SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Logical addresses
B2 rating
Attributable data
security protection mechanisms
2. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Disclosure of residual data
Orange Book - B3
Division C - Discretionary Protection
3. TCSEC provides a means to evaluate ______________________.
NOT Integrity
The trustworthiness of an information system
TCB (Trusted Computing Base)
Division D - Minimal Protection
4. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
B3
D
C2 - Controlled Access Protection
The "No write Down" Rule
5. A domain of trust that shares a single security policy and single management
The security perimeter
A security domain
Complex Instruction Set Computers (CISC)
Trusted Products Evaluation Program (TPEP)
6. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
Most commonly used approach
Division C - Discretionary Protection
C2 - Controlled Access Protection
7. The Indexed memory addresses that software uses
The Red Book
B1
Logical addresses
Assigned labels
8. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
The security kernel
Trusted Distribution
A Layered Operating System Architecure
Pagefile.sys file
9. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Models concerned with integrity
Higher or equal to access class
Security Policy - Orange Book
B3 - Rating
10. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
Virtual storage
Clark-Wilson
Ring 2
11. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
A Thread
Programmable Read-Only Memory (PROM)
Access control to the objects by the subjects
12. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Division D - Minimal Protection
Orange Book - B2
Evaluated separately
Orange Book - B3
13. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Fail safe
Isolate processes
Complex Instruction Set Computers (CISC)
C2 - Controlled Access Protection
14. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
The Simple Security Property
Multitasking
attributability
15. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Trusted facility management
Protection Rings Support
Isolate processes
Life Cycle Assurance Requirement
16. Succesfully Evaluated products are placed on?
Physical security
The Clark Wilson integrity model
Pipelining
The Evaluated Products List (EPL) with their corresponding rating
17. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
The Clark Wilson integrity model
Secondary Storage
System High Security Mode
Controlling unauthorized downgrading of information
18. When the RAM and secondary storage are combined the result is __________.
Higher or equal to access class
Discretionary Security Property (ds-property)
Cache Memory
Virtual Memory
19. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
The Monolithic Operation system Architecture
Protection Rings Support
'Dominate'
Controls the checks
20. Mandatory Access requires that _____________ be attached to all objects.
Be protected from modification
Sensitivity labels
The Security Kernel
B3 - Rating
21. What does the simple security (ss) property mean in the Bell-LaPadula model?
B2 - Structured Protection
Access control to the objects by the subjects
Simple Integrity Axiom
No read up
22. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Networks and Communications
Basic Security Theorem (used in computer science) definition
Orange Book ratings
23. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
International Standard 15408
The Clark Wilson integrity model
Bell-LaPadula Model
Networks and Communications
24. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Discretionary Security Property (ds-property)
The Common Criteria
The National Computer Security Center (NCSC)
Trusted Network Interpretation (TNI)
25. In the Bell-LaPadula Model the Object's Label contains ___________________.
The Integrity of data within applications
Its classification label (Top Secret - Secret or confidential)
The rule is talking about "Reading"
Orange Book A
26. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book interpretations
Trusted Products Evaluation Program (TPEP)
27. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Controlling unauthorized downgrading of information
Models concerned with integrity
Primary storage
28. Which describe a condition when RAM and Secondary storage are used together?
Execution Domain
The security kernel
Virtual storage
Discretionary Security Property (ds-property)
29. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
A and B
The Evaluated Products List (EPL) with their corresponding rating
Prevent secret information from being accessed
Physical security
30. Documentation must be provided - including test - design - and specification document - user guides and manuals
Orange Book - D
Higher or equal to access class
Documentation - Orange Book
Mandatory Access Control (MAC)
31. Simpler instructions that require fewer clock cycles to execute.
Enforces the rules
Access control to the objects by the subjects
Multilevel Security Policies
Reduced Instruction Set Computers (RISC)
32. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
An abstract machine
Orange Book A
Overt channel
The Security Kernel
33. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Thrashing
C2
A Thread
The security kernel
34. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Reduced Instruction Set Computers (RISC)
A1 - Rating
Multilevel Security Policies
All Mandatory Access Control (MAC) systems
35. The subject must have Need to Know for ONLY the information they are trying to access.
B3
The Evaluated Products List (EPL) with their corresponding rating
System High Security Mode
Physical security
36. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Buffer overflows
Programmable Read-Only Memory (PROM)
The Biba Model
37. The Simple Security rule is refered to as______________.
B3 - Rating
Identification - Orange Book
A Thread
The "No read Up" rule
38. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Networks and Communications
Division C - Discretionary Protection
A Domain
Be protected from modification
39. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Integrity
Ring 3
Accreditation
40. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
The security perimeter
Orange Book interpretations
*-Integrity Axiom
42. What model use an access control triples and requires that the system maintain separation of duty ?
B1 - Labeled Security
Logical addresses
Clark-Wilson
A security kernel
43. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Accountability - Orange Book
Identification - Orange Book
Orange Book interpretations
44. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Highly secure systems (B2 - B3 and A1)
The Simple Security Property
Types of covert channels
Discretionary Security Property (ds-property)
45. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Government and military applications
Swap Space
Enforces the rules
Orange Book - B1
46. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
Trusted Network Interpretation (TNI)
International Standard 15408
Orange Book B
47. Which uses Protection Profiles and Security Targets?
Models concerned with integrity
Covert channels
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
International Standard 15408
48. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
The Trusted Computing Base (TCB)
Assigned labels
Division B - Mandatory Protection
49. Applications and user activity
Ring 3
Security Policy - Orange Book
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
50. A type of memory used for High-speed writing and reading activities.
Logical addresses
Cache Memory
The security perimeter
Division C - Discretionary Protection
