlled Access Protection
The security perimeter
The reference monitor
17. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
Primary storage
Its classification label (Top Secret - Secret or confidential)
Fail safe
18. The *-Property rule is refered to as ____________.
Continuous protection - O/B
Trusted Network Interpretation (TNI)
Controlling unauthorized downgrading of information
The "No write Down" Rule
19. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
A1
Absolute addresses
Bell-LaPadula Model
Division B - Mandatory Protection Architecture
20. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
B3
Ring 1
Controls the checks
21. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Enforces the rules
The Strong star property rule
Its Clearance Label (Top Secret - Secret - or Confidential)
Trusted Products Evaluation Program (TPEP)
22. The C2 evaluation class of the _________________ offers controlled access protection.
The Rule is talking about writing
Trusted Network Interpretation (TNI)
Multitasking
C1 - Discrection Security Protection is a type of environment
23. The subject must have Need to Know for ONLY the information they are trying to access.
Ring 1
No read up
System High Security Mode
security protection mechanisms
24. Which is an ISO standard product evaluation criteria that supersedes several different criteria
*-Integrity Axiom
The Common Criteria
Orange Book - B1
B2 - Structured Protection
25. Each data object must contain a classification label and each subject must have a clearance label.
attributability
Orange Book - B1
B1 - Labeled Security
Swap Space
26. Which is a straightforward approach that provides access rights to subjects for objects?
Firmware
Virtual Memory
Access Matrix model
Networks and Communications
27. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
The Strong star property rule
Orange Book C
Virtual Memory
Orange Book - B3
28. Individual subjects must be uniquely identified.
Identification - Orange Book
Direct addressing
B3
Pipelining
29. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
In C2 - Controlled Access Protection environment
Thrashing
B3
The Common Criteria
30. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Ring 3
Accreditation
A1 - Rating
31. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
Direct Addressing
TCB (Trusted Computing Base)
Need-to-know
32. Which TCSEC level first addresses object reuse?
B3 - Rating
Buffer (temporary data storage area)
C2
C1 - Discrection Security Protection is a type of environment
33. What does the simple security (ss) property mean in the Bell-LaPadula model?
Trusted Network Interpretation (TNI)
No read up
The Clark Wilson integrity model
The trustworthiness of an information system
34. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Direct addressing
Simple Security Rule
The reference monitor
35. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Government and military applications
Direct Addressing
C2 - Controlled Access Protection
Division C - Discretionary Protection
36. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2
C2 - Controlled Access Protection
Logical addresses
The trustworthiness of an information system
37. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
B2
Dedicated Security Mode
Be protected from modification
Need-to-know
38. Discretionary protection
Orange Book C
The trustworthiness of an information system
Scalar processors
A1 - Rating
39. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Highly secure systems (B2 - B3 and A1)
A and B
Basic Security Theorem (used in computer science) definition
Subject to Object Model
40. What does the * (star) property mean in the Bell-LaPadula model?
No write down
Its classification label (Top Secret - Secret or confidential)
Access control to the objects by the subjects
The security perimeter
41. When a vendor submits a product for evaluation - it submits it to the ____________.
Subject to Object Model
Secondary Storage
Primary storage
The National Computer Security Center (NCSC)
42. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Life-cycle assurance - O/B
The Tranqulity principle (The Bell-LaPadula Model)
43. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Absolute addresses
Simple Security Rule
The TCSEC - Aka Orange Book
Ring 3
44. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Ring 0
Division C - Discretionary Protection
Implement software or systems in a production environment
B3 - Security Domains
45. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Polyinstantiation
Orange Book interpretations
Overt channel
Buffer overflows
46. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Orange Book ratings
Stored in Reak Memory
Operational assurance requirements
Security Policy - Orange Book
47. The Reserved hard drive space used to to extend RAM capabilites.
An abstract machine
Trusted Network Interpretation (TNI)
A1 - Rating
Swap Space
48. The Bell-LaPadula model Subjects and Objects are ___________.
In C2 - Controlled Access Protection environment
Totality of protection mechanisms
The "No write Down" Rule
Assigned labels
49. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
No write down
Ring 0
Basic Security Theorem (used in computer science) definition
Highly secure systems (B2 - B3 and A1)
50. Applications and user activity
The reference monitor
Multiprocessing
International Standard 15408
Ring 3
