Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A domain of trust that shares a single security policy and single management






2. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






3. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






4. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


5. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






6. The combination of RAM - Cache and the Processor Registers






7. Mandatory Access requires that _____________ be attached to all objects.






8. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






9. The *-Property rule is refered to as ____________.






10. As per FDA data should be ______________________________.






11. What does the Clark-Wilson security model focus on






12. Which would be designated as objects on a MAC system?






13. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






14. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






15. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






16. The Physical memory address that the CPU uses






17. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






18. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






19. What is called the formal acceptance of the adequacy of a system's overall security by management?






20. When a computer uses more than one CPU in parallel to execute instructions is known as?






21. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






22. The Security Model Incorporates the ____________ that should be enforced in the system.






23. Execute one instruction at a time.






24. In the Bell-LaPadula Model the Subject's Label contains ___________________.






25. The C2 evaluation class of the _________________ offers controlled access protection.






26. Which can be used as a covert channel?






27. What model use an access control triples and requires that the system maintain separation of duty ?






28. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






29. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






30. Mediates all access and Functions between subjects and objects.






31. Documentation must be provided - including test - design - and specification document - user guides and manuals






32. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






33. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






34. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






35. The TCB is the ________________ within a computer system that work together to enforce a security policy.






36. Access control labels must be associated properly with objects.






37. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






38. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






39. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






40. The Orange book requires protection against two_____________ - which are these Timing and Storage






41. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






42. Happen because input data is not checked for appropriate length at time of input






43. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






45. A set of objects that a subject is able to access






46. Individual subjects must be uniquely identified.






47. According to the Orange Book - trusted facility management is not required for which security levels?






48. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. Permits a database to have two records that are identical except for Their classifications






50. Each data object must contain a classification label and each subject must have a clearance label.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests