SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Happen because input data is not checked for appropriate length at time of input
The security perimeter
Buffer overflows
Pagefile.sys file
Direct addressing
2. Simpler instructions that require fewer clock cycles to execute.
B3
The trustworthiness of an information system
Reduced Instruction Set Computers (RISC)
B3
3. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
The security kernel
No read down
Attributable data
4. The C2 evaluation class of the _________________ offers controlled access protection.
No read up
Identification - Orange Book
Trusted Network Interpretation (TNI)
Buffer (temporary data storage area)
5. Bell-LaPadula model was proposed for enforcing access control in _____________________.
An abstract machine
Government and military applications
Dedicated Security Mode
Ring 0
6. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Simple Integrity Axiom
Dominate the object's sensitivity label
Invocation Property
Orange Book A
7. A set of objects that a subject is able to access
C1 - Discrection Security Protection is a type of environment
Life-cycle assurance - O/B
A Domain
Examples of Layered Operating Systems
8. The Physical memory address that the CPU uses
Relative Addresses
Orange Book interpretations
Absolute addresses
Accreditation
9. TCSEC provides a means to evaluate ______________________.
C1
Models concerned with integrity
The trustworthiness of an information system
'Dominate'
10. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Integrity
Buffer (temporary data storage area)
Orange Book C
A single classification and a Compartment Set
11. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
The Rule is talking about writing
Orange Book interpretations
The Evaluated Products List (EPL) with their corresponding rating
12. A type of memory used for High-speed writing and reading activities.
Cache Memory
Ring 2
The reference monitor
Logical addresses
13. Should always trace to individuals responsible for observing and recording the data
Orange Book - B2
Attributable data
The *-Property rule (Star property)
Security mechanisms and evalautes their effectivenes
14. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Isolate processes
Totality of protection mechanisms
The reference monitor
The "No read Up" rule
15. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
The Tranqulity principle (The Bell-LaPadula Model)
Division D - Minimal Protection
Simple Integrity Axiom
Evaluated separately
16. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
A Limit Register (Memory Management)
*-Integrity Axiom
Orange Book interpretations
C2 - Controlled Access Protection
17. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Ring 0
Dominate the object's sensitivity label
Fail safe
Isolate processes
18. Mandatory access control is enfored by the use of security labels.
System High Security Mode
Division B - Mandatory Protection
Bell-LaPadula Model
Polyinstantiation
19. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Simple Integrity Axiom
Security rating B
The *-Property rule (Star property)
Orange Book - B1
20. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
First evaluation class
Controlling unauthorized downgrading of information
A and B
Multilevel Security Policies
21. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Assigned labels
Storage and timing
Real storage
C2 - Controlled Access Protection
22. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Trusted hardware - Software and Firmware
Trusted facility management
C2 - Controlled Access Protection
Orange Book ratings
23. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Sensitivity labels
Orange Book - B3
B2
Security Policy
24. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
B3
B2 rating
NOT Integrity
Totality of protection mechanisms
25. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The security kernel
The Simple Security Property
Reduced Instruction Set Computers (RISC)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
26. The Bell-LaPadula Model is a _______________.
Primary storage
Isolate processes
The Integrity of data within applications
Subject to Object Model
27. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
First evaluation class
Networks and Communications
The National Computer Security Center (NCSC)
28. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Accreditation
Orange Book - D
The TCSEC - Aka Orange Book
29. When a computer uses more than one CPU in parallel to execute instructions is known as?
Virtual storage
First evaluation class
Multiprocessing
The trustworthiness of an information system
30. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
The security kernel
Pagefile.sys file
Clark-Wilson
31. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
B2
Orange Book C
Orange Book B
State machine model
32. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
A security kernel
The security perimeter
Virtual Memory
Scalar processors
33. Intended for environments that require systems to handle classified data.
Controls the checks
B1 - Labeled Security rating
The Strong star property rule
C2
34. Contains the ending address
Dedicated Security Mode
Covert channels
A Limit Register (Memory Management)
Government and military applications
35. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Multitasking
The Simple Security Property
Virtual storage
A security kernel
36. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Absolute addresses
First evaluation class
The Simple Security Property
Erasable and Programmable Read-Only Memory (EPROM)
37. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Overt channel
Accountability - Orange Book
Orange Book - B3
Simple Security Rule
38. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. Involves sharing the processor amoung all ready processes
Mandatory access control
Access Matrix model
Operational assurance requirements
Multitasking
40. Can be erased - modified and upgraded.
Division B - Mandatory Protection
Erasable and Programmable Read-Only Memory (EPROM)
Covert channels
State machine model
41. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
D
Division C - Discretionary Protection
Need-to-know
C1 - Discretionary Security Protection
42. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Pipelining
A1 - Rating
Mandatory Access Control (MAC)
43. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
The National Computer Security Center (NCSC)
Execution Domain
The rule is talking about "Reading"
44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Security Policy - Orange Book
Cache Memory
Clark-Wilson Model
First evaluation class
45. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Totality of protection mechanisms
A1 - Rating
Multilevel Security Policies
46. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Logical addresses
Prevent secret information from being accessed
Operational assurance requirements
Multilevel Security Policies
47. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Simple Security Rule
Administrative declaration
Secondary Storage
48. What access control technique is also known as multilevel security?
Mandatory access control
Be protected from modification
Subject to Object Model
Covert channels
49. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Execution Domain
Physical security
Most commonly used approach
50. Which in the Orange Book ratings represents the highest level of trust?
Security Policy is clearly defined and documented
B2
Discretionary Security Property (ds-property)
Orange Book A
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests