SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Policy must be explicit and well defined and enforced by the mechanisms within the system
B3
Security Policy - Orange Book
Trusted Distribution
Ring 1
2. Mandatory Protection
Orange Book interpretations
Physical security
Networks and Communications
Orange Book B
3. Operating System Kernel
Direct addressing
Ring 0
Operational assurance requirements
The Simple Security Property
4. Permits a database to have two records that are identical except for Their classifications
Trusted Network Interpretation (TNI)
NOT Integrity
Polyinstantiation
Trusted Products Evaluation Program (TPEP)
5. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Access control to the objects by the subjects
The Biba Model
Continuous protection - O/B
Isolate processes
6. What does the Clark-Wilson security model focus on
Trusted Distribution
Attributable data
Integrity
A and B
7. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Bell-LaPadula Model
Multilevel Security Policies
attributability
Continuous protection - O/B
8. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Ring 2
The Strong star property rule
Trusted facility management
Secondary Storage
9. When the RAM and secondary storage are combined the result is __________.
First evaluation class
Virtual Memory
B3
The Integrity of data within applications
10. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
A1
Evaluated separately
Thrashing
System High Security Mode
11. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Stored in Reak Memory
Its Clearance Label (Top Secret - Secret - or Confidential)
B1 - Labeled Security
12. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
security protection mechanisms
Invocation Property
The National Computer Security Center (NCSC)
Orange Book A
13. The Simple Security rule is refered to as______________.
Constrained
The "No read Up" rule
Basic Security Theorem (used in computer science) definition
C2 - Controlled Access Protection
14. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book C
Trusted Products Evaluation Program (TPEP)
Orange Book - A1
15. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Most commonly used approach
B2 rating
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
16. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Labels - Orange Book
C2 - Controlled Access Protection
Programmable Read-Only Memory (PROM)
Dedicated Security Mode
17. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Compare the security labels
TCB (Trusted Computing Base)
A Thread
18. When a computer uses more than one CPU in parallel to execute instructions is known as?
The Trusted Computing Base (TCB)
Basic Security Theorem (used in computer science) definition
The Simple Security Property
Multiprocessing
19. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Trusted facility management
Indexed addressing
Most commonly used approach
20. Contains the beginning address
B2 rating
B2 - Structured Protection
Multilevel Security Policies
A Base Register (Memory Management)
21. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
No read down
Types of covert channels
Firmware
B2 - Structured Protection
22. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
Mandatory access control
Storage and timing
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
23. All users have a clearance for and a formal need to know about - all data processed with the system.
Overt channel
The Security Kernel
Dedicated Security Mode
B1 - Labeled Security rating
24. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
The Monolithic Operation system Architecture
A1 - Rating
Overt channel
Attributable data
25. System Architecture that separates system functionality into Hierarchical layers
B3
Identification - Orange Book
*-Integrity Axiom
A Layered Operating System Architecure
26. Remaining parts of the operating system
Orange Book C
The Simple Security Property
State machine model
Ring 1
27. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Division B - Mandatory Protection Architecture
Complex Instruction Set Computers (CISC)
The Thread (memory Management)
A Limit Register (Memory Management)
28. What access control technique is also known as multilevel security?
Mandatory access control
Constrained
Orange Book - B2
Simple Security Rule
29. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Documentation - Orange Book
Orange Book - B2
No read down
The Monolithic Operation system Architecture
30. What is called the formal acceptance of the adequacy of a system's overall security by management?
attributability
Ring 2
Security Policy
Accreditation
31. Which is a straightforward approach that provides access rights to subjects for objects?
Operational assurance requirements
C2
B3
Access Matrix model
32. Should always trace to individuals responsible for observing and recording the data
Attributable data
B1 - Labeled Security
Invocation Property
Access Matrix model
33. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Erasable and Programmable Read-Only Memory (EPROM)
Pipelining
A1 - Rating
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
34. Applications and user activity
Ring 3
Security Policy is clearly defined and documented
State machine model
Files - directories and devices
35. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Access Matrix model
C1
The trustworthiness of an information system
Thrashing
36. When a vendor submits a product for evaluation - it submits it to the ____________.
C2 - Controlled Access Protection
The National Computer Security Center (NCSC)
A and B
Mandatory access control
37. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Clark-Wilson Model
Covert channels
Virtual storage
Storage and timing
38. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Assigned labels
B1 - Labeled Security
Access control to the objects by the subjects
Prohibits
39. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Execution Domain
B3
Complex Instruction Set Computers (CISC)
40. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
A1 - Rating
Dedicated Security Mode
A security kernel
41. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
The "No write Down" Rule
Orange Book interpretations
B1
43. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Multiprocessing
Basic Security Theorem (used in computer science) definition
Absolute addresses
The Simple Security Property
44. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
B3
Physical security
Process isolation
Life-cycle assurance - O/B
45. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Security mechanisms and evalautes their effectivenes
Totality of protection mechanisms
The reference monitor
C2
46. The Biba Model adresses _____________________.
Prevent secret information from being accessed
The Integrity of data within applications
Invocation Property
Indirect addressing
47. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Primary storage
Orange Book - A1
Multilevel Security Policies
The Common Criteria
48. Mandatory Access requires that _____________ be attached to all objects.
C1 - Discrection Security Protection is a type of environment
attributability
Sensitivity labels
Compare the security labels
49. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Trusted Distribution
A security domain
Thrashing
50. Contains an Address of where the instruction and dara reside that need to be processed.
Integrity
The Thread (memory Management)
Compare the security labels
Orange Book ratings