SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of memory used for High-speed writing and reading activities.
'Dominate'
Cache Memory
System High Security Mode
Examples of Layered Operating Systems
2. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Be protected from modification
The security perimeter
The National Computer Security Center (NCSC)
The TCSEC - Aka Orange Book
3. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Implement software or systems in a production environment
The "No write Down" Rule
The security perimeter
A lattice of Intergrity Levels
4. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Red Book
Orange Book interpretations
The "No write Down" Rule
The Common Criteria
5. Can be erased - modified and upgraded.
Administrative declaration
Controlling unauthorized downgrading of information
Trusted Products Evaluation Program (TPEP)
Erasable and Programmable Read-Only Memory (EPROM)
6. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
B3
Bell-LaPadula Model
Secondary Storage
Storage and timing
7. I/O drivers and utilities
Physical security
Ring 0
TCB (Trusted Computing Base)
Ring 2
8. When a computer uses more than one CPU in parallel to execute instructions is known as?
Its classification label (Top Secret - Secret or confidential)
Types of covert channels
Multiprocessing
Accreditation
9. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
Certification
An abstract machine
Orange Book interpretations
10. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Tranqulity principle (The Bell-LaPadula Model)
The security perimeter
B3
Certification
11. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
Files - directories and devices
The security perimeter
Discretionary Security Property (ds-property)
12. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
The Thread (memory Management)
Dedicated Security Mode
B2
Mandatory access control
13. The Indexed memory addresses that software uses
Logical addresses
Discretionary Security Property (ds-property)
Compare the security labels
Polyinstantiation
14. Remaining parts of the operating system
The Monolithic Operation system Architecture
The TCSEC - Aka Orange Book
Ring 1
Primary storage
15. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
'Dominate'
The security kernel
Division B - Mandatory Protection
Implement software or systems in a production environment
16. Each data object must contain a classification label and each subject must have a clearance label.
B3 - Rating
Bell-LaPadula Model
Execution Domain
B1 - Labeled Security
17. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Types of covert channels
The Security Kernel
attributability
18. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
B3 - Rating
Orange Book - B3
Stored in Reak Memory
19. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Division C - Discretionary Protection
B3
A single classification and a Compartment Set
Buffer overflows
20. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Controlling unauthorized downgrading of information
The Clark Wilson integrity model
A single classification and a Compartment Set
C2
21. Audit data must be captured and protected to enforce accountability
The security perimeter
Security mechanisms and evalautes their effectivenes
Its classification label (Top Secret - Secret or confidential)
Accountability - Orange Book
22. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
Constrained
Multiprocessing
Isolate processes
23. The *-Property rule is refered to as ____________.
The Biba Model
The "No write Down" Rule
No read down
Security mechanisms and evalautes their effectivenes
24. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Direct Addressing
Trusted Distribution
C2 - Controlled Access Protection
Fail safe
25. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Identification - Orange Book
No read down
The rule is talking about "Reading"
First evaluation class
26. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Life Cycle Assurance Requirement
Physical security
Division C - Discretionary Protection
Most commonly used approach
27. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Implement software or systems in a production environment
A Base Register (Memory Management)
Dominate the object's sensitivity label
Orange Book ratings
28. All users have a clearance for and a formal need to know about - all data processed with the system.
Government and military applications
Most commonly used approach
Dedicated Security Mode
Accreditation
29. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The security perimeter
The trustworthiness of an information system
Examples of Layered Operating Systems
C2 - Controlled Access Protection
30. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Trusted facility management
Orange Book - B2
A lattice of Intergrity Levels
31. Should always trace to individuals responsible for observing and recording the data
A Domain
Logical addresses
Attributable data
C2 - Controlled Access Protection
32. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Its classification label (Top Secret - Secret or confidential)
Attributable data
Isolate processes
33. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
A single classification and a Compartment Set
A Thread
The Strong star property rule
34. Data in Cache can be accessed much more quickly than Data
Complex Instruction Set Computers (CISC)
Stored in Reak Memory
B3 - Rating
An abstract machine
35. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Simple Integrity Axiom
Sensitivity labels
Multilevel Security Policies
36. TCSEC provides a means to evaluate ______________________.
The Biba Model
The trustworthiness of an information system
The Clark Wilson integrity model
A Base Register (Memory Management)
37. Which can be used as a covert channel?
Highly secure systems (B2 - B3 and A1)
The security perimeter
Storage and timing
Indexed addressing
38. Involves sharing the processor amoung all ready processes
Multitasking
Orange Book - B2
B1 - Labeled Security rating
Programmable Read-Only Memory (PROM)
39. When the RAM and secondary storage are combined the result is __________.
Pagefile.sys file
A Layered Operating System Architecure
TCB (Trusted Computing Base)
Virtual Memory
40. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
State machine model
attributability
C2
Cache Memory
41. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Security rating B
Access control to the objects by the subjects
B1 - Labeled Security rating
Models concerned with integrity
42. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Trusted facility management
Security Policy is clearly defined and documented
The National Computer Security Center (NCSC)
A1
43. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Complex Instruction Set Computers (CISC)
NOT Integrity
Government and military applications
The security perimeter
44. The Simple Security rule is refered to as______________.
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Trusted Computing Base (TCB)
The "No read Up" rule
45. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
C1
Mandatory access control
Relative Addresses
The security perimeter
46. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Trusted Distribution
Administrative declaration
Continuous protection - O/B
Real storage
47. Another word for Primary storage and distinguishes physical memory from virtual memory.
Covert channels
Process isolation
Erasable and Programmable Read-Only Memory (EPROM)
Real storage
48. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Its Clearance Label (Top Secret - Secret - or Confidential)
Division D - Minimal Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
49. Which describe a condition when RAM and Secondary storage are used together?
Attributable data
Virtual storage
B3
Orange Book B
50. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Primary storage
Sensitivity labels
Bell-LaPadula Model
Orange Book - B2
