SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The group that oversees the processes of evaluation within TCSEC is?
Covert channels
Division D - Minimal Protection
Multilevel Security Policies
Trusted Products Evaluation Program (TPEP)
2. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
C2
C2 - Controlled Access Protection
Need-to-know
Evaluated separately
3. A subject at a given clearance may not read an object at a higher classification
A Layered Operating System Architecure
Programmable Read-Only Memory (PROM)
The Red Book
The Simple Security Property
4. Access control labels must be associated properly with objects.
State machine model
Labels - Orange Book
Orange Book - D
A Layered Operating System Architecure
5. I/O drivers and utilities
Networks and Communications
The Integrity of data within applications
Clark-Wilson
Ring 2
6. What access control technique is also known as multilevel security?
Orange Book B
Orange Book - B3
A security kernel
Mandatory access control
7. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
The trustworthiness of an information system
Cache Memory
Programmable Read-Only Memory (PROM)
8. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
attributability
First evaluation class
Continuous protection - O/B
Indirect addressing
9. A domain of trust that shares a single security policy and single management
Complex Instruction Set Computers (CISC)
B2
A security domain
A single classification and a Compartment Set
10. TCSEC provides a means to evaluate ______________________.
Be protected from modification
C2 - Controlled Access Protection
The trustworthiness of an information system
Constrained
11. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Orange Book A
Assigned labels
Types of covert channels
B3 - Security Domains
12. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
No read up
The Strong star property rule
Constrained
13. Based on a known address with an offset value applied.
Relative Addresses
Swap Space
Compare the security labels
Trusted hardware - Software and Firmware
14. In the Bell-LaPadula Model the Object's Label contains ___________________.
Be protected from modification
Multilevel Security Policies
Its classification label (Top Secret - Secret or confidential)
C1 - Discretionary Security Protection
15. As per FDA data should be ______________________________.
Compare the security labels
Programmable Read-Only Memory (PROM)
Trusted Network Interpretation (TNI)
Attributable - original - accurate - contemporaneous and legible
16. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
An abstract machine
The "No read Up" rule
Constrained
17. What does the simple integrity axiom mean in the Biba model?
Subject to Object Model
No read down
Direct addressing
A and B
18. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Relative Addresses
Security Policy is clearly defined and documented
Ring 1
C2 - Controlled Access Protection
19. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
A Base Register (Memory Management)
Polyinstantiation
Overt channel
Division C - Discretionary Protection
20. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Buffer (temporary data storage area)
Pagefile.sys file
The reference monitor
The Red Book
21. The C2 evaluation class of the _________________ offers controlled access protection.
Highly secure systems (B2 - B3 and A1)
Types of covert channels
Trusted Network Interpretation (TNI)
Orange Book interpretations
22. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Its classification label (Top Secret - Secret or confidential)
Attributable data
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Buffer (temporary data storage area)
23. The *-Property rule is refered to as ____________.
Isolate processes
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
D
The "No write Down" Rule
24. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
The Tranqulity principle (The Bell-LaPadula Model)
The Biba Model
Process isolation
25. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The *-Property rule (Star property)
Life-cycle assurance - O/B
The Simple Security Property
Programmable Read-Only Memory (PROM)
26. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Direct addressing
'Dominate'
Prohibits
27. What does the Clark-Wilson security model focus on
Compare the security labels
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
Integrity
28. Which TCSEC level first addresses object reuse?
Attributable data
C2
'Dominate'
Prohibits
29. The combination of RAM - Cache and the Processor Registers
Bell-LaPadula Model
Reduced Instruction Set Computers (RISC)
Primary storage
Subject to Object Model
30. Which uses Protection Profiles and Security Targets?
Cache Memory
Buffer (temporary data storage area)
The security perimeter
International Standard 15408
31. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Operational assurance requirements
Controls the checks
No write down
Its classification label (Top Secret - Secret or confidential)
32. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
B3
Orange Book interpretations
The security perimeter
D
33. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Buffer (temporary data storage area)
C1
Assigned labels
34. Another word for Primary storage and distinguishes physical memory from virtual memory.
Clark-Wilson
A Base Register (Memory Management)
Real storage
Integrity
35. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Orange Book B
Multitasking
The Tranqulity principle (The Bell-LaPadula Model)
36. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Orange Book ratings
The Trusted Computing Base (TCB)
Stored in Reak Memory
Prohibits
37. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Absolute addresses
Orange Book B
Clark-Wilson
38. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
C1 - Discretionary Security Protection
Life Cycle Assurance Requirement
Virtual Memory
Buffer (temporary data storage area)
39. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
TCB (Trusted Computing Base)
Compare the security labels
International Standard 15408
40. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Constrained
The TCSEC - Aka Orange Book
The Biba Model
Access control to the objects by the subjects
41. Which is a straightforward approach that provides access rights to subjects for objects?
Orange Book - B3
Assigned labels
Access Matrix model
The Simple Security Property
42. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Dedicated Security Mode
Clark-Wilson Model
The Biba Model
Covert channels
43. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The Integrity of data within applications
Dedicated Security Mode
Prevent secret information from being accessed
Process isolation
44. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Examples of Layered Operating Systems
attributability
Disclosure of residual data
Orange Book - B3
45. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
A Domain
Mandatory Access Control (MAC)
Models concerned with integrity
The National Computer Security Center (NCSC)
46. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Division D - Minimal Protection
B3
Implement software or systems in a production environment
Trusted Network Interpretation (TNI)
47. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Continuous protection - O/B
Isolate processes
Division C - Discretionary Protection
C1 - Discretionary Security Protection
48. TCB contains The Security Kernel and all ______________.
Life Cycle Assurance Requirement
security protection mechanisms
Reduced Instruction Set Computers (RISC)
Mandatory access control
49. When the contents of the address defined in the program's instruction is added to that of an index register.
Controls the checks
Dedicated Security Mode
Real storage
Indexed addressing
50. The Orange book does NOT Cover ________________ - And Database management systems
A and B
C1
C2
Networks and Communications
