SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Orange book requires protection against two_____________ - which are these Timing and Storage
B1 - Labeled Security rating
Primary storage
Types of covert channels
Controls the checks
2. What does the Clark-Wilson security model focus on
Certification
Integrity
The Trusted Computing Base (TCB)
The Common Criteria
3. Contains the beginning address
Physical security
Division C - Discretionary Protection
A Base Register (Memory Management)
Orange Book A
4. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
First evaluation class
Process isolation
The Monolithic Operation system Architecture
The Biba Model
5. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Pipelining
Continuous protection - O/B
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A Domain
7. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Orange Book C
Types of covert channels
Trusted Distribution
8. What is called the formal acceptance of the adequacy of a system's overall security by management?
Prohibits
Be protected from modification
Invocation Property
Accreditation
9. The security kernel is the mechanism that _____________ of the reference monitor concept.
C1 - Discrection Security Protection is a type of environment
The "No read Up" rule
Controlling unauthorized downgrading of information
Enforces the rules
10. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
The rule is talking about "Reading"
A1 - Rating
The Clark Wilson integrity model
The Evaluated Products List (EPL) with their corresponding rating
11. The Indexed memory addresses that software uses
Physical security
Polyinstantiation
Logical addresses
Reduced Instruction Set Computers (RISC)
12. As per FDA data should be ______________________________.
B3
C2 - Controlled Access Protection
Attributable - original - accurate - contemporaneous and legible
Swap Space
13. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Need-to-know
Security Policy is clearly defined and documented
Prohibits
The Trusted Computing Base (TCB)
14. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Orange Book - B2
No write down
Attributable - original - accurate - contemporaneous and legible
15. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Storage and timing
The Monolithic Operation system Architecture
B3 - Rating
Pagefile.sys file
16. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
B3 - Security Domains
Thrashing
Constrained
Administrative declaration
17. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Mandatory Access Control (MAC)
Trusted hardware - Software and Firmware
C2 - Controlled Access Protection
Evaluated separately
18. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Virtual storage
Secondary Storage
The Simple Security Property
19. Intended for environments that require systems to handle classified data.
A lattice of Intergrity Levels
Bell-LaPadula Model
Controlling unauthorized downgrading of information
B1 - Labeled Security rating
20. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Orange Book - B1
Controls the checks
Division C - Discretionary Protection
Thrashing
21. Individual subjects must be uniquely identified.
Identification - Orange Book
Orange Book B
The Evaluated Products List (EPL) with their corresponding rating
Direct addressing
22. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The Monolithic Operation system Architecture
Totality of protection mechanisms
Dedicated Security Mode
The security perimeter
23. A subject at a given clearance may not read an object at a higher classification
Multiprocessing
Ring 2
B2
The Simple Security Property
24. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Identification - Orange Book
Basic Security Theorem (used in computer science) definition
Examples of Layered Operating Systems
The *-Property rule (Star property)
25. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
security protection mechanisms
All Mandatory Access Control (MAC) systems
Disclosure of residual data
D
26. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
Dedicated Security Mode
Be protected from modification
Fail safe
27. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Logical addresses
The security perimeter
TCB (Trusted Computing Base)
28. The group that oversees the processes of evaluation within TCSEC is?
The Biba Model
B3 - Rating
Invocation Property
Trusted Products Evaluation Program (TPEP)
29. The Biba Model adresses _____________________.
Pipelining
Swap Space
A Layered Operating System Architecure
The Integrity of data within applications
30. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Complex Instruction Set Computers (CISC)
Covert channels
TCB (Trusted Computing Base)
31. A set of objects that a subject is able to access
Isolate processes
Life Cycle Assurance Requirement
A Domain
C1
32. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
The TCSEC - Aka Orange Book
Division C - Discretionary Protection
Operational assurance requirements
Covert channels
33. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Evaluated separately
C2
Clark-Wilson Model
Relative Addresses
34. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
A and B
Real storage
C2 - Controlled Access Protection
35. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Prevent secret information from being accessed
A lattice of Intergrity Levels
B2 rating
Buffer (temporary data storage area)
36. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Dominate the object's sensitivity label
Isolate processes
Most commonly used approach
Orange Book - A1
37. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Multiprocessing
A Layered Operating System Architecure
Need-to-know
38. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Accountability - Orange Book
Stored in Reak Memory
Life Cycle Assurance Requirement
The rule is talking about "Reading"
39. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Orange Book C
The "No write Down" Rule
Disclosure of residual data
40. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
The Trusted Computing Base (TCB)
No read up
Covert channels
Cache Memory
41. Applications and user activity
Trusted Distribution
Polyinstantiation
Ring 3
Orange Book A
42. When a portion of primary memory is accessed by specifying the actual address of the memory location
Fail safe
Direct addressing
B3 - Security Domains
Cache Memory
43. Documentation must be provided - including test - design - and specification document - user guides and manuals
C2 - Controlled Access Protection
Clark-Wilson
Primary storage
Documentation - Orange Book
44. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Erasable and Programmable Read-Only Memory (EPROM)
attributability
The Rule is talking about writing
B3
45. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Examples of Layered Operating Systems
B3 - Security Domains
Bell-LaPadula Model
A single classification and a Compartment Set
46. Based on a known address with an offset value applied.
Identification - Orange Book
Erasable and Programmable Read-Only Memory (EPROM)
Life Cycle Assurance Requirement
Relative Addresses
47. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
Orange Book - B1
Polyinstantiation
The "No read Up" rule
48. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Access control to the objects by the subjects
A security domain
C1
security protection mechanisms
49. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Certification
Covert channels
The Integrity of data within applications
50. Which is a straightforward approach that provides access rights to subjects for objects?
Simple Integrity Axiom
Indirect addressing
Direct Addressing
Access Matrix model
