Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Contains the beginning address
A Base Register (Memory Management)
Types of covert channels
Dedicated Security Mode
C1 - Discrection Security Protection is a type of environment

2. The Reserved hard drive space used to to extend RAM capabilites.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Swap Space
Process isolation
No read up

3. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
C2 - Controlled Access Protection
Buffer (temporary data storage area)
A Thread

4. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Constrained
Prevent secret information from being accessed
Accreditation
Process isolation

5. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The security perimeter
Storage and timing
The TCSEC - Aka Orange Book
Higher or equal to access class

6. Trusted facility management is an assurance requirement only for ________________.
B3
A Base Register (Memory Management)
Highly secure systems (B2 - B3 and A1)
First evaluation class

7. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Buffer (temporary data storage area)
The Evaluated Products List (EPL) with their corresponding rating
Basic Security Theorem (used in computer science) definition
The security perimeter

8. Contains the ending address
'Dominate'
First evaluation class
Ring 0
A Limit Register (Memory Management)

9. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The *-Property rule (Star property)
Indexed addressing
A Limit Register (Memory Management)
Direct Addressing

10. TCB contains The Security Kernel and all ______________.
The National Computer Security Center (NCSC)
International Standard 15408
Ring 1
security protection mechanisms

11. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
No read up
Overt channel
Controls the checks

12. Mandatory Access requires that _____________ be attached to all objects.
State machine model
B3
Sensitivity labels
A Base Register (Memory Management)

13. When the contents of the address defined in the program's instruction is added to that of an index register.
A security kernel
B2 rating
Mandatory access control
Indexed addressing

14. The Simple Security rule is refered to as______________.
A and B
First evaluation class
Protection Rings Support
The "No read Up" rule

15. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Enforces the rules
Trusted Products Evaluation Program (TPEP)
Attributable data

16. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Subject to Object Model
In C2 - Controlled Access Protection environment
Administrative declaration
The Monolithic Operation system Architecture

17. Used by Windows systems to reserve the "Swap Space"
Need-to-know
Subject to Object Model
Process isolation
Pagefile.sys file

18. What prevents a process from accessing another process' data?
A Domain
Invocation Property
Process isolation
Totality of protection mechanisms

19. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Accreditation
Controlling unauthorized downgrading of information
Labels - Orange Book
Buffer (temporary data storage area)

20. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
A security domain
Isolate processes
Firmware
Virtual storage

21. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Fail safe
A lattice of Intergrity Levels
Integrity
The Rule is talking about writing

22. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
The Rule is talking about writing
Its Clearance Label (Top Secret - Secret - or Confidential)
Controlling unauthorized downgrading of information

23. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Subject to Object Model
security protection mechanisms
Pagefile.sys file

24. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
Trusted facility management
C2
An abstract machine

25. In the Bell-LaPadula Model the Object's Label contains ___________________.
Ring 3
A lattice of Intergrity Levels
The security perimeter
Its classification label (Top Secret - Secret or confidential)

26. TCSEC provides a means to evaluate ______________________.
The Security Kernel
Government and military applications
The Trusted Computing Base (TCB)
The trustworthiness of an information system

27. The combination of RAM - Cache and the Processor Registers
The National Computer Security Center (NCSC)
Primary storage
Dominate the object's sensitivity label
A security domain

28. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
The Integrity of data within applications
The Biba Model
Ring 1

29. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy is clearly defined and documented
Overt channel
Security Policy
Orange Book A

30. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
B2
Dedicated Security Mode
Buffer overflows
The *-Property rule (Star property)

31. Individual subjects must be uniquely identified.
Dedicated Security Mode
Identification - Orange Book
Real storage
A and B

32. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Indexed addressing
Covert channels
Most commonly used approach
Division C - Discretionary Protection

33. I/O drivers and utilities
Ring 2
Trusted hardware - Software and Firmware
Multitasking
Orange Book - B2

34. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
A security domain
Orange Book interpretations
Clark-Wilson Model
Division B - Mandatory Protection Architecture

35. Which Orange Book evaluation level is described as "Verified Design"?
Fail safe
Clark-Wilson Model
A1
Orange Book A

36. When a vendor submits a product for evaluation - it submits it to the ____________.
Virtual Memory
A Limit Register (Memory Management)
Division D - Minimal Protection
The National Computer Security Center (NCSC)

37. Involves sharing the processor amoung all ready processes
A Domain
The *-Property rule (Star property)
security protection mechanisms
Multitasking

38. The Bell-LaPadula Model is a _______________.
The National Computer Security Center (NCSC)
Attributable data
Subject to Object Model
Clark-Wilson

39. The group that oversees the processes of evaluation within TCSEC is?
The Thread (memory Management)
Trusted Products Evaluation Program (TPEP)
A Base Register (Memory Management)
Multilevel Security Policies

40. Contains an Address of where the instruction and dara reside that need to be processed.
Orange Book - B2
*-Integrity Axiom
The Thread (memory Management)
Thrashing

41. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Clark-Wilson
Administrative declaration
B2

42. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Fail safe
Logical addresses
Trusted facility management
The Monolithic Operation system Architecture

43. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The Trusted Computing Base (TCB)
attributability
Prevent secret information from being accessed
Swap Space

44. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Orange Book - D
C2
Access control to the objects by the subjects
Government and military applications

45. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
A Thread
The Rule is talking about writing
Scalar processors

46. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Bell-LaPadula Model
Accountability - Orange Book
Logical addresses

47. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Types of covert channels
The security perimeter
Mandatory Access Control (MAC)
Scalar processors

48. The Physical memory address that the CPU uses
Ring 3
Absolute addresses
Dominate the object's sensitivity label
Physical security

49. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Multiprocessing
Stored in Reak Memory
The reference monitor
The Thread (memory Management)

50. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Be protected from modification
C1
Examples of Layered Operating Systems
Trusted Distribution

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests