Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The TCB is the ________________ within a computer system that work together to enforce a security policy.






2. The assignment of a specific individual to administer the security-related functions of a system.






3. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






4. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






5. Mandatory Protection






6. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






7. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






8. Used by Windows systems to reserve the "Swap Space"






9. Can be erased - modified and upgraded.






10. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






11. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






12. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






13. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






14. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






15. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






16. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






17. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


18. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






19. Another word for Primary storage and distinguishes physical memory from virtual memory.






20. The *-Property rule is refered to as ____________.






21. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






22. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






23. A type of memory used for High-speed writing and reading activities.






24. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






25. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






26. When the RAM and secondary storage are combined the result is __________.






27. A Policy based control. All objects and systems have a sensitivity level assigned to them






28. Permits a database to have two records that are identical except for Their classifications






29. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






30. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






32. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






33. Audit data must be captured and protected to enforce accountability






34. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






35. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






36. Which uses Protection Profiles and Security Targets?






37. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






38. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






39. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






40. Each data object must contain a classification label and each subject must have a clearance label.






41. Should always trace to individuals responsible for observing and recording the data






42. A set of objects that a subject is able to access






43. Bell-LaPadula model was proposed for enforcing access control in _____________________.






44. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






45. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






46. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






47. The Bell-LaPadula Model is a _______________.






48. Mandatory Access requires that _____________ be attached to all objects.






49. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






50. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m