Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






2. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






3. Access control labels must be associated properly with objects.






4. When the contents of the address defined in the program's instruction is added to that of an index register.






5. TCB contains The Security Kernel and all ______________.






6. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






7. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






8. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






9. When the RAM and secondary storage are combined the result is __________.






10. Individual subjects must be uniquely identified.






11. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






12. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






13. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






14. Which would be designated as objects on a MAC system?






15. When a vendor submits a product for evaluation - it submits it to the ____________.






16. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






17. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






18. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






19. Mandatory Access requires that _____________ be attached to all objects.






20. What is called the formal acceptance of the adequacy of a system's overall security by management?






21. What prevents a process from accessing another process' data?






22. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






23. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






24. Which is a straightforward approach that provides access rights to subjects for objects?






25. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






26. Should always trace to individuals responsible for observing and recording the data






27. Happen because input data is not checked for appropriate length at time of input






28. Simpler instructions that require fewer clock cycles to execute.






29. Mandatory access control is enfored by the use of security labels.






30. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






31. The Orange book does NOT Cover ________________ - And Database management systems






32. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






33. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






34. In the Bell-LaPadula Model the Subject's Label contains ___________________.






35. The security kernel is the mechanism that _____________ of the reference monitor concept.






36. A type of memory used for High-speed writing and reading activities.






37. Trusted facility management is an assurance requirement only for ________________.






38. The TCB is the ________________ within a computer system that work together to enforce a security policy.






39. Which TCSEC level first addresses object reuse?






40. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






41. Operating System Kernel






42. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. Data in Cache can be accessed much more quickly than Data






44. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






45. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






47. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






48. The C2 evaluation class of the _________________ offers controlled access protection.






49. Intended for environments that require systems to handle classified data.






50. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)