SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When the RAM and secondary storage are combined the result is __________.
B2 rating
The security perimeter
Virtual Memory
Simple Integrity Axiom
2. Mandatory Access requires that _____________ be attached to all objects.
B3
Sensitivity labels
Types of covert channels
The National Computer Security Center (NCSC)
3. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Direct addressing
Continuous protection - O/B
The rule is talking about "Reading"
Isolate processes
4. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Secondary Storage
C2
A single classification and a Compartment Set
Swap Space
5. The Orange book requires protection against two_____________ - which are these Timing and Storage
The Common Criteria
Prohibits
A and B
Types of covert channels
6. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Most commonly used approach
Stored in Reak Memory
Invocation Property
Dominate the object's sensitivity label
7. The Physical memory address that the CPU uses
The National Computer Security Center (NCSC)
Absolute addresses
A Base Register (Memory Management)
Ring 2
8. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
The security perimeter
Prevent secret information from being accessed
Overt channel
Protection Rings Support
9. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Documentation - Orange Book
Virtual storage
The Monolithic Operation system Architecture
Dedicated Security Mode
10. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book ratings
Orange Book interpretations
Orange Book - B1
Security Policy is clearly defined and documented
11. The Reserved hard drive space used to to extend RAM capabilites.
A Limit Register (Memory Management)
Swap Space
Secondary Storage
Stored in Reak Memory
12. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Clark-Wilson
Multiprocessing
Continuous protection - O/B
A Layered Operating System Architecure
13. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Trusted Network Interpretation (TNI)
B3
Erasable and Programmable Read-Only Memory (EPROM)
14. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
A and B
Process isolation
Basic Security Theorem (used in computer science) definition
B1 - Labeled Security rating
15. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Relative Addresses
Disclosure of residual data
Security Policy is clearly defined and documented
Need-to-know
16. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Indexed addressing
Orange Book ratings
Continuous protection - O/B
C2 - Controlled Access Protection
17. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
Buffer overflows
The Tranqulity principle (The Bell-LaPadula Model)
Security mechanisms and evalautes their effectivenes
18. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
The Strong star property rule
B2 - Structured Protection
Accreditation
Absolute addresses
19. Remaining parts of the operating system
The Biba Model
Integrity
Trusted Products Evaluation Program (TPEP)
Ring 1
20. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Thrashing
Access control to the objects by the subjects
A1 - Rating
System High Security Mode
21. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Orange Book ratings
Programmable Read-Only Memory (PROM)
Trusted Network Interpretation (TNI)
Examples of Layered Operating Systems
22. Data in Cache can be accessed much more quickly than Data
Examples of Layered Operating Systems
The security perimeter
Division B - Mandatory Protection Architecture
Stored in Reak Memory
23. The C2 evaluation class of the _________________ offers controlled access protection.
The security kernel
Trusted Network Interpretation (TNI)
Mandatory access control
B2 - Structured Protection
24. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Simple Integrity Axiom
The Biba Model
Dominate the object's sensitivity label
Its Clearance Label (Top Secret - Secret - or Confidential)
25. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Division D - Minimal Protection
Process isolation
Be protected from modification
26. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Accountability - Orange Book
Totality of protection mechanisms
No write down
Thrashing
27. A domain of trust that shares a single security policy and single management
Relative Addresses
Clark-Wilson
A security domain
Its Clearance Label (Top Secret - Secret - or Confidential)
28. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
attributability
Orange Book B
Complex Instruction Set Computers (CISC)
Accreditation
29. What does the simple security (ss) property mean in the Bell-LaPadula model?
Cache Memory
Subject to Object Model
C2 - Controlled Access Protection
No read up
30. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
31. Simpler instructions that require fewer clock cycles to execute.
B3 - Rating
Models concerned with integrity
Multiprocessing
Reduced Instruction Set Computers (RISC)
32. A type of memory used for High-speed writing and reading activities.
TCB (Trusted Computing Base)
Invocation Property
Cache Memory
Orange Book A
33. What does the Clark-Wilson security model focus on
A Thread
B1 - Labeled Security rating
Integrity
Labels - Orange Book
34. All users have a clearance for and a formal need to know about - all data processed with the system.
Models concerned with integrity
Dedicated Security Mode
Trusted Network Interpretation (TNI)
Overt channel
35. The Orange book does NOT Cover ________________ - And Database management systems
C2
Dominate the object's sensitivity label
Networks and Communications
Government and military applications
36. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Thrashing
Orange Book A
The security perimeter
38. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
An abstract machine
Multilevel Security Policies
The security perimeter
Assigned labels
39. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
The Strong star property rule
Ring 3
Need-to-know
40. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Attributable - original - accurate - contemporaneous and legible
Assigned labels
Controls the checks
C2
41. Which Orange Book evaluation level is described as "Verified Design"?
A Thread
A1
TCB (Trusted Computing Base)
Attributable data
42. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Division C - Discretionary Protection
Buffer overflows
Certification
A security kernel
43. The subject must have Need to Know for ONLY the information they are trying to access.
The "No read Up" rule
Division B - Mandatory Protection Architecture
Cache Memory
System High Security Mode
44. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The Evaluated Products List (EPL) with their corresponding rating
Mandatory access control
Overt channel
Security rating B
45. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Trusted facility management
Constrained
B3 - Security Domains
A1
46. The *-Property rule is refered to as ____________.
Clark-Wilson Model
Controlling unauthorized downgrading of information
The "No write Down" Rule
Indexed addressing
47. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
C2 - Controlled Access Protection
Models concerned with integrity
Trusted hardware - Software and Firmware
48. A set of objects that a subject is able to access
A Domain
B2
Be protected from modification
Access Matrix model
49. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
C1
Security mechanisms and evalautes their effectivenes
'Dominate'
50. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
B3 - Security Domains
The Tranqulity principle (The Bell-LaPadula Model)
The Trusted Computing Base (TCB)
