Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






2. Applications and user activity






3. The Indexed memory addresses that software uses






4. What model use an access control triples and requires that the system maintain separation of duty ?






5. Which is an ISO standard product evaluation criteria that supersedes several different criteria






6. The C2 evaluation class of the _________________ offers controlled access protection.






7. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






8. The group that oversees the processes of evaluation within TCSEC is?






9. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






11. Intended for environments that require systems to handle classified data.






12. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






13. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






14. System Architecture that separates system functionality into Hierarchical layers






15. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






16. When a computer uses more than one CPU in parallel to execute instructions is known as?






17. Documentation must be provided - including test - design - and specification document - user guides and manuals






18. Permits a database to have two records that are identical except for Their classifications






19. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






20. When the contents of the address defined in the program's instruction is added to that of an index register.






21. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






22. TCB contains The Security Kernel and all ______________.






23. Succesfully Evaluated products are placed on?






24. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






25. What does the simple integrity axiom mean in the Biba model?






26. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






27. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






28. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






29. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






31. Individual subjects must be uniquely identified.






32. The Bell-LaPadula model Subjects and Objects are ___________.






33. The Biba Model adresses _____________________.






34. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






35. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






36. Which TCSEC level first addresses object reuse?






37. What are the components of an object's sensitivity label?






38. What is called the formal acceptance of the adequacy of a system's overall security by management?






39. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






40. Mandatory Access requires that _____________ be attached to all objects.






41. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






42. When the address location that is specified in the program instruction contains the address of the final desired location.






43. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






44. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






45. The Reserved hard drive space used to to extend RAM capabilites.






46. In the Bell-LaPadula Model the Object's Label contains ___________________.






47. All users have a clearance for and a formal need to know about - all data processed with the system.






48. I/O drivers and utilities






49. Which increases the performance in a computer by overlapping the steps of different instructions?






50. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests