SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Clark-Wilson Model
A1
B3
Access control to the objects by the subjects
2. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Identification - Orange Book
Cache Memory
Security rating B
Prevent secret information from being accessed
3. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Continuous protection - O/B
A and B
Firmware
The Strong star property rule
4. The combination of RAM - Cache and the Processor Registers
Primary storage
Protection Rings Support
Buffer (temporary data storage area)
C2
5. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Pagefile.sys file
Access Matrix model
The "No read Up" rule
Certification
6. The C2 evaluation class of the _________________ offers controlled access protection.
security protection mechanisms
Ring 0
Trusted Network Interpretation (TNI)
Labels - Orange Book
7. The security kernel is the mechanism that _____________ of the reference monitor concept.
Storage and timing
Isolate processes
A single classification and a Compartment Set
Enforces the rules
8. The Security Model Incorporates the ____________ that should be enforced in the system.
Logical addresses
Execution Domain
Multiprocessing
Security Policy
9. All users have a clearance for and a formal need to know about - all data processed with the system.
'Dominate'
Bell-LaPadula Model
The security kernel
Dedicated Security Mode
10. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
C2
Be protected from modification
A Base Register (Memory Management)
Access control to the objects by the subjects
11. In the Bell-LaPadula Model the Object's Label contains ___________________.
Assigned labels
Prohibits
Its classification label (Top Secret - Secret or confidential)
Implement software or systems in a production environment
12. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Erasable and Programmable Read-Only Memory (EPROM)
Covert channels
Continuous protection - O/B
Prevent secret information from being accessed
13. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
14. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Accreditation
Orange Book ratings
No write down
A lattice of Intergrity Levels
15. The Biba Model adresses _____________________.
The security kernel
Accreditation
Buffer overflows
The Integrity of data within applications
16. The Physical memory address that the CPU uses
Absolute addresses
The security perimeter
Pagefile.sys file
The "No write Down" Rule
17. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Totality of protection mechanisms
Orange Book - D
Protection Rings Support
C1 - Discrection Security Protection is a type of environment
18. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Attributable data
Pipelining
Orange Book - B2
Virtual Memory
19. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
B3
Prohibits
Higher or equal to access class
Fail safe
20. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
Access control to the objects by the subjects
Files - directories and devices
Ring 2
21. What does the * (star) property mean in the Bell-LaPadula model?
B3 - Rating
Security rating B
No write down
Ring 3
22. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Complex Instruction Set Computers (CISC)
Subject to Object Model
The Trusted Computing Base (TCB)
Orange Book - B1
23. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
No write down
Networks and Communications
A Thread
24. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Evaluated separately
All Mandatory Access Control (MAC) systems
25. What prevents a process from accessing another process' data?
Direct addressing
Process isolation
Simple Integrity Axiom
The Security Kernel
26. Mediates all access and Functions between subjects and objects.
A Thread
C2 - Controlled Access Protection
C2
The Security Kernel
27. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
C1 - Discretionary Security Protection
Orange Book interpretations
Logical addresses
Division B - Mandatory Protection Architecture
28. Which Orange Book evaluation level is described as "Verified Design"?
An abstract machine
Multitasking
The Biba Model
A1
29. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
The Integrity of data within applications
Swap Space
C2
30. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Simple Integrity Axiom
The Strong star property rule
*-Integrity Axiom
Orange Book C
31. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Implement software or systems in a production environment
Evaluated separately
Prohibits
D
32. Execute one instruction at a time.
C2
Mandatory access control
Direct addressing
Scalar processors
33. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Access Matrix model
Swap Space
Simple Security Rule
34. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Accreditation
B1 - Labeled Security rating
State machine model
Totality of protection mechanisms
35. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Higher or equal to access class
Accreditation
The TCSEC - Aka Orange Book
A lattice of Intergrity Levels
36. Another word for Primary storage and distinguishes physical memory from virtual memory.
Division D - Minimal Protection
Direct addressing
Real storage
Swap Space
37. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Polyinstantiation
No read up
Reduced Instruction Set Computers (RISC)
The security perimeter
38. A Policy based control. All objects and systems have a sensitivity level assigned to them
The Red Book
B2 rating
Mandatory Access Control (MAC)
Process isolation
39. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
Ring 0
Government and military applications
Polyinstantiation
40. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Files - directories and devices
Multilevel Security Policies
Trusted Network Interpretation (TNI)
The rule is talking about "Reading"
41. Involves sharing the processor amoung all ready processes
Direct addressing
Storage and timing
Be protected from modification
Multitasking
42. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
C2 - Controlled Access Protection
Execution Domain
Pagefile.sys file
43. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Networks and Communications
International Standard 15408
Programmable Read-Only Memory (PROM)
Life Cycle Assurance Requirement
44. What does the simple security (ss) property mean in the Bell-LaPadula model?
TCB (Trusted Computing Base)
Life Cycle Assurance Requirement
No read up
Accountability - Orange Book
45. TCSEC provides a means to evaluate ______________________.
Buffer overflows
The trustworthiness of an information system
C1 - Discrection Security Protection is a type of environment
The Common Criteria
46. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Trusted facility management
B3
Accreditation
The Rule is talking about writing
47. Mandatory Access requires that _____________ be attached to all objects.
A security domain
A Domain
Sensitivity labels
Attributable data
48. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
No write down
Pipelining
Need-to-know
A security domain
49. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Orange Book - B1
The TCSEC - Aka Orange Book
Process isolation
Secondary Storage
50. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Dedicated Security Mode
Life Cycle Assurance Requirement
Implement software or systems in a production environment
Administrative declaration
