SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains an Address of where the instruction and dara reside that need to be processed.
Attributable data
Bell-LaPadula Model
The Thread (memory Management)
The Simple Security Property
2. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Trusted hardware - Software and Firmware
Orange Book C
The *-Property rule (Star property)
Multilevel Security Policies
3. Applications and user activity
The Red Book
attributability
Orange Book interpretations
Ring 3
4. Which would be designated as objects on a MAC system?
Buffer (temporary data storage area)
Files - directories and devices
Pipelining
Swap Space
5. What access control technique is also known as multilevel security?
Mandatory access control
Enforces the rules
Totality of protection mechanisms
B2 - Structured Protection
6. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Orange Book B
Accreditation
Its classification label (Top Secret - Secret or confidential)
7. The Simple Security rule is refered to as______________.
The "No read Up" rule
State machine model
Bell-LaPadula Model
NOT Integrity
8. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Division D - Minimal Protection
Access control to the objects by the subjects
B3
Need-to-know
9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted facility management
The *-Property rule (Star property)
Trusted Distribution
Indexed addressing
10. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The Security Kernel
Most commonly used approach
Dominate the object's sensitivity label
The security kernel
11. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Integrity
Controlling unauthorized downgrading of information
Simple Security Rule
Isolate processes
12. The *-Property rule is refered to as ____________.
No read up
Polyinstantiation
The "No write Down" Rule
Process isolation
13. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
System High Security Mode
A1
Prohibits
14. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Programmable Read-Only Memory (PROM)
Covert channels
No read up
C2
15. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Orange Book - D
The TCSEC - Aka Orange Book
C1 - Discrection Security Protection is a type of environment
Discretionary Security Property (ds-property)
16. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
The Thread (memory Management)
Trusted hardware - Software and Firmware
The Integrity of data within applications
Identification - Orange Book
17. Execute one instruction at a time.
Orange Book - B2
Virtual Memory
Documentation - Orange Book
Scalar processors
18. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Controls the checks
Primary storage
B2 rating
Invocation Property
19. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Buffer (temporary data storage area)
Attributable - original - accurate - contemporaneous and legible
Models concerned with integrity
20. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
NOT Integrity
Orange Book interpretations
Life-cycle assurance - O/B
The "No write Down" Rule
21. When a portion of primary memory is accessed by specifying the actual address of the memory location
The National Computer Security Center (NCSC)
Security Policy - Orange Book
Logical addresses
Direct addressing
22. Happen because input data is not checked for appropriate length at time of input
Fail safe
Buffer overflows
Trusted Distribution
Disclosure of residual data
23. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Programmable Read-Only Memory (PROM)
Ring 3
Thrashing
A1
24. The Bell-LaPadula model Subjects and Objects are ___________.
The Trusted Computing Base (TCB)
Division D - Minimal Protection
Assigned labels
Higher or equal to access class
25. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Scalar processors
Orange Book - D
D
26. Access control labels must be associated properly with objects.
The TCSEC - Aka Orange Book
Mandatory Access Control (MAC)
Labels - Orange Book
C1 - Discretionary Security Protection
27. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Labels - Orange Book
NOT Integrity
The trustworthiness of an information system
28. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Examples of Layered Operating Systems
Trusted Network Interpretation (TNI)
Files - directories and devices
29. The Orange book does NOT Cover ________________ - And Database management systems
Trusted hardware - Software and Firmware
Division D - Minimal Protection
Networks and Communications
The Biba Model
30. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Mandatory Access Control (MAC)
C1 - Discretionary Security Protection
Cache Memory
A Layered Operating System Architecure
31. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
B3
The security kernel
Direct Addressing
32. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Orange Book C
Need-to-know
The reference monitor
33. What prevents a process from accessing another process' data?
A Limit Register (Memory Management)
Process isolation
Discretionary Security Property (ds-property)
The Strong star property rule
34. Which can be used as a covert channel?
Storage and timing
Accreditation
Most commonly used approach
Access control to the objects by the subjects
35. Individual subjects must be uniquely identified.
Enforces the rules
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Identification - Orange Book
Orange Book - B3
36. Trusted facility management is an assurance requirement only for ________________.
Types of covert channels
Clark-Wilson
Simple Security Rule
Highly secure systems (B2 - B3 and A1)
37. Documentation must be provided - including test - design - and specification document - user guides and manuals
System High Security Mode
Stored in Reak Memory
Documentation - Orange Book
Programmable Read-Only Memory (PROM)
38. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. A domain of trust that shares a single security policy and single management
A security domain
B2 rating
Primary storage
Execution Domain
40. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
The reference monitor
In C2 - Controlled Access Protection environment
Security rating B
Ring 1
41. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
The Evaluated Products List (EPL) with their corresponding rating
Overt channel
Types of covert channels
Orange Book C
42. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Overt channel
B3 - Security Domains
The security perimeter
Models concerned with integrity
43. A system uses the Reference Monitor to ___________________ of a subject and an object?
Discretionary Security Property (ds-property)
B2
The security perimeter
Compare the security labels
44. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
International Standard 15408
The Biba Model
A Thread
Ring 0
45. In the Bell-LaPadula Model the Object's Label contains ___________________.
Dominate the object's sensitivity label
Types of covert channels
Its classification label (Top Secret - Secret or confidential)
Trusted Network Interpretation (TNI)
46. Used by Windows systems to reserve the "Swap Space"
B2 - Structured Protection
Orange Book C
Clark-Wilson
Pagefile.sys file
47. When the contents of the address defined in the program's instruction is added to that of an index register.
Complex Instruction Set Computers (CISC)
International Standard 15408
Indexed addressing
Fail safe
48. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Networks and Communications
The security perimeter
Mandatory Access Control (MAC)
Access control to the objects by the subjects
49. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
Disclosure of residual data
Higher or equal to access class
Integrity
50. TCB contains The Security Kernel and all ______________.
Orange Book - B3
The "No write Down" Rule
security protection mechanisms
Direct addressing
