SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which Orange Book evaluation level is described as "Verified Design"?
Mandatory Access Control (MAC)
Orange Book - B1
A1
A lattice of Intergrity Levels
2. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Operational assurance requirements
Secondary Storage
Security Policy is clearly defined and documented
4. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Storage and timing
Evaluated separately
Firmware
Security Policy is clearly defined and documented
5. All users have a clearance for and a formal need to know about - all data processed with the system.
C2
The trustworthiness of an information system
Dedicated Security Mode
Certification
6. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Programmable Read-Only Memory (PROM)
Trusted hardware - Software and Firmware
TCB (Trusted Computing Base)
7. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Compare the security labels
Simple Security Rule
No read up
B1
8. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
Storage and timing
Virtual storage
The Red Book
9. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Mandatory access control
The Strong star property rule
Process isolation
10. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
A Layered Operating System Architecure
Security rating B
Storage and timing
11. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Identification - Orange Book
Higher or equal to access class
Life Cycle Assurance Requirement
Virtual Memory
12. Individual subjects must be uniquely identified.
Multilevel Security Policies
Ring 1
Identification - Orange Book
Continuous protection - O/B
13. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Trusted hardware - Software and Firmware
Types of covert channels
The Trusted Computing Base (TCB)
C2 - Controlled Access Protection
14. Discretionary protection
Process isolation
Orange Book C
B2 rating
Mandatory access control
15. Which can be used as a covert channel?
Networks and Communications
Storage and timing
Dominate the object's sensitivity label
A1
16. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
C2 - Controlled Access Protection
Reduced Instruction Set Computers (RISC)
Implement software or systems in a production environment
B3
17. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
A security domain
Administrative declaration
Need-to-know
The Strong star property rule
18. Trusted facility management is an assurance requirement only for ________________.
Division C - Discretionary Protection
Mandatory access control
TCB (Trusted Computing Base)
Highly secure systems (B2 - B3 and A1)
19. When the contents of the address defined in the program's instruction is added to that of an index register.
Security Policy
No read down
Indexed addressing
Dedicated Security Mode
20. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
A1 - Rating
B1 - Labeled Security rating
The Common Criteria
21. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Security mechanisms and evalautes their effectivenes
Its classification label (Top Secret - Secret or confidential)
A and B
Models concerned with integrity
22. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Erasable and Programmable Read-Only Memory (EPROM)
Higher or equal to access class
Basic Security Theorem (used in computer science) definition
A lattice of Intergrity Levels
23. Should always trace to individuals responsible for observing and recording the data
Thrashing
Relative Addresses
Attributable data
Pipelining
24. In the Bell-LaPadula Model the Object's Label contains ___________________.
B3 - Security Domains
Ring 1
Basic Security Theorem (used in computer science) definition
Its classification label (Top Secret - Secret or confidential)
25. The Orange book does NOT Cover ________________ - And Database management systems
The National Computer Security Center (NCSC)
Storage and timing
A Limit Register (Memory Management)
Networks and Communications
26. The Biba Model adresses _____________________.
The Thread (memory Management)
The security perimeter
The Integrity of data within applications
Thrashing
27. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Orange Book - B3
First evaluation class
Security Policy - Orange Book
Attributable data
28. Which describe a condition when RAM and Secondary storage are used together?
A1
Documentation - Orange Book
Orange Book interpretations
Virtual storage
29. Mandatory Protection
C1 - Discretionary Security Protection
Scalar processors
Firmware
Orange Book B
30. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Ring 3
Trusted Network Interpretation (TNI)
C1 - Discretionary Security Protection
The Red Book
31. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Certification
The "No read Up" rule
Multilevel Security Policies
Life-cycle assurance - O/B
32. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Mandatory access control
*-Integrity Axiom
Pipelining
The rule is talking about "Reading"
33. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
B3
Overt channel
Labels - Orange Book
Certification
34. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
B3
Bell-LaPadula Model
Higher or equal to access class
Evaluated separately
35. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Dedicated Security Mode
Real storage
The Biba Model
D
36. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The National Computer Security Center (NCSC)
Multilevel Security Policies
Ring 0
Direct Addressing
37. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Orange Book interpretations
The security perimeter
Clark-Wilson
Highly secure systems (B2 - B3 and A1)
38. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Access Matrix model
Attributable - original - accurate - contemporaneous and legible
Higher or equal to access class
39. The total combination of protection mechanisms within a computer system
Multiprocessing
The *-Property rule (Star property)
TCB (Trusted Computing Base)
Stored in Reak Memory
40. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
The security perimeter
Polyinstantiation
B2 - Structured Protection
41. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Complex Instruction Set Computers (CISC)
B3 - Rating
Division C - Discretionary Protection
Labels - Orange Book
42. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Firmware
The Trusted Computing Base (TCB)
Prevent secret information from being accessed
The Rule is talking about writing
43. As per FDA data should be ______________________________.
A single classification and a Compartment Set
Indexed addressing
Logical addresses
Attributable - original - accurate - contemporaneous and legible
44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
B3
A Domain
Overt channel
45. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Firmware
Simple Security Rule
Execution Domain
No read down
46. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
First evaluation class
Orange Book C
B2 rating
47. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
B3
International Standard 15408
Division D - Minimal Protection
48. What is called the formal acceptance of the adequacy of a system's overall security by management?
Administrative declaration
Accreditation
D
Prohibits
49. A type of memory used for High-speed writing and reading activities.
Documentation - Orange Book
Cache Memory
Clark-Wilson
Dedicated Security Mode
50. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Ring 0
B3
Disclosure of residual data
Thrashing
