SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Bell-LaPadula Model is a _______________.
B3 - Rating
The National Computer Security Center (NCSC)
Subject to Object Model
Clark-Wilson Model
2. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
C2 - Controlled Access Protection
Continuous protection - O/B
C2
Fail safe
3. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Discretionary Security Property (ds-property)
Trusted facility management
The Strong star property rule
4. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
A Thread
Models concerned with integrity
Multitasking
5. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
First evaluation class
Erasable and Programmable Read-Only Memory (EPROM)
*-Integrity Axiom
6. Which describe a condition when RAM and Secondary storage are used together?
security protection mechanisms
Clark-Wilson
Ring 3
Virtual storage
7. When a vendor submits a product for evaluation - it submits it to the ____________.
Examples of Layered Operating Systems
The National Computer Security Center (NCSC)
Enforces the rules
Operational assurance requirements
8. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Certification
Higher or equal to access class
The security kernel
9. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Enforces the rules
Execution Domain
Ring 0
10. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
Trusted hardware - Software and Firmware
Orange Book C
B2 - Structured Protection
11. The *-Property rule is refered to as ____________.
C2 - Controlled Access Protection
Pipelining
The "No write Down" Rule
Swap Space
12. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Dedicated Security Mode
D
Stored in Reak Memory
13. Succesfully Evaluated products are placed on?
The TCSEC - Aka Orange Book
Simple Security Rule
The Evaluated Products List (EPL) with their corresponding rating
Ring 0
14. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Real storage
The Biba Model
Compare the security labels
The Rule is talking about writing
15. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Dedicated Security Mode
The security perimeter
The security kernel
The reference monitor
16. In the Bell-LaPadula Model the Object's Label contains ___________________.
Sensitivity labels
B1 - Labeled Security rating
Files - directories and devices
Its classification label (Top Secret - Secret or confidential)
17. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
C2
Prevent secret information from being accessed
Division B - Mandatory Protection
18. Happen because input data is not checked for appropriate length at time of input
Indexed addressing
Orange Book - B1
Buffer overflows
All Mandatory Access Control (MAC) systems
19. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Disclosure of residual data
C2
The Evaluated Products List (EPL) with their corresponding rating
20. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Swap Space
Orange Book - B2
Ring 0
21. When the address location that is specified in the program instruction contains the address of the final desired location.
The Simple Security Property
Indirect addressing
The rule is talking about "Reading"
Trusted Network Interpretation (TNI)
22. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Ring 0
security protection mechanisms
The reference monitor
23. Mediates all access and Functions between subjects and objects.
Trusted Products Evaluation Program (TPEP)
Thrashing
C1 - Discretionary Security Protection
The Security Kernel
24. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
The Security Kernel
NOT Integrity
State machine model
Division D - Minimal Protection
25. What access control technique is also known as multilevel security?
Mandatory access control
Orange Book - B1
Dedicated Security Mode
Cache Memory
26. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
A Thread
Relative Addresses
Life Cycle Assurance Requirement
Certification
27. What does the simple integrity axiom mean in the Biba model?
B1
Fail safe
No read down
The Thread (memory Management)
28. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Attributable - original - accurate - contemporaneous and legible
*-Integrity Axiom
Direct Addressing
First evaluation class
29. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
B1 - Labeled Security rating
Multiprocessing
Trusted Distribution
The security perimeter
30. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Dedicated Security Mode
Protection Rings Support
Discretionary Security Property (ds-property)
The rule is talking about "Reading"
31. Which can be used as a covert channel?
In C2 - Controlled Access Protection environment
Storage and timing
B1 - Labeled Security
Mandatory Access Control (MAC)
32. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
B2 - Structured Protection
Attributable - original - accurate - contemporaneous and legible
Orange Book - A1
Be protected from modification
33. Minimal Security
TCB (Trusted Computing Base)
Access control to the objects by the subjects
Orange Book - D
Virtual storage
34. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Disclosure of residual data
Attributable data
C2 - Controlled Access Protection
No read up
35. Involves sharing the processor amoung all ready processes
The Strong star property rule
The rule is talking about "Reading"
Multitasking
A and B
36. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Life-cycle assurance - O/B
Administrative declaration
attributability
Disclosure of residual data
37. The security kernel is the mechanism that _____________ of the reference monitor concept.
First evaluation class
TCB (Trusted Computing Base)
Enforces the rules
security protection mechanisms
38. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Cache Memory
The Trusted Computing Base (TCB)
Security Policy
Most commonly used approach
39. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Integrity
Simple Security Rule
Division D - Minimal Protection
Buffer overflows
40. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Scalar processors
Fail safe
Dedicated Security Mode
Controls the checks
41. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Its classification label (Top Secret - Secret or confidential)
Reduced Instruction Set Computers (RISC)
Sensitivity labels
42. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
The *-Property rule (Star property)
Bell-LaPadula Model
Physical security
Pagefile.sys file
43. A system uses the Reference Monitor to ___________________ of a subject and an object?
Examples of Layered Operating Systems
Compare the security labels
Dominate the object's sensitivity label
A security kernel
44. Which Orange Book evaluation level is described as "Verified Design"?
NOT Integrity
B3
A1
Security Policy - Orange Book
45. As per FDA data should be ______________________________.
Orange Book - D
Attributable - original - accurate - contemporaneous and legible
The National Computer Security Center (NCSC)
Enforces the rules
46. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Primary storage
Evaluated separately
Bell-LaPadula Model
The Simple Security Property
47. What are the components of an object's sensitivity label?
Constrained
A single classification and a Compartment Set
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Integrity of data within applications
48. The C2 evaluation class of the _________________ offers controlled access protection.
Direct Addressing
Trusted Network Interpretation (TNI)
Access Matrix model
Covert channels
49. The subject must have Need to Know for ONLY the information they are trying to access.
C1 - Discrection Security Protection is a type of environment
A security domain
Dedicated Security Mode
System High Security Mode
50. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson Model
D
Clark-Wilson
The Strong star property rule