SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The "No read Up" rule
The security kernel
Dedicated Security Mode
The Red Book
2. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Reduced Instruction Set Computers (RISC)
The Biba Model
Execution Domain
Virtual Memory
3. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
A1
Stored in Reak Memory
B3 - Rating
The Clark Wilson integrity model
4. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Sensitivity labels
Orange Book B
The Common Criteria
C2 - Controlled Access Protection
5. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Overt channel
Secondary Storage
Relative Addresses
Orange Book - B1
6. Which describe a condition when RAM and Secondary storage are used together?
B1
Virtual storage
Its classification label (Top Secret - Secret or confidential)
All Mandatory Access Control (MAC) systems
7. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
The Integrity of data within applications
Multiprocessing
B3 - Security Domains
8. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Multiprocessing
The National Computer Security Center (NCSC)
Firmware
9. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Direct addressing
Orange Book ratings
Orange Book - B2
Identification - Orange Book
10. In access control terms - the word "dominate" refers to ___________.
Examples of Layered Operating Systems
Higher or equal to access class
B3 - Rating
Ring 1
11. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Relative Addresses
A and B
Assigned labels
Most commonly used approach
12. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Prohibits
Simple Integrity Axiom
The Tranqulity principle (The Bell-LaPadula Model)
Implement software or systems in a production environment
13. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Mandatory Access Control (MAC)
Fail safe
Access Matrix model
14. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
15. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Controls the checks
C1 - Discretionary Security Protection
A Thread
Identification - Orange Book
16. Access control labels must be associated properly with objects.
Higher or equal to access class
A1 - Rating
Labels - Orange Book
Models concerned with integrity
17. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
The Common Criteria
TCB (Trusted Computing Base)
Ring 2
18. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B1 - Labeled Security rating
Access control to the objects by the subjects
NOT Integrity
B2 - Structured Protection
19. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
The Clark Wilson integrity model
No write down
Implement software or systems in a production environment
20. Involves sharing the processor amoung all ready processes
State machine model
A security domain
Multitasking
Totality of protection mechanisms
21. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
Firmware
Highly secure systems (B2 - B3 and A1)
Accreditation
22. Which uses Protection Profiles and Security Targets?
Security rating B
International Standard 15408
First evaluation class
Totality of protection mechanisms
23. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
Programmable Read-Only Memory (PROM)
Indirect addressing
Simple Security Rule
24. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Ring 1
Orange Book - A1
Swap Space
An abstract machine
25. System Architecture that separates system functionality into Hierarchical layers
Buffer (temporary data storage area)
B1
A Layered Operating System Architecure
The Rule is talking about writing
26. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Files - directories and devices
Dominate the object's sensitivity label
Attributable - original - accurate - contemporaneous and legible
27. When a vendor submits a product for evaluation - it submits it to the ____________.
Orange Book - D
The National Computer Security Center (NCSC)
Multitasking
Trusted Distribution
28. Which can be used as a covert channel?
Virtual storage
Storage and timing
Clark-Wilson
Ring 3
29. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Integrity
Swap Space
The *-Property rule (Star property)
System High Security Mode
30. Permits a database to have two records that are identical except for Their classifications
C2 - Controlled Access Protection
The Tranqulity principle (The Bell-LaPadula Model)
Polyinstantiation
Documentation - Orange Book
31. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
attributability
B3
Life Cycle Assurance Requirement
Secondary Storage
32. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
No write down
The "No read Up" rule
A1
33. Used by Windows systems to reserve the "Swap Space"
Accountability - Orange Book
Need-to-know
Its Clearance Label (Top Secret - Secret - or Confidential)
Pagefile.sys file
34. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Its Clearance Label (Top Secret - Secret - or Confidential)
Totality of protection mechanisms
Operational assurance requirements
Orange Book - B2
35. Contains the ending address
A Limit Register (Memory Management)
Attributable - original - accurate - contemporaneous and legible
Constrained
Orange Book B
36. Mandatory Protection
Evaluated separately
Security Policy is clearly defined and documented
Orange Book B
No read up
37. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
The "No write Down" Rule
Access control to the objects by the subjects
Orange Book - D
B3
38. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
B2
A lattice of Intergrity Levels
B2 rating
Orange Book A
39. Which is a straightforward approach that provides access rights to subjects for objects?
security protection mechanisms
Mandatory access control
Swap Space
Access Matrix model
40. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Primary storage
C1 - Discrection Security Protection is a type of environment
A security domain
Prevent secret information from being accessed
41. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Process isolation
Types of covert channels
Dedicated Security Mode
Need-to-know
42. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
B2 rating
Higher or equal to access class
No read up
43. TCSEC provides a means to evaluate ______________________.
Complex Instruction Set Computers (CISC)
The trustworthiness of an information system
The security kernel
Orange Book B
44. The combination of RAM - Cache and the Processor Registers
Government and military applications
Trusted facility management
Primary storage
Fail safe
45. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Assigned labels
Ring 3
Clark-Wilson Model
The rule is talking about "Reading"
46. What does the simple security (ss) property mean in the Bell-LaPadula model?
Files - directories and devices
The Trusted Computing Base (TCB)
No read up
Real storage
47. Audit data must be captured and protected to enforce accountability
Ring 0
Highly secure systems (B2 - B3 and A1)
Accountability - Orange Book
Orange Book C
48. The Simple Security rule is refered to as______________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Integrity
The "No read Up" rule
International Standard 15408
49. A type of memory used for High-speed writing and reading activities.
Compare the security labels
Cache Memory
In C2 - Controlled Access Protection environment
Identification - Orange Book
50. The subject must have Need to Know for ONLY the information they are trying to access.
TCB (Trusted Computing Base)
Complex Instruction Set Computers (CISC)
Covert channels
System High Security Mode
