Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The Biba Model adresses _____________________.
Discretionary Security Property (ds-property)
The Integrity of data within applications
A security domain
Physical security

2. Which TCSEC level first addresses object reuse?
Sensitivity labels
Discretionary Security Property (ds-property)
Pipelining
C2

3. System Architecture that separates system functionality into Hierarchical layers
Clark-Wilson
A Layered Operating System Architecure
Sensitivity labels
Controlling unauthorized downgrading of information

4. What does the simple integrity axiom mean in the Biba model?
Bell-LaPadula Model
Controlling unauthorized downgrading of information
No read down
The Thread (memory Management)

5. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
The Thread (memory Management)
Life Cycle Assurance Requirement
Networks and Communications
In C2 - Controlled Access Protection environment

6. Which uses Protection Profiles and Security Targets?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
International Standard 15408
Protection Rings Support
Ring 2

7. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Constrained
Sensitivity labels
Virtual storage
Orange Book - B3

8. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
Security mechanisms and evalautes their effectivenes
The Red Book
Fail safe

9. Which is an ISO standard product evaluation criteria that supersedes several different criteria
B1
The Common Criteria
Evaluated separately
B1 - Labeled Security rating

10. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Primary storage
attributability
A1
Security Policy is clearly defined and documented

11. The C2 evaluation class of the _________________ offers controlled access protection.
Labels - Orange Book
Direct addressing
B3 - Security Domains
Trusted Network Interpretation (TNI)

12. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
A lattice of Intergrity Levels
Prohibits
Examples of Layered Operating Systems

13. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Trusted Distribution
Multiprocessing
Constrained
Simple Integrity Axiom

14. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Administrative declaration
Division D - Minimal Protection
C2 - Controlled Access Protection
The "No write Down" Rule

15. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Simple Security Rule
Access control to the objects by the subjects
Trusted Products Evaluation Program (TPEP)
Files - directories and devices

16. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
The "No write Down" Rule
The Evaluated Products List (EPL) with their corresponding rating
Identification - Orange Book

17. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Evaluated separately
C1 - Discrection Security Protection is a type of environment
Dominate the object's sensitivity label
Need-to-know

18. The Orange book requires protection against two_____________ - which are these Timing and Storage
A1 - Rating
Types of covert channels
Orange Book interpretations
Firmware

19. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
C2 - Controlled Access Protection
B3 - Security Domains
The Common Criteria
Life Cycle Assurance Requirement

20. The subject must have Need to Know for ONLY the information they are trying to access.
A lattice of Intergrity Levels
Multiprocessing
Indirect addressing
System High Security Mode

21. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
System High Security Mode
The Clark Wilson integrity model
Its Clearance Label (Top Secret - Secret - or Confidential)
A Thread

22. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
System High Security Mode
Programmable Read-Only Memory (PROM)
The Simple Security Property
Firmware

23. Trusted facility management is an assurance requirement only for ________________.
Direct Addressing
Trusted Distribution
Highly secure systems (B2 - B3 and A1)
Direct addressing

24. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Orange Book B
Execution Domain
Polyinstantiation
Fail safe

25. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Multitasking
Isolate processes
Prevent secret information from being accessed
Division D - Minimal Protection

26. When the address location that is specified in the program instruction contains the address of the final desired location.
Certification
Buffer overflows
NOT Integrity
Indirect addressing

27. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Indirect addressing
Ring 0
Enforces the rules
Orange Book interpretations

28. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
The Clark Wilson integrity model
Dedicated Security Mode
Evaluated separately
The Thread (memory Management)

29. A domain of trust that shares a single security policy and single management
A security domain
Execution Domain
Examples of Layered Operating Systems
Buffer (temporary data storage area)

30. Contains the beginning address
The reference monitor
Examples of Layered Operating Systems
A Base Register (Memory Management)
The "No write Down" Rule

31. Minimal Security
Orange Book - D
A Limit Register (Memory Management)
Multitasking
Documentation - Orange Book

32. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
No read up
The Strong star property rule
Controls the checks
Ring 3

33. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Real storage
C1 - Discretionary Security Protection
Complex Instruction Set Computers (CISC)
The Thread (memory Management)

34. What does the simple security (ss) property mean in the Bell-LaPadula model?
Division D - Minimal Protection
Security Policy
C1 - Discretionary Security Protection
No read up

35. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Security Policy
Higher or equal to access class
Thrashing
Virtual Memory

36. Permits a database to have two records that are identical except for Their classifications
Execution Domain
Trusted hardware - Software and Firmware
Polyinstantiation
The Biba Model

37. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Thrashing
C1 - Discrection Security Protection is a type of environment
The *-Property rule (Star property)

38. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Covert channels
Totality of protection mechanisms
Trusted facility management

39. Which increases the performance in a computer by overlapping the steps of different instructions?
B3 - Rating
Invocation Property
Higher or equal to access class
Pipelining

40. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Dominate the object's sensitivity label
Orange Book - D
Division D - Minimal Protection
No write down

41. What model use an access control triples and requires that the system maintain separation of duty ?
C2 - Controlled Access Protection
Storage and timing
Security Policy is clearly defined and documented
Clark-Wilson

42. Mediates all access and Functions between subjects and objects.
Real storage
Totality of protection mechanisms
The Security Kernel
Its classification label (Top Secret - Secret or confidential)

43. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Erasable and Programmable Read-Only Memory (EPROM)
Dominate the object's sensitivity label
A security kernel

44. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Compare the security labels
Protection Rings Support
Mandatory access control
Division D - Minimal Protection

45. Intended for environments that require systems to handle classified data.
The TCSEC - Aka Orange Book
B1 - Labeled Security rating
security protection mechanisms
The reference monitor

46. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The Tranqulity principle (The Bell-LaPadula Model)
Prohibits
Dedicated Security Mode
Division B - Mandatory Protection Architecture

47. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
The Common Criteria
Access Matrix model
Compare the security labels

48. The Physical memory address that the CPU uses
Orange Book - B3
Indirect addressing
Absolute addresses
The security perimeter

49. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Orange Book A
Orange Book ratings
The Tranqulity principle (The Bell-LaPadula Model)

50. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Real storage
A1 - Rating
C2 - Controlled Access Protection
Assigned labels

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests