Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which TCSEC level first addresses object reuse?






2. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






3. Should always trace to individuals responsible for observing and recording the data






4. Minimal Security






5. According to the Orange Book - trusted facility management is not required for which security levels?






6. TCB contains The Security Kernel and all ______________.






7. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






8. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






9. Contains an Address of where the instruction and dara reside that need to be processed.






10. What does the simple integrity axiom mean in the Biba model?






11. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






12. Can be erased - modified and upgraded.






13. A domain of trust that shares a single security policy and single management






14. What is called the formal acceptance of the adequacy of a system's overall security by management?






15. The Reserved hard drive space used to to extend RAM capabilites.






16. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






17. What does the * (star) property mean in the Bell-LaPadula model?






18. Which Orange Book evaluation level is described as "Verified Design"?






19. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






20. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






21. Contains the beginning address






22. In the Bell-LaPadula Model the Object's Label contains ___________________.






23. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






24. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






25. A Policy based control. All objects and systems have a sensitivity level assigned to them






26. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






27. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






28. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






29. Succesfully Evaluated products are placed on?






30. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






31. The combination of RAM - Cache and the Processor Registers






32. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






33. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






34. Simpler instructions that require fewer clock cycles to execute.






35. The subject must have Need to Know for ONLY the information they are trying to access.






36. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






37. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






38. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






39. Discretionary protection






40. The security kernel is the mechanism that _____________ of the reference monitor concept.






41. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






42. What model use an access control triples and requires that the system maintain separation of duty ?






43. The Bell-LaPadula Model is a _______________.






44. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






45. System Architecture that separates system functionality into Hierarchical layers






46. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






47. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






48. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. The C2 evaluation class of the _________________ offers controlled access protection.






50. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements