Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Verification Protection






2. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






3. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






4. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






5. Operating System Kernel






6. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






7. When the contents of the address defined in the program's instruction is added to that of an index register.






8. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






10. What model use an access control triples and requires that the system maintain separation of duty ?






11. Which in the Orange Book ratings represents the highest level of trust?






12. When a computer uses more than one CPU in parallel to execute instructions is known as?






13. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






14. Execute one instruction at a time.






15. What does the simple integrity axiom mean in the Biba model?






16. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






17. According to the Orange Book - trusted facility management is not required for which security levels?






18. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






19. What prevents a process from accessing another process' data?






20. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






21. Happen because input data is not checked for appropriate length at time of input






22. The Indexed memory addresses that software uses






23. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






24. Which can be used as a covert channel?






25. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






26. Which is an ISO standard product evaluation criteria that supersedes several different criteria






27. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






28. The Biba Model adresses _____________________.






29. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






30. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






31. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






32. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






33. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






34. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






35. The TCB is the ________________ within a computer system that work together to enforce a security policy.






36. The Policy must be explicit and well defined and enforced by the mechanisms within the system






37. Simpler instructions that require fewer clock cycles to execute.






38. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






39. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






40. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






41. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






42. Contains the ending address






43. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






44. Which TCSEC level first addresses object reuse?






45. The Reserved hard drive space used to to extend RAM capabilites.






46. The assignment of a specific individual to administer the security-related functions of a system.






47. In access control terms - the word "dominate" refers to ___________.






48. Each data object must contain a classification label and each subject must have a clearance label.






49. Which increases the performance in a computer by overlapping the steps of different instructions?






50. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.