SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Orange Book B
The rule is talking about "Reading"
Erasable and Programmable Read-Only Memory (EPROM)
Swap Space
2. What are the components of an object's sensitivity label?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Its Clearance Label (Top Secret - Secret - or Confidential)
The Common Criteria
A single classification and a Compartment Set
3. A domain of trust that shares a single security policy and single management
The "No write Down" Rule
*-Integrity Axiom
A security domain
International Standard 15408
4. Contains the beginning address
Dominate the object's sensitivity label
'Dominate'
A Base Register (Memory Management)
Multitasking
5. Should always trace to individuals responsible for observing and recording the data
Attributable data
Security Policy is clearly defined and documented
C2
C2 - Controlled Access Protection
6. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Covert channels
Accountability - Orange Book
Attributable - original - accurate - contemporaneous and legible
Examples of Layered Operating Systems
7. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
The Thread (memory Management)
Models concerned with integrity
Documentation - Orange Book
8. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Trusted Distribution
Stored in Reak Memory
Ring 3
Prevent secret information from being accessed
9. Which Orange Book evaluation level is described as "Verified Design"?
Firmware
A1
The Integrity of data within applications
The Simple Security Property
10. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Be protected from modification
Prohibits
Covert channels
Access control to the objects by the subjects
11. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Physical security
Swap Space
Be protected from modification
Orange Book - B2
12. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Highly secure systems (B2 - B3 and A1)
The Rule is talking about writing
Simple Security Rule
13. Used by Windows systems to reserve the "Swap Space"
A1 - Rating
Pagefile.sys file
A and B
NOT Integrity
14. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
B2 - Structured Protection
Division D - Minimal Protection
Virtual storage
C2 - Controlled Access Protection
15. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
Its Clearance Label (Top Secret - Secret - or Confidential)
Administrative declaration
Indirect addressing
16. Contains the ending address
No read down
Trusted Network Interpretation (TNI)
First evaluation class
A Limit Register (Memory Management)
17. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Thrashing
Orange Book - B3
No read down
18. Which increases the performance in a computer by overlapping the steps of different instructions?
Accountability - Orange Book
A security kernel
Pipelining
B3
19. The Bell-LaPadula model Subjects and Objects are ___________.
Logical addresses
Covert channels
Assigned labels
The TCSEC - Aka Orange Book
20. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Networks and Communications
The Trusted Computing Base (TCB)
The Rule is talking about writing
Basic Security Theorem (used in computer science) definition
22. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
Sensitivity labels
Orange Book - B3
Government and military applications
23. Access control labels must be associated properly with objects.
Labels - Orange Book
Documentation - Orange Book
B2 rating
attributability
24. The *-Property rule is refered to as ____________.
Execution Domain
The "No write Down" Rule
The Monolithic Operation system Architecture
The Tranqulity principle (The Bell-LaPadula Model)
25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
C2 - Controlled Access Protection
Controlling unauthorized downgrading of information
In C2 - Controlled Access Protection environment
System High Security Mode
26. Simpler instructions that require fewer clock cycles to execute.
C1 - Discrection Security Protection is a type of environment
Execution Domain
Reduced Instruction Set Computers (RISC)
Examples of Layered Operating Systems
27. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Its classification label (Top Secret - Secret or confidential)
Government and military applications
The security perimeter
Polyinstantiation
28. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
The Evaluated Products List (EPL) with their corresponding rating
International Standard 15408
The Common Criteria
Evaluated separately
29. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
Orange Book ratings
The National Computer Security Center (NCSC)
The Clark Wilson integrity model
30. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Thrashing
The National Computer Security Center (NCSC)
Evaluated separately
31. According to the Orange Book - trusted facility management is not required for which security levels?
TCB (Trusted Computing Base)
The Tranqulity principle (The Bell-LaPadula Model)
Assigned labels
B1
32. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
A Layered Operating System Architecure
Its classification label (Top Secret - Secret or confidential)
Secondary Storage
Be protected from modification
33. The Simple Security rule is refered to as______________.
The security perimeter
The "No read Up" rule
Isolate processes
The Red Book
34. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
B2 - Structured Protection
Prevent secret information from being accessed
A Thread
Accreditation
35. What does the simple security (ss) property mean in the Bell-LaPadula model?
Dedicated Security Mode
No read up
Trusted hardware - Software and Firmware
Multilevel Security Policies
36. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
A1 - Rating
Stored in Reak Memory
The Biba Model
Compare the security labels
37. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
*-Integrity Axiom
Division B - Mandatory Protection Architecture
First evaluation class
Compare the security labels
38. The subject must have Need to Know for ONLY the information they are trying to access.
B2 rating
System High Security Mode
B3
Primary storage
39. The Physical memory address that the CPU uses
Swap Space
Absolute addresses
Enforces the rules
Clark-Wilson
40. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The National Computer Security Center (NCSC)
Compare the security labels
B3
The Trusted Computing Base (TCB)
41. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
A single classification and a Compartment Set
Pipelining
Attributable data
42. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
A single classification and a Compartment Set
Process isolation
The Trusted Computing Base (TCB)
43. Individual subjects must be uniquely identified.
Attributable - original - accurate - contemporaneous and legible
Identification - Orange Book
International Standard 15408
D
44. Verification Protection
Orange Book A
A1
Pipelining
Attributable data
45. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Files - directories and devices
Direct Addressing
B2 - Structured Protection
Indirect addressing
46. Permits a database to have two records that are identical except for Their classifications
Implement software or systems in a production environment
Polyinstantiation
Programmable Read-Only Memory (PROM)
Swap Space
47. When a portion of primary memory is accessed by specifying the actual address of the memory location
Logical addresses
Invocation Property
Direct addressing
Trusted hardware - Software and Firmware
48. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Orange Book - B2
A Domain
Complex Instruction Set Computers (CISC)
Totality of protection mechanisms
49. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Division D - Minimal Protection
Certification
Execution Domain
50. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Trusted Products Evaluation Program (TPEP)
Operational assurance requirements
System High Security Mode
Prevent secret information from being accessed