SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Simpler instructions that require fewer clock cycles to execute.
The Rule is talking about writing
Reduced Instruction Set Computers (RISC)
Pipelining
Security Policy is clearly defined and documented
2. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Direct addressing
Types of covert channels
Life Cycle Assurance Requirement
Buffer (temporary data storage area)
3. Which is a straightforward approach that provides access rights to subjects for objects?
B3 - Security Domains
Prevent secret information from being accessed
C2 - Controlled Access Protection
Access Matrix model
4. In the Bell-LaPadula Model the Object's Label contains ___________________.
Attributable - original - accurate - contemporaneous and legible
Its classification label (Top Secret - Secret or confidential)
Operational assurance requirements
Controlling unauthorized downgrading of information
5. System Architecture that separates system functionality into Hierarchical layers
Division C - Discretionary Protection
Division B - Mandatory Protection Architecture
A Layered Operating System Architecure
Enforces the rules
6. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Trusted Distribution
Controlling unauthorized downgrading of information
Storage and timing
'Dominate'
7. Contains the ending address
A Limit Register (Memory Management)
The TCSEC - Aka Orange Book
Cache Memory
System High Security Mode
8. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The trustworthiness of an information system
The Rule is talking about writing
Totality of protection mechanisms
Security rating B
9. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
A Limit Register (Memory Management)
Orange Book ratings
Controlling unauthorized downgrading of information
NOT Integrity
10. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
C2
Invocation Property
The reference monitor
11. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Security Policy is clearly defined and documented
Examples of Layered Operating Systems
Secondary Storage
Assigned labels
12. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
The Common Criteria
Firmware
The Simple Security Property
13. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
B3 - Rating
Dedicated Security Mode
Multitasking
Pipelining
14. Mandatory access control is enfored by the use of security labels.
Discretionary Security Property (ds-property)
Division B - Mandatory Protection
Trusted Network Interpretation (TNI)
B1
15. A type of memory used for High-speed writing and reading activities.
Cache Memory
TCB (Trusted Computing Base)
Subject to Object Model
Government and military applications
16. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Its classification label (Top Secret - Secret or confidential)
An abstract machine
Division B - Mandatory Protection Architecture
Multitasking
17. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Security mechanisms and evalautes their effectivenes
Implement software or systems in a production environment
No write down
18. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
B1
The Common Criteria
C1
Isolate processes
19. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The Evaluated Products List (EPL) with their corresponding rating
Networks and Communications
Multiprocessing
Complex Instruction Set Computers (CISC)
20. A set of objects that a subject is able to access
Virtual Memory
Constrained
A Domain
The Biba Model
21. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
The security perimeter
Execution Domain
Disclosure of residual data
The "No write Down" Rule
22. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Division B - Mandatory Protection
Totality of protection mechanisms
Integrity
23. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Division B - Mandatory Protection Architecture
The *-Property rule (Star property)
Orange Book B
Files - directories and devices
24. The *-Property rule is refered to as ____________.
The "No write Down" Rule
A and B
The security kernel
Enforces the rules
25. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Secondary Storage
D
C1 - Discretionary Security Protection
C2 - Controlled Access Protection
26. Audit data must be captured and protected to enforce accountability
No read up
A security domain
Assigned labels
Accountability - Orange Book
27. Mandatory Protection
Isolate processes
Orange Book B
The TCSEC - Aka Orange Book
The Simple Security Property
28. Verification Protection
Virtual Memory
Cache Memory
Orange Book A
First evaluation class
29. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Erasable and Programmable Read-Only Memory (EPROM)
B1 - Labeled Security rating
The reference monitor
Sensitivity labels
30. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Division B - Mandatory Protection
Prevent secret information from being accessed
Invocation Property
B1
31. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
A Base Register (Memory Management)
A1
TCB (Trusted Computing Base)
32. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
Multilevel Security Policies
Division B - Mandatory Protection Architecture
*-Integrity Axiom
33. Contains the beginning address
A Base Register (Memory Management)
Trusted Network Interpretation (TNI)
Isolate processes
Controls the checks
34. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Labels - Orange Book
Multiprocessing
Stored in Reak Memory
36. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
The security kernel
The Integrity of data within applications
B2 - Structured Protection
37. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
A1 - Rating
Ring 1
Clark-Wilson Model
Pipelining
38. Which increases the performance in a computer by overlapping the steps of different instructions?
B2 rating
Dominate the object's sensitivity label
Covert channels
Pipelining
39. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Files - directories and devices
A Limit Register (Memory Management)
Primary storage
40. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Orange Book - D
All Mandatory Access Control (MAC) systems
Ring 2
The Simple Security Property
41. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
A Limit Register (Memory Management)
State machine model
Covert channels
Ring 2
42. The total combination of protection mechanisms within a computer system
Orange Book ratings
The reference monitor
The TCSEC - Aka Orange Book
TCB (Trusted Computing Base)
43. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
Multilevel Security Policies
The Thread (memory Management)
Higher or equal to access class
44. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Enforces the rules
The Red Book
Examples of Layered Operating Systems
45. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
The Tranqulity principle (The Bell-LaPadula Model)
Swap Space
Orange Book - B1
46. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
A Limit Register (Memory Management)
C2
Orange Book C
47. Discretionary protection
Highly secure systems (B2 - B3 and A1)
Complex Instruction Set Computers (CISC)
The Trusted Computing Base (TCB)
Orange Book C
48. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Documentation - Orange Book
Dedicated Security Mode
C1 - Discretionary Security Protection
Orange Book - B1
49. Individual subjects must be uniquely identified.
Identification - Orange Book
Access control to the objects by the subjects
Security rating B
Integrity
50. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Direct Addressing
A security domain
Multilevel Security Policies