SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
The Red Book
The Tranqulity principle (The Bell-LaPadula Model)
The Biba Model
Isolate processes
2. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Identification - Orange Book
Orange Book - D
Security Policy - Orange Book
B3 - Rating
3. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Trusted facility management
Protection Rings Support
The security perimeter
4. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
B2 - Structured Protection
Security Policy - Orange Book
Absolute addresses
Operational assurance requirements
5. A type of memory used for High-speed writing and reading activities.
Most commonly used approach
Cache Memory
Isolate processes
Division C - Discretionary Protection
6. I/O drivers and utilities
Ring 2
Storage and timing
Trusted Network Interpretation (TNI)
Direct Addressing
7. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
The Red Book
The Security Kernel
Access control to the objects by the subjects
Ring 1
8. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
B2 - Structured Protection
A Layered Operating System Architecure
Life Cycle Assurance Requirement
Multilevel Security Policies
9. The Policy must be explicit and well defined and enforced by the mechanisms within the system
The Security Kernel
*-Integrity Axiom
Security Policy - Orange Book
Thrashing
10. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Division B - Mandatory Protection
Integrity
Indexed addressing
11. In the Bell-LaPadula Model the Object's Label contains ___________________.
Orange Book A
Most commonly used approach
Its classification label (Top Secret - Secret or confidential)
Sensitivity labels
12. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Swap Space
Life-cycle assurance - O/B
Clark-Wilson Model
Overt channel
13. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Examples of Layered Operating Systems
No read up
Be protected from modification
B3
14. In access control terms - the word "dominate" refers to ___________.
Trusted facility management
Higher or equal to access class
Labels - Orange Book
*-Integrity Axiom
15. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
A and B
Accreditation
Life Cycle Assurance Requirement
16. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
attributability
Swap Space
Thrashing
17. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
attributability
Orange Book A
The Strong star property rule
18. Should always trace to individuals responsible for observing and recording the data
Trusted Network Interpretation (TNI)
Attributable data
Protection Rings Support
Orange Book ratings
19. The subject must have Need to Know for ONLY the information they are trying to access.
The Trusted Computing Base (TCB)
Process isolation
Life Cycle Assurance Requirement
System High Security Mode
20. The security kernel is the mechanism that _____________ of the reference monitor concept.
An abstract machine
Cache Memory
The Simple Security Property
Enforces the rules
21. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
System High Security Mode
Trusted Products Evaluation Program (TPEP)
A security domain
D
22. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
No read down
The Tranqulity principle (The Bell-LaPadula Model)
Security Policy is clearly defined and documented
Trusted Network Interpretation (TNI)
23. According to the Orange Book - trusted facility management is not required for which security levels?
First evaluation class
B1
The National Computer Security Center (NCSC)
The Tranqulity principle (The Bell-LaPadula Model)
24. A Policy based control. All objects and systems have a sensitivity level assigned to them
First evaluation class
Life Cycle Assurance Requirement
Mandatory Access Control (MAC)
C2 - Controlled Access Protection
25. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Dedicated Security Mode
B1 - Labeled Security rating
Orange Book - B3
Pipelining
26. Which in the Orange Book ratings represents the highest level of trust?
Process isolation
Direct Addressing
B2
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
27. TCB contains The Security Kernel and all ______________.
security protection mechanisms
B2 - Structured Protection
In C2 - Controlled Access Protection environment
Certification
28. Happen because input data is not checked for appropriate length at time of input
Covert channels
Erasable and Programmable Read-Only Memory (EPROM)
Buffer overflows
B1
29. The *-Property rule is refered to as ____________.
The "No write Down" Rule
Thrashing
Basic Security Theorem (used in computer science) definition
Ring 2
30. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
B3
Erasable and Programmable Read-Only Memory (EPROM)
International Standard 15408
31. When a computer uses more than one CPU in parallel to execute instructions is known as?
Attributable - original - accurate - contemporaneous and legible
Subject to Object Model
B3
Multiprocessing
32. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Attributable data
A security domain
A security kernel
Trusted Distribution
33. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Trusted Network Interpretation (TNI)
Its classification label (Top Secret - Secret or confidential)
Orange Book - A1
Physical security
34. Used by Windows systems to reserve the "Swap Space"
Ring 3
The trustworthiness of an information system
Pagefile.sys file
Security rating B
35. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Invocation Property
Swap Space
Evaluated separately
The security perimeter
36. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
C2 - Controlled Access Protection
Certification
security protection mechanisms
Buffer (temporary data storage area)
37. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Absolute addresses
Clark-Wilson Model
Bell-LaPadula Model
Protection Rings Support
38. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Trusted Network Interpretation (TNI)
Indirect addressing
Continuous protection - O/B
Orange Book A
39. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
A lattice of Intergrity Levels
Basic Security Theorem (used in computer science) definition
Files - directories and devices
Cache Memory
40. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Controlling unauthorized downgrading of information
No read up
Subject to Object Model
Need-to-know
41. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
*-Integrity Axiom
attributability
Logical addresses
42. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
C2
Evaluated separately
Orange Book interpretations
*-Integrity Axiom
43. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
A security kernel
Virtual storage
C1
security protection mechanisms
44. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Process isolation
All Mandatory Access Control (MAC) systems
Division D - Minimal Protection
*-Integrity Axiom
45. Remaining parts of the operating system
The trustworthiness of an information system
An abstract machine
Ring 1
Protection Rings Support
46. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
The Evaluated Products List (EPL) with their corresponding rating
Enforces the rules
Trusted hardware - Software and Firmware
Access Matrix model
47. The Orange book requires protection against two_____________ - which are these Timing and Storage
Erasable and Programmable Read-Only Memory (EPROM)
Security mechanisms and evalautes their effectivenes
The Tranqulity principle (The Bell-LaPadula Model)
Types of covert channels
48. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Certification
C2
The Strong star property rule
Bell-LaPadula Model
49. Verification Protection
Orange Book A
A1
Examples of Layered Operating Systems
Buffer (temporary data storage area)
50. Execute one instruction at a time.
attributability
Orange Book - A1
Logical addresses
Scalar processors
