SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which TCSEC level first addresses object reuse?
C2
State machine model
The Clark Wilson integrity model
C2 - Controlled Access Protection
2. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Real storage
The National Computer Security Center (NCSC)
Trusted Distribution
The security kernel
3. Should always trace to individuals responsible for observing and recording the data
Attributable data
Documentation - Orange Book
A1
Simple Integrity Axiom
4. Minimal Security
Its Clearance Label (Top Secret - Secret - or Confidential)
Orange Book C
Orange Book - D
Orange Book - B2
5. According to the Orange Book - trusted facility management is not required for which security levels?
The Monolithic Operation system Architecture
'Dominate'
The National Computer Security Center (NCSC)
B1
6. TCB contains The Security Kernel and all ______________.
Compare the security labels
B3 - Rating
security protection mechanisms
Ring 1
7. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Totality of protection mechanisms
No read down
Constrained
Highly secure systems (B2 - B3 and A1)
8. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Discretionary Security Property (ds-property)
B2
The reference monitor
The security perimeter
9. Contains an Address of where the instruction and dara reside that need to be processed.
Simple Integrity Axiom
Pagefile.sys file
Execution Domain
The Thread (memory Management)
10. What does the simple integrity axiom mean in the Biba model?
No read down
Relative Addresses
Dominate the object's sensitivity label
Labels - Orange Book
11. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Compare the security labels
Physical security
The *-Property rule (Star property)
All Mandatory Access Control (MAC) systems
12. Can be erased - modified and upgraded.
Attributable - original - accurate - contemporaneous and legible
Erasable and Programmable Read-Only Memory (EPROM)
Controlling unauthorized downgrading of information
Trusted Products Evaluation Program (TPEP)
13. A domain of trust that shares a single security policy and single management
Enforces the rules
A and B
A security domain
Pipelining
14. What is called the formal acceptance of the adequacy of a system's overall security by management?
Firmware
*-Integrity Axiom
Accreditation
Overt channel
15. The Reserved hard drive space used to to extend RAM capabilites.
Operational assurance requirements
Swap Space
Virtual Memory
C2
16. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
C2 - Controlled Access Protection
Relative Addresses
Multilevel Security Policies
Covert channels
17. What does the * (star) property mean in the Bell-LaPadula model?
Virtual storage
Be protected from modification
Security rating B
No write down
18. Which Orange Book evaluation level is described as "Verified Design"?
Pipelining
B3 - Security Domains
A1
The Biba Model
19. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
B3
C1
B3
Orange Book - B1
20. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Be protected from modification
Accountability - Orange Book
Multilevel Security Policies
21. Contains the beginning address
A Base Register (Memory Management)
Direct addressing
Access Matrix model
Orange Book B
22. In the Bell-LaPadula Model the Object's Label contains ___________________.
Orange Book C
Dominate the object's sensitivity label
Constrained
Its classification label (Top Secret - Secret or confidential)
23. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
The Common Criteria
Swap Space
Cache Memory
C2
24. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Networks and Communications
The Tranqulity principle (The Bell-LaPadula Model)
Trusted hardware - Software and Firmware
Operational assurance requirements
25. A Policy based control. All objects and systems have a sensitivity level assigned to them
The Rule is talking about writing
Mandatory Access Control (MAC)
Fail safe
The Strong star property rule
26. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Higher or equal to access class
Sensitivity labels
Trusted hardware - Software and Firmware
Prohibits
27. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
Orange Book - D
Attributable - original - accurate - contemporaneous and legible
Multilevel Security Policies
28. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Division B - Mandatory Protection
The Security Kernel
Basic Security Theorem (used in computer science) definition
The Simple Security Property
29. Succesfully Evaluated products are placed on?
The Strong star property rule
The Security Kernel
Access Matrix model
The Evaluated Products List (EPL) with their corresponding rating
30. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Direct addressing
The National Computer Security Center (NCSC)
'Dominate'
Be protected from modification
31. The combination of RAM - Cache and the Processor Registers
B1
Multiprocessing
Primary storage
Identification - Orange Book
32. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Constrained
Multilevel Security Policies
Its classification label (Top Secret - Secret or confidential)
A1
33. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Ring 2
Real storage
Swap Space
Division B - Mandatory Protection
34. Simpler instructions that require fewer clock cycles to execute.
The TCSEC - Aka Orange Book
Reduced Instruction Set Computers (RISC)
Implement software or systems in a production environment
Controlling unauthorized downgrading of information
35. The subject must have Need to Know for ONLY the information they are trying to access.
The trustworthiness of an information system
System High Security Mode
Security Policy - Orange Book
Ring 2
36. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Identification - Orange Book
Access control to the objects by the subjects
The Red Book
B3 - Security Domains
37. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
A and B
Multilevel Security Policies
Security rating B
Division C - Discretionary Protection
38. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
First evaluation class
Execution Domain
C2 - Controlled Access Protection
Assigned labels
39. Discretionary protection
B3
Thrashing
Orange Book C
Multiprocessing
40. The security kernel is the mechanism that _____________ of the reference monitor concept.
Bell-LaPadula Model
Enforces the rules
The National Computer Security Center (NCSC)
C1 - Discrection Security Protection is a type of environment
41. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
In C2 - Controlled Access Protection environment
A1 - Rating
C2
Implement software or systems in a production environment
42. What model use an access control triples and requires that the system maintain separation of duty ?
Documentation - Orange Book
Discretionary Security Property (ds-property)
A Layered Operating System Architecure
Clark-Wilson
43. The Bell-LaPadula Model is a _______________.
'Dominate'
Complex Instruction Set Computers (CISC)
Subject to Object Model
Dedicated Security Mode
44. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Isolate processes
Administrative declaration
The National Computer Security Center (NCSC)
The Tranqulity principle (The Bell-LaPadula Model)
45. System Architecture that separates system functionality into Hierarchical layers
B2 rating
Security mechanisms and evalautes their effectivenes
Security Policy is clearly defined and documented
A Layered Operating System Architecure
46. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The *-Property rule (Star property)
C2 - Controlled Access Protection
Most commonly used approach
Controls the checks
47. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Access control to the objects by the subjects
B1
B3 - Rating
Controlling unauthorized downgrading of information
48. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Physical security
Complex Instruction Set Computers (CISC)
Execution Domain
50. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Reduced Instruction Set Computers (RISC)
No write down
Orange Book interpretations
No read down
