SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Virtual Memory
Clark-Wilson
The Strong star property rule
The Common Criteria
2. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Trusted Products Evaluation Program (TPEP)
Mandatory Access Control (MAC)
Trusted facility management
A and B
3. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Disclosure of residual data
The Integrity of data within applications
Ring 1
The Trusted Computing Base (TCB)
4. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Access Matrix model
Fail safe
Indirect addressing
Government and military applications
5. Applications and user activity
Simple Integrity Axiom
Multiprocessing
Ring 3
Networks and Communications
6. What does the simple integrity axiom mean in the Biba model?
NOT Integrity
Dedicated Security Mode
Firmware
No read down
7. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
The Clark Wilson integrity model
Virtual Memory
Orange Book B
8. The Simple Security rule is refered to as______________.
The "No read Up" rule
State machine model
Direct Addressing
Storage and timing
9. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Ring 1
The Trusted Computing Base (TCB)
Security Policy
10. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
System High Security Mode
The Integrity of data within applications
Security Policy
11. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Access control to the objects by the subjects
Life-cycle assurance - O/B
Orange Book - A1
12. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
B1 - Labeled Security rating
Multiprocessing
A security kernel
Division B - Mandatory Protection Architecture
13. As per FDA data should be ______________________________.
The Evaluated Products List (EPL) with their corresponding rating
Mandatory Access Control (MAC)
Attributable - original - accurate - contemporaneous and legible
Orange Book - B1
14. Access control labels must be associated properly with objects.
Its Clearance Label (Top Secret - Secret - or Confidential)
Documentation - Orange Book
Labels - Orange Book
Orange Book C
15. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
C1 - Discretionary Security Protection
Real storage
Secondary Storage
16. The Reserved hard drive space used to to extend RAM capabilites.
Multitasking
A and B
Swap Space
C2 - Controlled Access Protection
17. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Types of covert channels
The Clark Wilson integrity model
attributability
18. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Examples of Layered Operating Systems
Government and military applications
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Common Criteria
19. Remaining parts of the operating system
The Monolithic Operation system Architecture
C1 - Discretionary Security Protection
Thrashing
Ring 1
20. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
All Mandatory Access Control (MAC) systems
Highly secure systems (B2 - B3 and A1)
Isolate processes
21. Based on a known address with an offset value applied.
B2 - Structured Protection
Orange Book C
Relative Addresses
C1
22. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Swap Space
Security rating B
Fail safe
23. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Dominate the object's sensitivity label
Stored in Reak Memory
A and B
First evaluation class
24. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Accountability - Orange Book
Overt channel
C2
Orange Book C
25. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Security Policy is clearly defined and documented
B2 - Structured Protection
A single classification and a Compartment Set
Orange Book A
26. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
An abstract machine
security protection mechanisms
C2
D
27. Which is a straightforward approach that provides access rights to subjects for objects?
Examples of Layered Operating Systems
B2
Sensitivity labels
Access Matrix model
28. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
A Domain
International Standard 15408
Security Policy is clearly defined and documented
29. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Certification
B3 - Rating
B2 rating
Documentation - Orange Book
30. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Stored in Reak Memory
The Simple Security Property
The Monolithic Operation system Architecture
Thrashing
31. Contains the ending address
A Limit Register (Memory Management)
The TCSEC - Aka Orange Book
B1 - Labeled Security
Ring 2
32. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
33. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Bell-LaPadula Model
An abstract machine
TCB (Trusted Computing Base)
A and B
34. What are the components of an object's sensitivity label?
A1 - Rating
A single classification and a Compartment Set
Thrashing
The Monolithic Operation system Architecture
35. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Orange Book interpretations
Accountability - Orange Book
Firmware
NOT Integrity
36. The subject must have Need to Know for ONLY the information they are trying to access.
No read down
The National Computer Security Center (NCSC)
Relative Addresses
System High Security Mode
37. The Security Model Incorporates the ____________ that should be enforced in the system.
Disclosure of residual data
Simple Security Rule
Security Policy
Simple Integrity Axiom
38. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
The reference monitor
Security mechanisms and evalautes their effectivenes
Ring 3
Isolate processes
39. What prevents a process from accessing another process' data?
*-Integrity Axiom
Basic Security Theorem (used in computer science) definition
Process isolation
Trusted Products Evaluation Program (TPEP)
40. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Orange Book C
Models concerned with integrity
A Base Register (Memory Management)
The security perimeter
41. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Simple Security Rule
System High Security Mode
Its Clearance Label (Top Secret - Secret - or Confidential)
Basic Security Theorem (used in computer science) definition
42. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Pagefile.sys file
Examples of Layered Operating Systems
B1
C1 - Discretionary Security Protection
43. Intended for environments that require systems to handle classified data.
Accreditation
B1 - Labeled Security rating
First evaluation class
Prohibits
44. Which in the Orange Book ratings represents the highest level of trust?
Orange Book - B3
The "No write Down" Rule
B2
Swap Space
45. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Networks and Communications
Administrative declaration
Process isolation
Execution Domain
46. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Multiprocessing
Orange Book A
The Simple Security Property
47. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
The TCSEC - Aka Orange Book
Assigned labels
'Dominate'
Execution Domain
48. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
B2 - Structured Protection
Division D - Minimal Protection
C2 - Controlled Access Protection
Evaluated separately
49. The group that oversees the processes of evaluation within TCSEC is?
Bell-LaPadula Model
No read up
Trusted Products Evaluation Program (TPEP)
Mandatory Access Control (MAC)
50. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Labels - Orange Book
Relative Addresses
Identification - Orange Book
