SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
The "No write Down" Rule
The Strong star property rule
Discretionary Security Property (ds-property)
A Thread
2. Which TCSEC level first addresses object reuse?
Dedicated Security Mode
C2
Access Matrix model
All Mandatory Access Control (MAC) systems
3. Which describe a condition when RAM and Secondary storage are used together?
Access Matrix model
Clark-Wilson
Virtual storage
Certification
4. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
Implement software or systems in a production environment
Scalar processors
'Dominate'
6. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Its Clearance Label (Top Secret - Secret - or Confidential)
Compare the security labels
Integrity
7. What access control technique is also known as multilevel security?
Sensitivity labels
Cache Memory
Mandatory access control
A1 - Rating
8. TCSEC provides a means to evaluate ______________________.
The security perimeter
The trustworthiness of an information system
A Base Register (Memory Management)
Most commonly used approach
9. Involves sharing the processor amoung all ready processes
Documentation - Orange Book
Multitasking
Security Policy is clearly defined and documented
'Dominate'
10. TCB contains The Security Kernel and all ______________.
A lattice of Intergrity Levels
security protection mechanisms
State machine model
NOT Integrity
11. A set of objects that a subject is able to access
A Domain
Trusted Network Interpretation (TNI)
Division D - Minimal Protection
Evaluated separately
12. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Absolute addresses
The security perimeter
The *-Property rule (Star property)
Trusted Distribution
13. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Process isolation
*-Integrity Axiom
Totality of protection mechanisms
Buffer overflows
14. Which in the Orange Book ratings represents the highest level of trust?
B2
Division C - Discretionary Protection
Orange Book ratings
C1
15. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Compare the security labels
A Domain
No write down
16. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Multitasking
Clark-Wilson Model
Attributable data
Ring 3
17. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Mandatory Access Control (MAC)
The Simple Security Property
Programmable Read-Only Memory (PROM)
Administrative declaration
18. Minimal Security
Ring 3
Examples of Layered Operating Systems
Isolate processes
Orange Book - D
19. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Clark-Wilson
Clark-Wilson Model
A security kernel
Life Cycle Assurance Requirement
20. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Orange Book - A1
B2 rating
Polyinstantiation
Pagefile.sys file
21. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
B2 rating
Virtual Memory
Life Cycle Assurance Requirement
Government and military applications
22. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
System High Security Mode
Indexed addressing
Orange Book - B3
Covert channels
23. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Erasable and Programmable Read-Only Memory (EPROM)
A security kernel
The security perimeter
Division B - Mandatory Protection Architecture
24. Remaining parts of the operating system
B1 - Labeled Security rating
Ring 1
Direct Addressing
Its classification label (Top Secret - Secret or confidential)
25. Applications and user activity
security protection mechanisms
No read up
Buffer (temporary data storage area)
Ring 3
26. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
A security domain
Swap Space
Orange Book ratings
Subject to Object Model
27. Used by Windows systems to reserve the "Swap Space"
Orange Book A
Attributable data
Pagefile.sys file
TCB (Trusted Computing Base)
28. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
No read up
No write down
Fail safe
29. System Architecture that separates system functionality into Hierarchical layers
Multilevel Security Policies
Prevent secret information from being accessed
A Layered Operating System Architecure
Covert channels
30. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
The trustworthiness of an information system
Identification - Orange Book
A lattice of Intergrity Levels
attributability
31. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Programmable Read-Only Memory (PROM)
C2 - Controlled Access Protection
A security domain
Process isolation
32. What are the components of an object's sensitivity label?
Isolate processes
Covert channels
A single classification and a Compartment Set
B2 rating
33. The Physical memory address that the CPU uses
International Standard 15408
Absolute addresses
Polyinstantiation
Clark-Wilson Model
34. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
The Trusted Computing Base (TCB)
Polyinstantiation
Orange Book - B1
35. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The Biba Model
Multitasking
Stored in Reak Memory
Complex Instruction Set Computers (CISC)
36. Based on a known address with an offset value applied.
Evaluated separately
Security Policy is clearly defined and documented
Buffer (temporary data storage area)
Relative Addresses
37. When a computer uses more than one CPU in parallel to execute instructions is known as?
Ring 0
The Security Kernel
Multiprocessing
Orange Book - B2
38. In the Bell-LaPadula Model the Object's Label contains ___________________.
Trusted hardware - Software and Firmware
Its classification label (Top Secret - Secret or confidential)
Invocation Property
Multiprocessing
39. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Multitasking
Division B - Mandatory Protection
State machine model
40. Happen because input data is not checked for appropriate length at time of input
The trustworthiness of an information system
Buffer overflows
C1
C1 - Discrection Security Protection is a type of environment
41. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Simple Security Rule
Pipelining
First evaluation class
42. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Access control to the objects by the subjects
Orange Book - A1
The rule is talking about "Reading"
Cache Memory
43. The Bell-LaPadula model Subjects and Objects are ___________.
Ring 1
A1
System High Security Mode
Assigned labels
44. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
C1 - Discrection Security Protection is a type of environment
The Red Book
B2
The Evaluated Products List (EPL) with their corresponding rating
45. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
B3
Security mechanisms and evalautes their effectivenes
State machine model
B2 rating
46. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
*-Integrity Axiom
State machine model
D
47. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Evaluated separately
Multitasking
B2 rating
48. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
The Rule is talking about writing
B1 - Labeled Security rating
NOT Integrity
Life Cycle Assurance Requirement
49. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
The National Computer Security Center (NCSC)
Orange Book - B2
Pipelining
50. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
C2 - Controlled Access Protection
Direct addressing
Sensitivity labels
Need-to-know
