SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Examples of Layered Operating Systems
A lattice of Intergrity Levels
The Simple Security Property
A security kernel
2. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Assigned labels
Its classification label (Top Secret - Secret or confidential)
Clark-Wilson
Disclosure of residual data
3. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Scalar processors
Need-to-know
The "No write Down" Rule
C1 - Discrection Security Protection is a type of environment
4. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Primary storage
B3
Prevent secret information from being accessed
5. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Ring 1
Security Policy is clearly defined and documented
Security mechanisms and evalautes their effectivenes
Enforces the rules
6. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
No write down
Division C - Discretionary Protection
Firmware
7. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Highly secure systems (B2 - B3 and A1)
Clark-Wilson Model
A Thread
Polyinstantiation
8. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Logical addresses
C2 - Controlled Access Protection
B3 - Rating
Evaluated separately
9. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A Limit Register (Memory Management)
Division B - Mandatory Protection
A1 - Rating
Protection Rings Support
10. What does the Clark-Wilson security model focus on
Discretionary Security Property (ds-property)
Integrity
Types of covert channels
Life-cycle assurance - O/B
11. Permits a database to have two records that are identical except for Their classifications
Direct addressing
System High Security Mode
Real storage
Polyinstantiation
12. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Programmable Read-Only Memory (PROM)
TCB (Trusted Computing Base)
Division B - Mandatory Protection Architecture
Security Policy - Orange Book
13. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
B1 - Labeled Security rating
Complex Instruction Set Computers (CISC)
Scalar processors
Evaluated separately
14. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
The Strong star property rule
Models concerned with integrity
Reduced Instruction Set Computers (RISC)
A Limit Register (Memory Management)
15. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
C2 - Controlled Access Protection
Controlling unauthorized downgrading of information
Access control to the objects by the subjects
Pipelining
16. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Tranqulity principle (The Bell-LaPadula Model)
Operational assurance requirements
The Common Criteria
Trusted Distribution
17. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
The security perimeter
The Red Book
Trusted Network Interpretation (TNI)
C2 - Controlled Access Protection
18. Another word for Primary storage and distinguishes physical memory from virtual memory.
The Trusted Computing Base (TCB)
*-Integrity Axiom
Physical security
Real storage
19. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Its Clearance Label (Top Secret - Secret - or Confidential)
C2 - Controlled Access Protection
Scalar processors
Multilevel Security Policies
20. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
A1 - Rating
The National Computer Security Center (NCSC)
Buffer overflows
Bell-LaPadula Model
21. Mandatory Protection
A Thread
B2 - Structured Protection
Orange Book B
A1 - Rating
22. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Prevent secret information from being accessed
Erasable and Programmable Read-Only Memory (EPROM)
Programmable Read-Only Memory (PROM)
Controlling unauthorized downgrading of information
23. Should always trace to individuals responsible for observing and recording the data
The Biba Model
International Standard 15408
The Trusted Computing Base (TCB)
Attributable data
24. Individual subjects must be uniquely identified.
Identification - Orange Book
B2 - Structured Protection
Virtual Memory
Erasable and Programmable Read-Only Memory (EPROM)
25. The Biba Model adresses _____________________.
The Rule is talking about writing
Accreditation
The Integrity of data within applications
Reduced Instruction Set Computers (RISC)
26. What prevents a process from accessing another process' data?
Stored in Reak Memory
Process isolation
Constrained
The Simple Security Property
27. Mandatory Access requires that _____________ be attached to all objects.
Virtual Memory
B3 - Security Domains
Sensitivity labels
Multitasking
28. The Orange book does NOT Cover ________________ - And Database management systems
B2
D
Absolute addresses
Networks and Communications
29. The Physical memory address that the CPU uses
NOT Integrity
Absolute addresses
The Strong star property rule
The security kernel
30. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Trusted Distribution
Life Cycle Assurance Requirement
Most commonly used approach
Security Policy
31. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Continuous protection - O/B
Files - directories and devices
Constrained
The "No write Down" Rule
32. Can be erased - modified and upgraded.
The security perimeter
Erasable and Programmable Read-Only Memory (EPROM)
B2
Complex Instruction Set Computers (CISC)
33. The Security Model Incorporates the ____________ that should be enforced in the system.
Orange Book - B3
The Red Book
Direct addressing
Security Policy
34. The security kernel is the mechanism that _____________ of the reference monitor concept.
Buffer overflows
International Standard 15408
Programmable Read-Only Memory (PROM)
Enforces the rules
35. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Attributable data
Life-cycle assurance - O/B
International Standard 15408
36. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Overt channel
International Standard 15408
C2
Basic Security Theorem (used in computer science) definition
37. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Orange Book - D
B1
An abstract machine
38. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
A security domain
Stored in Reak Memory
Division D - Minimal Protection
The Strong star property rule
39. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Orange Book - B3
Division C - Discretionary Protection
security protection mechanisms
Orange Book B
40. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Complex Instruction Set Computers (CISC)
Direct Addressing
attributability
Multilevel Security Policies
41. Which would be designated as objects on a MAC system?
Files - directories and devices
Trusted Products Evaluation Program (TPEP)
Dedicated Security Mode
Ring 0
42. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Ring 2
Evaluated separately
Secondary Storage
43. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Orange Book ratings
Bell-LaPadula Model
The Rule is talking about writing
C2 - Controlled Access Protection
44. Used by Windows systems to reserve the "Swap Space"
Ring 3
Life-cycle assurance - O/B
Compare the security labels
Pagefile.sys file
45. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Evaluated separately
Security rating B
Pipelining
Operational assurance requirements
46. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Polyinstantiation
The Biba Model
Real storage
Programmable Read-Only Memory (PROM)
47. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
A Thread
C1 - Discretionary Security Protection
Overt channel
Physical security
48. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Firmware
Enforces the rules
Ring 2
49. The combination of RAM - Cache and the Processor Registers
Files - directories and devices
Secondary Storage
The Tranqulity principle (The Bell-LaPadula Model)
Primary storage
50. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Trusted hardware - Software and Firmware
The Rule is talking about writing
Accreditation