SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What prevents a process from accessing another process' data?
Process isolation
C1 - Discretionary Security Protection
Accountability - Orange Book
Administrative declaration
2. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Direct addressing
The Clark Wilson integrity model
Documentation - Orange Book
The Biba Model
3. Execute one instruction at a time.
Scalar processors
Clark-Wilson Model
Discretionary Security Property (ds-property)
Networks and Communications
4. The Orange book does NOT Cover ________________ - And Database management systems
Attributable data
Implement software or systems in a production environment
Dedicated Security Mode
Networks and Communications
5. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
The Thread (memory Management)
A Limit Register (Memory Management)
Thrashing
6. Contains the ending address
A Limit Register (Memory Management)
Polyinstantiation
C2
Security rating B
7. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Simple Integrity Axiom
The Tranqulity principle (The Bell-LaPadula Model)
Dedicated Security Mode
8. Data in Cache can be accessed much more quickly than Data
Clark-Wilson
Need-to-know
Implement software or systems in a production environment
Stored in Reak Memory
9. Mandatory Access requires that _____________ be attached to all objects.
Orange Book - A1
A lattice of Intergrity Levels
Security Policy - Orange Book
Sensitivity labels
10. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Bell-LaPadula Model
B2
B2 - Structured Protection
11. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
A single classification and a Compartment Set
Orange Book - B2
Logical addresses
The Evaluated Products List (EPL) with their corresponding rating
12. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Discretionary Security Property (ds-property)
Trusted facility management
The reference monitor
13. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Polyinstantiation
Firmware
State machine model
Direct Addressing
14. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Life Cycle Assurance Requirement
A1 - Rating
Orange Book interpretations
A Layered Operating System Architecure
15. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Secondary Storage
Types of covert channels
All Mandatory Access Control (MAC) systems
16. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Trusted Distribution
B3
Security rating B
Trusted Products Evaluation Program (TPEP)
17. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
B1
Highly secure systems (B2 - B3 and A1)
The Clark Wilson integrity model
18. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
The security perimeter
Orange Book B
Dedicated Security Mode
19. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
The Clark Wilson integrity model
A Base Register (Memory Management)
Bell-LaPadula Model
C1 - Discretionary Security Protection
20. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Prevent secret information from being accessed
Evaluated separately
TCB (Trusted Computing Base)
21. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Access Matrix model
Physical security
The Clark Wilson integrity model
22. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
attributability
Real storage
Certification
The Tranqulity principle (The Bell-LaPadula Model)
23. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
Access Matrix model
Security Policy
Ring 1
24. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
The Monolithic Operation system Architecture
The Red Book
Operational assurance requirements
Trusted Products Evaluation Program (TPEP)
25. Based on a known address with an offset value applied.
A security kernel
Relative Addresses
Buffer overflows
B2 - Structured Protection
26. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Primary storage
Orange Book - B2
All Mandatory Access Control (MAC) systems
27. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Security mechanisms and evalautes their effectivenes
Buffer overflows
Ring 1
28. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Types of covert channels
NOT Integrity
The Common Criteria
29. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Compare the security labels
Accreditation
The National Computer Security Center (NCSC)
Operational assurance requirements
30. The C2 evaluation class of the _________________ offers controlled access protection.
Virtual Memory
Trusted Network Interpretation (TNI)
Direct addressing
C1
31. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Trusted Network Interpretation (TNI)
Orange Book A
Higher or equal to access class
32. The Physical memory address that the CPU uses
Absolute addresses
Overt channel
Certification
Multiprocessing
33. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Swap Space
NOT Integrity
B3 - Security Domains
Security Policy
34. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
No write down
Prevent secret information from being accessed
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Cache Memory
35. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Process isolation
The Simple Security Property
Attributable data
36. System Architecture that separates system functionality into Hierarchical layers
Cache Memory
Trusted Distribution
Indirect addressing
A Layered Operating System Architecure
37. Which Orange Book evaluation level is described as "Verified Design"?
The *-Property rule (Star property)
A1
C1 - Discrection Security Protection is a type of environment
Discretionary Security Property (ds-property)
38. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
A Base Register (Memory Management)
B3
The security perimeter
A security domain
39. Can be erased - modified and upgraded.
The security perimeter
Erasable and Programmable Read-Only Memory (EPROM)
Polyinstantiation
B1 - Labeled Security rating
40. A system uses the Reference Monitor to ___________________ of a subject and an object?
The Evaluated Products List (EPL) with their corresponding rating
First evaluation class
Compare the security labels
Direct addressing
41. What does the * (star) property mean in the Bell-LaPadula model?
B1
Security Policy - Orange Book
The Biba Model
No write down
42. In access control terms - the word "dominate" refers to ___________.
A Thread
B2 - Structured Protection
Life-cycle assurance - O/B
Higher or equal to access class
43. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
C1
C2 - Controlled Access Protection
Buffer (temporary data storage area)
The National Computer Security Center (NCSC)
44. When the RAM and secondary storage are combined the result is __________.
Reduced Instruction Set Computers (RISC)
Virtual Memory
Enforces the rules
No write down
45. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
A1 - Rating
Mandatory access control
The trustworthiness of an information system
46. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book C
Enforces the rules
Orange Book - A1
Documentation - Orange Book
47. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
The Common Criteria
Programmable Read-Only Memory (PROM)
The Clark Wilson integrity model
48. Mandatory access control is enfored by the use of security labels.
Highly secure systems (B2 - B3 and A1)
Division B - Mandatory Protection
Basic Security Theorem (used in computer science) definition
B2 rating
49. Which can be used as a covert channel?
Integrity
Complex Instruction Set Computers (CISC)
The security kernel
Storage and timing
50. Which uses Protection Profiles and Security Targets?
International Standard 15408
C2 - Controlled Access Protection
C2 - Controlled Access Protection
No write down
