Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
A Limit Register (Memory Management)
Multilevel Security Policies
Be protected from modification

2. The Simple Security rule is refered to as______________.
The "No write Down" Rule
Security Policy - Orange Book
The "No read Up" rule
A Thread

3. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Dedicated Security Mode
Secondary Storage
Dominate the object's sensitivity label
attributability

4. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Ring 3
The TCSEC - Aka Orange Book
Simple Security Rule
Evaluated separately

5. A set of objects that a subject is able to access
Overt channel
The TCSEC - Aka Orange Book
Simple Security Rule
A Domain

6. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
The Clark Wilson integrity model
A Layered Operating System Architecure
First evaluation class
A single classification and a Compartment Set

7. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
C2
B2
The Monolithic Operation system Architecture
Isolate processes

8. The security kernel is the mechanism that _____________ of the reference monitor concept.
Isolate processes
Overt channel
Enforces the rules
Labels - Orange Book

9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Security mechanisms and evalautes their effectivenes
Trusted Distribution
Complex Instruction Set Computers (CISC)
C1 - Discrection Security Protection is a type of environment

10. Discretionary protection
Division B - Mandatory Protection Architecture
Basic Security Theorem (used in computer science) definition
Orange Book C
Real storage

11. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Networks and Communications
C2
The Monolithic Operation system Architecture
Evaluated separately

12. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Multilevel Security Policies
A Layered Operating System Architecure
C2 - Controlled Access Protection
Sensitivity labels

13. TCB contains The Security Kernel and all ______________.
Cache Memory
security protection mechanisms
B3 - Security Domains
The Common Criteria

14. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Integrity of data within applications
B3
The Tranqulity principle (The Bell-LaPadula Model)
Controls the checks

15. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Ring 0
Controls the checks
Security rating B
attributability

16. What are the components of an object's sensitivity label?
Controls the checks
Operational assurance requirements
A single classification and a Compartment Set
Protection Rings Support

17. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Disclosure of residual data
Certification
Totality of protection mechanisms
C2 - Controlled Access Protection

18. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Dominate the object's sensitivity label
Swap Space
Overt channel
Stored in Reak Memory

19. Mediates all access and Functions between subjects and objects.
The Red Book
The Evaluated Products List (EPL) with their corresponding rating
Highly secure systems (B2 - B3 and A1)
The Security Kernel

20. Mandatory access control is enfored by the use of security labels.
Highly secure systems (B2 - B3 and A1)
Secondary Storage
Invocation Property
Division B - Mandatory Protection

21. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
International Standard 15408
Buffer (temporary data storage area)
Operational assurance requirements
The security kernel

22. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
The security perimeter
Primary storage
Be protected from modification
security protection mechanisms

23. What model use an access control triples and requires that the system maintain separation of duty ?
Ring 0
System High Security Mode
Clark-Wilson
The Integrity of data within applications

24. Contains the beginning address
Reduced Instruction Set Computers (RISC)
A Base Register (Memory Management)
Compare the security labels
Accountability - Orange Book

25. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Indirect addressing
All Mandatory Access Control (MAC) systems
Access Matrix model

26. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Types of covert channels
Trusted facility management
A security domain

27. The Physical memory address that the CPU uses
Division D - Minimal Protection
Absolute addresses
The "No read Up" rule
Access control to the objects by the subjects

28. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Totality of protection mechanisms
Basic Security Theorem (used in computer science) definition
Security Policy is clearly defined and documented
Orange Book ratings

29. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Access Matrix model
A Limit Register (Memory Management)
D

30. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
The "No write Down" Rule
Most commonly used approach
Multilevel Security Policies
Orange Book - B1

31. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Security mechanisms and evalautes their effectivenes
Trusted Products Evaluation Program (TPEP)
C1
System High Security Mode

32. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The security perimeter
Virtual storage
The Red Book
Absolute addresses

33. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
B3 - Rating
B1 - Labeled Security rating
Thrashing
Multilevel Security Policies

34. The Indexed memory addresses that software uses
Totality of protection mechanisms
Accreditation
Logical addresses
A single classification and a Compartment Set

35. The Bell-LaPadula Model is a _______________.
Its Clearance Label (Top Secret - Secret - or Confidential)
System High Security Mode
Division C - Discretionary Protection
Subject to Object Model

36. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Life-cycle assurance - O/B
Trusted Network Interpretation (TNI)
Administrative declaration
Basic Security Theorem (used in computer science) definition

37. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
A Domain
Process isolation
Ring 3

38. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Security mechanisms and evalautes their effectivenes
Files - directories and devices
Government and military applications
Virtual Memory

39. What access control technique is also known as multilevel security?
Mandatory access control
B3 - Rating
B2 - Structured Protection
Orange Book - B2

40. When the contents of the address defined in the program's instruction is added to that of an index register.
Bell-LaPadula Model
Multitasking
Labels - Orange Book
Indexed addressing

41. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The TCSEC - Aka Orange Book
Integrity
Constrained
Direct Addressing

42. Which describe a condition when RAM and Secondary storage are used together?
Programmable Read-Only Memory (PROM)
Buffer (temporary data storage area)
Simple Integrity Axiom
Virtual storage

43. Each data object must contain a classification label and each subject must have a clearance label.
Ring 2
Basic Security Theorem (used in computer science) definition
B1 - Labeled Security rating
B1 - Labeled Security

44. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Erasable and Programmable Read-Only Memory (EPROM)
'Dominate'
The security perimeter
B2 - Structured Protection

45. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Orange Book ratings
Buffer overflows
Execution Domain

46. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
B2 rating
The National Computer Security Center (NCSC)
Networks and Communications

47. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
State machine model
Bell-LaPadula Model
Orange Book - B2
Access control to the objects by the subjects

48. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Virtual Memory
System High Security Mode
The Thread (memory Management)
Physical security

49. The total combination of protection mechanisms within a computer system
A security kernel
TCB (Trusted Computing Base)
Logical addresses
A Layered Operating System Architecure

50. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
The *-Property rule (Star property)
Pagefile.sys file
Accreditation
Implement software or systems in a production environment

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests