SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
The Tranqulity principle (The Bell-LaPadula Model)
Dominate the object's sensitivity label
Ring 3
2. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Government and military applications
The rule is talking about "Reading"
B2 - Structured Protection
Subject to Object Model
3. Data in Cache can be accessed much more quickly than Data
Controlling unauthorized downgrading of information
A Domain
Most commonly used approach
Stored in Reak Memory
4. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
The Simple Security Property
The Common Criteria
The TCSEC - Aka Orange Book
5. Documentation must be provided - including test - design - and specification document - user guides and manuals
The *-Property rule (Star property)
In C2 - Controlled Access Protection environment
Dedicated Security Mode
Documentation - Orange Book
6. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
A Limit Register (Memory Management)
Need-to-know
In C2 - Controlled Access Protection environment
7. What does the Clark-Wilson security model focus on
C2 - Controlled Access Protection
Integrity
Execution Domain
A lattice of Intergrity Levels
8. I/O drivers and utilities
Ring 2
The National Computer Security Center (NCSC)
Division B - Mandatory Protection
International Standard 15408
9. The TCB is the ________________ within a computer system that work together to enforce a security policy.
B2 - Structured Protection
Be protected from modification
D
Totality of protection mechanisms
10. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Simple Security Rule
Absolute addresses
Orange Book - B3
The Trusted Computing Base (TCB)
11. A type of memory used for High-speed writing and reading activities.
No write down
Cache Memory
The Integrity of data within applications
A1
12. According to the Orange Book - trusted facility management is not required for which security levels?
B3 - Rating
B2
B1
Logical addresses
13. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
security protection mechanisms
State machine model
attributability
14. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Life-cycle assurance - O/B
Controlling unauthorized downgrading of information
Division B - Mandatory Protection Architecture
A security domain
15. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Multilevel Security Policies
Be protected from modification
Division B - Mandatory Protection Architecture
The security perimeter
16. The combination of RAM - Cache and the Processor Registers
Storage and timing
A1
Primary storage
A1 - Rating
17. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
A and B
Buffer overflows
First evaluation class
Disclosure of residual data
18. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Relative Addresses
Secondary Storage
Virtual Memory
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
19. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Multiprocessing
Prohibits
Models concerned with integrity
Stored in Reak Memory
20. What model use an access control triples and requires that the system maintain separation of duty ?
Trusted Network Interpretation (TNI)
Erasable and Programmable Read-Only Memory (EPROM)
Covert channels
Clark-Wilson
21. A system uses the Reference Monitor to ___________________ of a subject and an object?
Continuous protection - O/B
Cache Memory
Compare the security labels
Controls the checks
22. Which TCSEC level first addresses object reuse?
Relative Addresses
No read up
Trusted facility management
C2
23. Can be erased - modified and upgraded.
Direct Addressing
attributability
The TCSEC - Aka Orange Book
Erasable and Programmable Read-Only Memory (EPROM)
24. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Networks and Communications
Its Clearance Label (Top Secret - Secret - or Confidential)
'Dominate'
Division D - Minimal Protection
25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
*-Integrity Axiom
Access Matrix model
The Monolithic Operation system Architecture
26. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Discretionary Security Property (ds-property)
Accountability - Orange Book
NOT Integrity
Assigned labels
27. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
System High Security Mode
Trusted facility management
Process isolation
The National Computer Security Center (NCSC)
28. Which increases the performance in a computer by overlapping the steps of different instructions?
A security domain
NOT Integrity
Division C - Discretionary Protection
Pipelining
29. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Buffer (temporary data storage area)
Programmable Read-Only Memory (PROM)
Multilevel Security Policies
Accreditation
30. Used by Windows systems to reserve the "Swap Space"
Pipelining
Pagefile.sys file
First evaluation class
TCB (Trusted Computing Base)
31. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Division B - Mandatory Protection
Government and military applications
Firmware
The Monolithic Operation system Architecture
32. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
The security kernel
Attributable data
The *-Property rule (Star property)
33. Each data object must contain a classification label and each subject must have a clearance label.
Integrity
Certification
B1 - Labeled Security
Be protected from modification
34. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Indexed addressing
A Layered Operating System Architecure
Examples of Layered Operating Systems
Government and military applications
35. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Fail safe
Orange Book interpretations
A Limit Register (Memory Management)
36. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
System High Security Mode
Sensitivity labels
Discretionary Security Property (ds-property)
Models concerned with integrity
37. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Covert channels
Simple Integrity Axiom
Indexed addressing
The security perimeter
38. Execute one instruction at a time.
Storage and timing
Dominate the object's sensitivity label
Scalar processors
Enforces the rules
39. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Clark-Wilson Model
Direct Addressing
Trusted hardware - Software and Firmware
Orange Book - A1
40. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
Multiprocessing
TCB (Trusted Computing Base)
Ring 3
41. Mediates all access and Functions between subjects and objects.
Its classification label (Top Secret - Secret or confidential)
B3
Cache Memory
The Security Kernel
42. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Enforces the rules
In C2 - Controlled Access Protection environment
Firmware
A1
43. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Constrained
Trusted Distribution
Firmware
Government and military applications
44. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
The Integrity of data within applications
Access control to the objects by the subjects
C2 - Controlled Access Protection
45. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Bell-LaPadula Model
Access Matrix model
No read up
46. The C2 evaluation class of the _________________ offers controlled access protection.
Orange Book - A1
A security kernel
Cache Memory
Trusted Network Interpretation (TNI)
47. What prevents a process from accessing another process' data?
B3
The Strong star property rule
Trusted Products Evaluation Program (TPEP)
Process isolation
48. Which uses Protection Profiles and Security Targets?
Discretionary Security Property (ds-property)
Multiprocessing
International Standard 15408
C2 - Controlled Access Protection
49. Applications and user activity
Fail safe
Ring 3
Mandatory Access Control (MAC)
The TCSEC - Aka Orange Book
50. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Prohibits
Files - directories and devices
Documentation - Orange Book