SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
C1 - Discretionary Security Protection
The rule is talking about "Reading"
NOT Integrity
2. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
The Red Book
Life Cycle Assurance Requirement
The Security Kernel
First evaluation class
3. A domain of trust that shares a single security policy and single management
Thrashing
Mandatory Access Control (MAC)
A security domain
Files - directories and devices
4. Remaining parts of the operating system
Buffer (temporary data storage area)
Ring 1
The Simple Security Property
D
5. Verification Protection
A security domain
Attributable data
Orange Book A
Complex Instruction Set Computers (CISC)
6. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
7. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
First evaluation class
Discretionary Security Property (ds-property)
The Simple Security Property
8. What prevents a process from accessing another process' data?
The National Computer Security Center (NCSC)
Process isolation
Simple Security Rule
Overt channel
9. Minimal Security
Buffer overflows
Bell-LaPadula Model
Controlling unauthorized downgrading of information
Orange Book - D
10. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Secondary Storage
Government and military applications
B1 - Labeled Security rating
11. Another word for Primary storage and distinguishes physical memory from virtual memory.
Orange Book - B2
Real storage
Types of covert channels
B3 - Security Domains
12. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Pipelining
Be protected from modification
B2 rating
A Thread
13. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Totality of protection mechanisms
Process isolation
Enforces the rules
14. When a portion of primary memory is accessed by specifying the actual address of the memory location
Bell-LaPadula Model
Direct addressing
Need-to-know
B3
15. In access control terms - the word "dominate" refers to ___________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Strong star property rule
The National Computer Security Center (NCSC)
Higher or equal to access class
16. A Policy based control. All objects and systems have a sensitivity level assigned to them
*-Integrity Axiom
Mandatory Access Control (MAC)
Polyinstantiation
Direct addressing
17. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Protection Rings Support
In C2 - Controlled Access Protection environment
Life Cycle Assurance Requirement
No read up
18. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Examples of Layered Operating Systems
Basic Security Theorem (used in computer science) definition
The Security Kernel
19. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
A lattice of Intergrity Levels
C2
Controlling unauthorized downgrading of information
20. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
The security perimeter
A Thread
C1 - Discrection Security Protection is a type of environment
21. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Access Matrix model
Continuous protection - O/B
Basic Security Theorem (used in computer science) definition
A Domain
22. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Basic Security Theorem (used in computer science) definition
A Layered Operating System Architecure
Access control to the objects by the subjects
C2
23. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
The Simple Security Property
Attributable - original - accurate - contemporaneous and legible
Life Cycle Assurance Requirement
Evaluated separately
24. What access control technique is also known as multilevel security?
In C2 - Controlled Access Protection environment
Mandatory access control
Orange Book ratings
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
25. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C2 - Controlled Access Protection
Discretionary Security Property (ds-property)
The Tranqulity principle (The Bell-LaPadula Model)
C1
26. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Fail safe
*-Integrity Axiom
Orange Book B
27. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channel
A Layered Operating System Architecure
Direct addressing
A single classification and a Compartment Set
28. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Security Policy
Trusted Distribution
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
security protection mechanisms
29. Which can be used as a covert channel?
Orange Book A
Trusted hardware - Software and Firmware
First evaluation class
Storage and timing
30. TCSEC provides a means to evaluate ______________________.
Division B - Mandatory Protection Architecture
A and B
Accreditation
The trustworthiness of an information system
31. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Programmable Read-Only Memory (PROM)
Multiprocessing
Multilevel Security Policies
32. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Fail safe
Accountability - Orange Book
C2
33. Operating System Kernel
Labels - Orange Book
Integrity
Ring 0
The trustworthiness of an information system
34. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Secondary Storage
Attributable data
Orange Book - B2
Models concerned with integrity
35. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Access control to the objects by the subjects
A lattice of Intergrity Levels
Firmware
Controlling unauthorized downgrading of information
36. Mandatory Protection
A1
Orange Book B
Dedicated Security Mode
No write down
37. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
The National Computer Security Center (NCSC)
'Dominate'
Direct Addressing
Be protected from modification
38. What are the components of an object's sensitivity label?
C1 - Discretionary Security Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
A single classification and a Compartment Set
C1 - Discrection Security Protection is a type of environment
39. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Multitasking
B2
Disclosure of residual data
The "No write Down" Rule
40. The Simple Security rule is refered to as______________.
The "No read Up" rule
Trusted Distribution
Virtual storage
Simple Security Rule
41. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Bell-LaPadula Model
Certification
Ring 3
The Red Book
42. The Orange book requires protection against two_____________ - which are these Timing and Storage
Real storage
Types of covert channels
Storage and timing
Fail safe
43. Individual subjects must be uniquely identified.
The Trusted Computing Base (TCB)
A Domain
The "No read Up" rule
Identification - Orange Book
44. When a computer uses more than one CPU in parallel to execute instructions is known as?
Identification - Orange Book
Multiprocessing
No read up
The rule is talking about "Reading"
45. The combination of RAM - Cache and the Processor Registers
C2 - Controlled Access Protection
Swap Space
Fail safe
Primary storage
46. Happen because input data is not checked for appropriate length at time of input
C2
A and B
The Monolithic Operation system Architecture
Buffer overflows
47. System Architecture that separates system functionality into Hierarchical layers
Orange Book - D
A lattice of Intergrity Levels
Invocation Property
A Layered Operating System Architecure
48. Which is a straightforward approach that provides access rights to subjects for objects?
Relative Addresses
Highly secure systems (B2 - B3 and A1)
Access Matrix model
Certification
49. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Storage and timing
A Layered Operating System Architecure
B2 - Structured Protection
Protection Rings Support
50. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
System High Security Mode
Firmware
The Thread (memory Management)
Security rating B
