SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Simpler instructions that require fewer clock cycles to execute.
Direct addressing
Reduced Instruction Set Computers (RISC)
C1 - Discrection Security Protection is a type of environment
Ring 2
2. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Swap Space
Isolate processes
Be protected from modification
Ring 0
3. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Absolute addresses
Bell-LaPadula Model
Controlling unauthorized downgrading of information
4. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Security Policy - Orange Book
Multilevel Security Policies
security protection mechanisms
The Biba Model
5. Which is a straightforward approach that provides access rights to subjects for objects?
Operational assurance requirements
Controlling unauthorized downgrading of information
Erasable and Programmable Read-Only Memory (EPROM)
Access Matrix model
6. A system uses the Reference Monitor to ___________________ of a subject and an object?
Relative Addresses
Orange Book B
Compare the security labels
Need-to-know
7. Which describe a condition when RAM and Secondary storage are used together?
A Domain
Virtual storage
The "No read Up" rule
The "No write Down" Rule
8. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
The "No read Up" rule
Trusted Products Evaluation Program (TPEP)
In C2 - Controlled Access Protection environment
Orange Book B
9. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
C2
Types of covert channels
Overt channel
All Mandatory Access Control (MAC) systems
10. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Reduced Instruction Set Computers (RISC)
Files - directories and devices
Integrity
Division D - Minimal Protection
11. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Strong star property rule
C1 - Discrection Security Protection is a type of environment
The Red Book
Integrity
12. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
attributability
Models concerned with integrity
Examples of Layered Operating Systems
13. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
The rule is talking about "Reading"
Thrashing
Trusted Network Interpretation (TNI)
A Domain
14. As per FDA data should be ______________________________.
Direct addressing
Attributable - original - accurate - contemporaneous and legible
Cache Memory
Its Clearance Label (Top Secret - Secret - or Confidential)
15. The Bell-LaPadula model Subjects and Objects are ___________.
Overt channel
Attributable - original - accurate - contemporaneous and legible
NOT Integrity
Assigned labels
16. When the contents of the address defined in the program's instruction is added to that of an index register.
Accountability - Orange Book
Orange Book interpretations
Clark-Wilson
Indexed addressing
17. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
The Strong star property rule
attributability
Most commonly used approach
18. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Security mechanisms and evalautes their effectivenes
The trustworthiness of an information system
The Rule is talking about writing
In C2 - Controlled Access Protection environment
19. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
Compare the security labels
Orange Book B
security protection mechanisms
20. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security domain
A security kernel
Complex Instruction Set Computers (CISC)
Certification
21. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Orange Book interpretations
Discretionary Security Property (ds-property)
The Common Criteria
The Simple Security Property
22. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
A security kernel
In C2 - Controlled Access Protection environment
Access Matrix model
The security perimeter
23. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Monolithic Operation system Architecture
Scalar processors
The Simple Security Property
The Common Criteria
24. Mediates all access and Functions between subjects and objects.
Continuous protection - O/B
C2 - Controlled Access Protection
Discretionary Security Property (ds-property)
The Security Kernel
25. A set of objects that a subject is able to access
Complex Instruction Set Computers (CISC)
B1
A Domain
Pagefile.sys file
26. When the address location that is specified in the program instruction contains the address of the final desired location.
Ring 0
Indirect addressing
Controls the checks
Continuous protection - O/B
27. The Indexed memory addresses that software uses
Logical addresses
Access Matrix model
Ring 2
A single classification and a Compartment Set
28. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
C2
Totality of protection mechanisms
Cache Memory
29. According to the Orange Book - trusted facility management is not required for which security levels?
Division D - Minimal Protection
Direct addressing
Attributable data
B1
30. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
C1 - Discretionary Security Protection
Clark-Wilson Model
Government and military applications
B1 - Labeled Security rating
31. The Physical memory address that the CPU uses
Trusted Distribution
A single classification and a Compartment Set
Examples of Layered Operating Systems
Absolute addresses
32. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Its classification label (Top Secret - Secret or confidential)
Continuous protection - O/B
Division B - Mandatory Protection
33. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Division B - Mandatory Protection
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book - B1
Continuous protection - O/B
34. Based on a known address with an offset value applied.
Relative Addresses
Ring 1
Orange Book - D
Multiprocessing
35. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Swap Space
Accreditation
Controlling unauthorized downgrading of information
36. I/O drivers and utilities
The Common Criteria
Ring 2
Execution Domain
Indirect addressing
37. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Simple Security Rule
Division B - Mandatory Protection
Trusted hardware - Software and Firmware
38. The Reserved hard drive space used to to extend RAM capabilites.
Basic Security Theorem (used in computer science) definition
System High Security Mode
The National Computer Security Center (NCSC)
Swap Space
39. Data in Cache can be accessed much more quickly than Data
Reduced Instruction Set Computers (RISC)
Stored in Reak Memory
Trusted Network Interpretation (TNI)
A Layered Operating System Architecure
40. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Primary storage
The Clark Wilson integrity model
Prohibits
All Mandatory Access Control (MAC) systems
41. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division D - Minimal Protection
The Monolithic Operation system Architecture
Division C - Discretionary Protection
Pipelining
42. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
The Clark Wilson integrity model
Security Policy - Orange Book
Isolate processes
Protection Rings Support
43. Contains an Address of where the instruction and dara reside that need to be processed.
Orange Book interpretations
Need-to-know
Swap Space
The Thread (memory Management)
44. Access control labels must be associated properly with objects.
'Dominate'
C1 - Discrection Security Protection is a type of environment
Indexed addressing
Labels - Orange Book
45. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
The Monolithic Operation system Architecture
Labels - Orange Book
First evaluation class
46. Individual subjects must be uniquely identified.
Logical addresses
Identification - Orange Book
The security perimeter
Continuous protection - O/B
47. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
System High Security Mode
A security domain
Security mechanisms and evalautes their effectivenes
48. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
The TCSEC - Aka Orange Book
The security kernel
Covert channels
49. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Access control to the objects by the subjects
C2 - Controlled Access Protection
B2 - Structured Protection
Stored in Reak Memory
50. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Fail safe
Totality of protection mechanisms
C1 - Discrection Security Protection is a type of environment
C2 - Controlled Access Protection