SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
The Strong star property rule
Division C - Discretionary Protection
Swap Space
2. What prevents a process from accessing another process' data?
Process isolation
Orange Book - B3
Security Policy - Orange Book
Networks and Communications
3. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
A Domain
C2 - Controlled Access Protection
Trusted Network Interpretation (TNI)
The Clark Wilson integrity model
4. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Access Matrix model
Continuous protection - O/B
The Rule is talking about writing
B1 - Labeled Security rating
5. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
The Clark Wilson integrity model
Subject to Object Model
State machine model
Controlling unauthorized downgrading of information
6. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Need-to-know
The TCSEC - Aka Orange Book
The Monolithic Operation system Architecture
Execution Domain
7. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book C
Security Policy - Orange Book
D
8. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Examples of Layered Operating Systems
Simple Security Rule
The *-Property rule (Star property)
9. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
The Red Book
Swap Space
System High Security Mode
10. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Cache Memory
The Thread (memory Management)
Firmware
Implement software or systems in a production environment
11. What does the simple security (ss) property mean in the Bell-LaPadula model?
C1 - Discrection Security Protection is a type of environment
No read up
The Clark Wilson integrity model
B2
12. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Identification - Orange Book
Compare the security labels
B3
13. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Storage and timing
Firmware
The Clark Wilson integrity model
Pagefile.sys file
14. Which would be designated as objects on a MAC system?
Files - directories and devices
Ring 1
A Layered Operating System Architecure
A single classification and a Compartment Set
15. The Biba Model adresses _____________________.
Dedicated Security Mode
The Integrity of data within applications
The security kernel
C1 - Discretionary Security Protection
16. When the RAM and secondary storage are combined the result is __________.
Totality of protection mechanisms
The Strong star property rule
A Domain
Virtual Memory
17. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Accountability - Orange Book
Orange Book interpretations
The security perimeter
Clark-Wilson Model
18. The *-Property rule is refered to as ____________.
Administrative declaration
The "No write Down" Rule
C1 - Discretionary Security Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
19. When a vendor submits a product for evaluation - it submits it to the ____________.
C2 - Controlled Access Protection
Dedicated Security Mode
The National Computer Security Center (NCSC)
Security Policy is clearly defined and documented
20. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
A Domain
Swap Space
Buffer overflows
'Dominate'
21. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
The "No read Up" rule
Ring 2
B1 - Labeled Security rating
Orange Book - B2
22. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Life-cycle assurance - O/B
The Security Kernel
Orange Book - A1
Orange Book ratings
23. Which TCSEC level first addresses object reuse?
C2
D
Fail safe
All Mandatory Access Control (MAC) systems
24. The assignment of a specific individual to administer the security-related functions of a system.
Indexed addressing
A Base Register (Memory Management)
Trusted facility management
Overt channel
25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Physical security
Discretionary Security Property (ds-property)
Buffer overflows
Constrained
26. The total combination of protection mechanisms within a computer system
Operational assurance requirements
TCB (Trusted Computing Base)
Direct Addressing
Subject to Object Model
27. Each data object must contain a classification label and each subject must have a clearance label.
Cache Memory
The Strong star property rule
Trusted facility management
B1 - Labeled Security
28. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
A Layered Operating System Architecure
The Thread (memory Management)
Firmware
Cache Memory
29. Used by Windows systems to reserve the "Swap Space"
Accountability - Orange Book
TCB (Trusted Computing Base)
Pagefile.sys file
C1 - Discretionary Security Protection
30. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
*-Integrity Axiom
The National Computer Security Center (NCSC)
A security domain
A Layered Operating System Architecure
31. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
A Thread
Its Clearance Label (Top Secret - Secret - or Confidential)
The Monolithic Operation system Architecture
Attributable - original - accurate - contemporaneous and legible
32. Applications and user activity
Absolute addresses
No write down
Ring 3
Discretionary Security Property (ds-property)
33. I/O drivers and utilities
Ring 2
Files - directories and devices
Relative Addresses
The Biba Model
34. What is called the formal acceptance of the adequacy of a system's overall security by management?
Reduced Instruction Set Computers (RISC)
The Simple Security Property
Accreditation
A Base Register (Memory Management)
35. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Bell-LaPadula Model
Highly secure systems (B2 - B3 and A1)
Subject to Object Model
36. All users have a clearance for and a formal need to know about - all data processed with the system.
Bell-LaPadula Model
Dedicated Security Mode
The "No read Up" rule
Orange Book ratings
37. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Identification - Orange Book
Orange Book interpretations
Evaluated separately
38. According to the Orange Book - trusted facility management is not required for which security levels?
B1
The Strong star property rule
Access control to the objects by the subjects
Subject to Object Model
39. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Controlling unauthorized downgrading of information
Execution Domain
The *-Property rule (Star property)
Thrashing
40. When the contents of the address defined in the program's instruction is added to that of an index register.
Orange Book - B3
Indexed addressing
Reduced Instruction Set Computers (RISC)
Dominate the object's sensitivity label
41. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. Which in the Orange Book ratings represents the highest level of trust?
B2
Invocation Property
Scalar processors
A single classification and a Compartment Set
43. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Trusted Distribution
Security Policy
The security kernel
44. Which uses Protection Profiles and Security Targets?
International Standard 15408
Division B - Mandatory Protection Architecture
The Monolithic Operation system Architecture
Its Clearance Label (Top Secret - Secret - or Confidential)
45. Remaining parts of the operating system
Ring 0
Ring 1
The Biba Model
B1 - Labeled Security rating
46. Mandatory Protection
Indirect addressing
Real storage
Orange Book B
B1
47. Involves sharing the processor amoung all ready processes
Polyinstantiation
Compare the security labels
Multitasking
Higher or equal to access class
48. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Overt channel
Basic Security Theorem (used in computer science) definition
Models concerned with integrity
NOT Integrity
49. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
Orange Book - D
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
50. Mandatory access control is enfored by the use of security labels.
Buffer (temporary data storage area)
Operational assurance requirements
Division B - Mandatory Protection
The Trusted Computing Base (TCB)
