SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
Government and military applications
Subject to Object Model
Basic Security Theorem (used in computer science) definition
2. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Orange Book - D
System High Security Mode
B3
The Tranqulity principle (The Bell-LaPadula Model)
3. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C2 - Controlled Access Protection
Swap Space
Scalar processors
4. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Trusted Products Evaluation Program (TPEP)
Complex Instruction Set Computers (CISC)
Dedicated Security Mode
The Simple Security Property
5. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Its classification label (Top Secret - Secret or confidential)
All Mandatory Access Control (MAC) systems
Stored in Reak Memory
6. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Networks and Communications
Multiprocessing
Orange Book - B2
attributability
7. Trusted facility management is an assurance requirement only for ________________.
Subject to Object Model
Clark-Wilson Model
Disclosure of residual data
Highly secure systems (B2 - B3 and A1)
8. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
A Limit Register (Memory Management)
Trusted hardware - Software and Firmware
Buffer overflows
C2 - Controlled Access Protection
9. Can be erased - modified and upgraded.
C1
C2 - Controlled Access Protection
Assigned labels
Erasable and Programmable Read-Only Memory (EPROM)
10. Simpler instructions that require fewer clock cycles to execute.
Access control to the objects by the subjects
Reduced Instruction Set Computers (RISC)
B2
security protection mechanisms
11. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Covert channels
Direct Addressing
The reference monitor
12. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Models concerned with integrity
Controlling unauthorized downgrading of information
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Clark Wilson integrity model
13. Based on a known address with an offset value applied.
An abstract machine
Relative Addresses
Bell-LaPadula Model
B3
14. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
B1
Physical security
D
Indirect addressing
15. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Simple Integrity Axiom
The trustworthiness of an information system
Dominate the object's sensitivity label
Trusted hardware - Software and Firmware
16. Remaining parts of the operating system
B2 rating
Ring 1
Division B - Mandatory Protection
The Thread (memory Management)
17. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Dedicated Security Mode
Orange Book - B3
Physical security
Access control to the objects by the subjects
18. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
The Red Book
The reference monitor
Secondary Storage
19. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Access Matrix model
C1
Orange Book - B2
20. A set of objects that a subject is able to access
Orange Book B
A Domain
Multilevel Security Policies
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
21. The group that oversees the processes of evaluation within TCSEC is?
Protection Rings Support
Trusted Products Evaluation Program (TPEP)
Compare the security labels
Simple Security Rule
22. Applications and user activity
Certification
Ring 3
A security kernel
A Domain
23. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Firmware
Certification
The Evaluated Products List (EPL) with their corresponding rating
Ring 0
24. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Need-to-know
System High Security Mode
Security mechanisms and evalautes their effectivenes
Higher or equal to access class
25. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Security mechanisms and evalautes their effectivenes
Prohibits
Thrashing
Bell-LaPadula Model
26. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Covert channels
An abstract machine
B3
No read up
27. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Documentation - Orange Book
The Tranqulity principle (The Bell-LaPadula Model)
Execution Domain
28. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Need-to-know
In C2 - Controlled Access Protection environment
Orange Book - B3
29. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
Orange Book - B1
Trusted facility management
Ring 0
30. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
Administrative declaration
B3 - Rating
A security kernel
31. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Thrashing
The Tranqulity principle (The Bell-LaPadula Model)
Most commonly used approach
Buffer overflows
32. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
All Mandatory Access Control (MAC) systems
Real storage
Multilevel Security Policies
33. When a computer uses more than one CPU in parallel to execute instructions is known as?
B3 - Security Domains
Models concerned with integrity
The Biba Model
Multiprocessing
34. What does the simple integrity axiom mean in the Biba model?
Direct addressing
No read down
B1 - Labeled Security rating
Accreditation
35. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Security Policy - Orange Book
Direct Addressing
Prohibits
Division C - Discretionary Protection
36. According to the Orange Book - trusted facility management is not required for which security levels?
Controls the checks
Its Clearance Label (Top Secret - Secret - or Confidential)
No read down
B1
37. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Security Policy
Constrained
Operational assurance requirements
38. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Absolute addresses
C2 - Controlled Access Protection
Its classification label (Top Secret - Secret or confidential)
39. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
A lattice of Intergrity Levels
No read up
International Standard 15408
Firmware
40. Execute one instruction at a time.
Multiprocessing
Scalar processors
C2 - Controlled Access Protection
Clark-Wilson Model
41. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
The Security Kernel
B3
First evaluation class
Thrashing
42. Minimal Security
Evaluated separately
Orange Book - D
Attributable data
Access control to the objects by the subjects
43. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
A Layered Operating System Architecure
Clark-Wilson Model
Protection Rings Support
Totality of protection mechanisms
44. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Orange Book - B1
Trusted Distribution
A security kernel
Attributable data
45. The Bell-LaPadula Model is a _______________.
Subject to Object Model
In C2 - Controlled Access Protection environment
Logical addresses
Multiprocessing
46. Verification Protection
Orange Book A
Direct addressing
attributability
B3
47. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
In C2 - Controlled Access Protection environment
B3 - Security Domains
Trusted facility management
Overt channel
48. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Dedicated Security Mode
No read down
Overt channel
49. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Covert channels
TCB (Trusted Computing Base)
A security kernel
50. Which uses Protection Profiles and Security Targets?
International Standard 15408
Accountability - Orange Book
Security rating B
Compare the security labels
