Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Government and military applications
Its classification label (Top Secret - Secret or confidential)
Be protected from modification

2. What does the simple security (ss) property mean in the Bell-LaPadula model?
Clark-Wilson
Firmware
Stored in Reak Memory
No read up

3. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
B2 - Structured Protection
D
Trusted Distribution
Orange Book - B2

4. Minimal Security
Orange Book - D
The Thread (memory Management)
The reference monitor
Reduced Instruction Set Computers (RISC)

5. The Orange book requires protection against two_____________ - which are these Timing and Storage
The Evaluated Products List (EPL) with their corresponding rating
Types of covert channels
Most commonly used approach
D

6. Which uses Protection Profiles and Security Targets?
Division D - Minimal Protection
C2
International Standard 15408
Ring 3

7. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
No read up
Be protected from modification
Fail safe
Implement software or systems in a production environment

8. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Dedicated Security Mode
Its Clearance Label (Top Secret - Secret - or Confidential)
Clark-Wilson Model
A Layered Operating System Architecure

9. Involves sharing the processor amoung all ready processes
Access Matrix model
Multitasking
Evaluated separately
The Simple Security Property

10. The combination of RAM - Cache and the Processor Registers
Prohibits
C1
First evaluation class
Primary storage

11. What are the components of an object's sensitivity label?
The Trusted Computing Base (TCB)
A Limit Register (Memory Management)
A single classification and a Compartment Set
Most commonly used approach

12. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Stored in Reak Memory
B3 - Rating
security protection mechanisms
Reduced Instruction Set Computers (RISC)

13. I/O drivers and utilities
B3 - Security Domains
A Layered Operating System Architecure
Ring 2
C2

14. Applications and user activity
Attributable data
NOT Integrity
The Common Criteria
Ring 3

15. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Security Policy
B2 rating
Bell-LaPadula Model
Mandatory Access Control (MAC)

16. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Swap Space
Sensitivity labels
The Security Kernel

17. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Thrashing
The Rule is talking about writing
Prevent secret information from being accessed
Continuous protection - O/B

18. A type of memory used for High-speed writing and reading activities.
Its Clearance Label (Top Secret - Secret - or Confidential)
Clark-Wilson Model
Direct Addressing
Cache Memory

19. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
First evaluation class
A single classification and a Compartment Set
Division B - Mandatory Protection

20. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Trusted Products Evaluation Program (TPEP)
A Domain
Clark-Wilson Model
Basic Security Theorem (used in computer science) definition

21. TCB contains The Security Kernel and all ______________.
Disclosure of residual data
No read down
Division B - Mandatory Protection Architecture
security protection mechanisms

22. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
The *-Property rule (Star property)
A1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)

23. Which describe a condition when RAM and Secondary storage are used together?
Documentation - Orange Book
Security Policy
Networks and Communications
Virtual storage

24. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Clark-Wilson
The reference monitor
Be protected from modification
Orange Book C

25. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
The Security Kernel
Ring 1
Ring 2

26. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Isolate processes
Direct Addressing
Trusted facility management
The Monolithic Operation system Architecture

27. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Trusted Distribution
Logical addresses
Polyinstantiation

28. A system uses the Reference Monitor to ___________________ of a subject and an object?
Controlling unauthorized downgrading of information
Compare the security labels
Indexed addressing
Need-to-know

29. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
The National Computer Security Center (NCSC)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Trusted Distribution
Operational assurance requirements

30. The C2 evaluation class of the _________________ offers controlled access protection.
Dedicated Security Mode
The rule is talking about "Reading"
Trusted Network Interpretation (TNI)
Need-to-know

31. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
International Standard 15408
The Integrity of data within applications
Complex Instruction Set Computers (CISC)

32. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
A1 - Rating
security protection mechanisms
Dominate the object's sensitivity label

33. A domain of trust that shares a single security policy and single management
A security domain
C2 - Controlled Access Protection
B1
A Base Register (Memory Management)

34. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Basic Security Theorem (used in computer science) definition
The "No read Up" rule
Types of covert channels

35. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The TCSEC - Aka Orange Book
Overt channel
Invocation Property
Discretionary Security Property (ds-property)

36. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Scalar processors
Access control to the objects by the subjects
Pipelining
System High Security Mode

37. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
An abstract machine
Division D - Minimal Protection
The reference monitor
Programmable Read-Only Memory (PROM)

38. Access control labels must be associated properly with objects.
Labels - Orange Book
No read up
attributability
The "No read Up" rule

39. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
A1 - Rating
An abstract machine
C2 - Controlled Access Protection

40. Contains the ending address
B3 - Rating
A Limit Register (Memory Management)
B3 - Security Domains
Security rating B

41. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Firmware
Orange Book B
D

42. A Policy based control. All objects and systems have a sensitivity level assigned to them
B1 - Labeled Security rating
C2
Programmable Read-Only Memory (PROM)
Mandatory Access Control (MAC)

43. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Totality of protection mechanisms
Division C - Discretionary Protection
Evaluated separately
Continuous protection - O/B

44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Simple Integrity Axiom
Thrashing
A Base Register (Memory Management)
Clark-Wilson

45. Which would be designated as objects on a MAC system?
B1
Files - directories and devices
Complex Instruction Set Computers (CISC)
Need-to-know

46. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
Orange Book - A1
The Trusted Computing Base (TCB)
Higher or equal to access class

47. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Overt channel
Controlling unauthorized downgrading of information
The Common Criteria
Complex Instruction Set Computers (CISC)

48. What is called the formal acceptance of the adequacy of a system's overall security by management?
The security kernel
Accreditation
Erasable and Programmable Read-Only Memory (EPROM)
The "No write Down" Rule

49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
C2 - Controlled Access Protection
Orange Book interpretations
Isolate processes
Multilevel Security Policies

50. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Storage and timing
Highly secure systems (B2 - B3 and A1)
Simple Security Rule
Erasable and Programmable Read-Only Memory (EPROM)

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests