Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Bell-LaPadula Model is a _______________.






2. Discretionary protection






3. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






4. Happen because input data is not checked for appropriate length at time of input






5. In the Bell-LaPadula Model the Object's Label contains ___________________.






6. Permits a database to have two records that are identical except for Their classifications






7. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






8. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






9. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






10. Which is an ISO standard product evaluation criteria that supersedes several different criteria






11. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






12. According to the Orange Book - trusted facility management is not required for which security levels?






13. Which in the Orange Book ratings represents the highest level of trust?






14. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






15. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






16. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






17. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






18. What is called the formal acceptance of the adequacy of a system's overall security by management?






19. Each data object must contain a classification label and each subject must have a clearance label.






20. The Biba Model adresses _____________________.






21. The Policy must be explicit and well defined and enforced by the mechanisms within the system






22. When a portion of primary memory is accessed by specifying the actual address of the memory location






23. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






24. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






25. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






26. Based on a known address with an offset value applied.






27. The assignment of a specific individual to administer the security-related functions of a system.






28. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






29. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






30. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






31. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






32. Bell-LaPadula model was proposed for enforcing access control in _____________________.






33. What are the components of an object's sensitivity label?






34. The Reserved hard drive space used to to extend RAM capabilites.






35. Which increases the performance in a computer by overlapping the steps of different instructions?






36. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






37. TCB contains The Security Kernel and all ______________.






38. In the Bell-LaPadula Model the Subject's Label contains ___________________.






39. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






40. Which can be used as a covert channel?






41. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






42. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






43. Operating System Kernel






44. What does the * (star) property mean in the Bell-LaPadula model?






45. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






46. In access control terms - the word "dominate" refers to ___________.






47. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






48. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






49. What prevents a process from accessing another process' data?






50. Contains the ending address







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests