Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






2. The Indexed memory addresses that software uses






3. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






4. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






5. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






6. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






7. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






8. According to the Orange Book - trusted facility management is not required for which security levels?






9. Discretionary protection






10. In the Bell-LaPadula Model the Subject's Label contains ___________________.






11. The Simple Security rule is refered to as______________.






12. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






13. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






14. I/O drivers and utilities






15. What is called the formal acceptance of the adequacy of a system's overall security by management?






16. The Biba Model adresses _____________________.






17. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






18. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






19. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






20. Succesfully Evaluated products are placed on?






21. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






22. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






23. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






24. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






25. The Physical memory address that the CPU uses






26. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






27. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






28. The combination of RAM - Cache and the Processor Registers






29. The C2 evaluation class of the _________________ offers controlled access protection.






30. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






31. Which increases the performance in a computer by overlapping the steps of different instructions?






32. When the address location that is specified in the program instruction contains the address of the final desired location.






33. A domain of trust that shares a single security policy and single management






34. A type of memory used for High-speed writing and reading activities.






35. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






36. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






37. What does the Clark-Wilson security model focus on






38. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






39. Which in the Orange Book ratings represents the highest level of trust?






40. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






41. Remaining parts of the operating system






42. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






43. Bell-LaPadula model was proposed for enforcing access control in _____________________.






44. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






45. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






46. A system uses the Reference Monitor to ___________________ of a subject and an object?






47. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






48. Execute one instruction at a time.






49. Involves sharing the processor amoung all ready processes






50. Each data object must contain a classification label and each subject must have a clearance label.