SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains an Address of where the instruction and dara reside that need to be processed.
Be protected from modification
Orange Book - B1
The Thread (memory Management)
Trusted facility management
2. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
Trusted hardware - Software and Firmware
The "No read Up" rule
A lattice of Intergrity Levels
3. A system uses the Reference Monitor to ___________________ of a subject and an object?
Documentation - Orange Book
A security domain
Ring 2
Compare the security labels
4. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
The Trusted Computing Base (TCB)
The security perimeter
The Security Kernel
5. The assignment of a specific individual to administer the security-related functions of a system.
Orange Book interpretations
Certification
Trusted facility management
Direct Addressing
6. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Ring 3
Need-to-know
No read down
B3
7. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Complex Instruction Set Computers (CISC)
Files - directories and devices
C1 - Discretionary Security Protection
8. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Simple Integrity Axiom
Be protected from modification
Dedicated Security Mode
A1 - Rating
9. Happen because input data is not checked for appropriate length at time of input
Swap Space
C2
Attributable data
Buffer overflows
10. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Fail safe
Implement software or systems in a production environment
All Mandatory Access Control (MAC) systems
Security mechanisms and evalautes their effectivenes
11. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Its Clearance Label (Top Secret - Secret - or Confidential)
A and B
In C2 - Controlled Access Protection environment
A Thread
12. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Sensitivity labels
C2 - Controlled Access Protection
Administrative declaration
Prevent secret information from being accessed
14. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Fail safe
Multiprocessing
Trusted Distribution
Orange Book - B2
15. A type of memory used for High-speed writing and reading activities.
Trusted Network Interpretation (TNI)
Division D - Minimal Protection
Cache Memory
Mandatory access control
16. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Absolute addresses
Orange Book - B2
B3 - Rating
Buffer (temporary data storage area)
17. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Polyinstantiation
Stored in Reak Memory
Trusted hardware - Software and Firmware
Government and military applications
18. When a vendor submits a product for evaluation - it submits it to the ____________.
Security rating B
The National Computer Security Center (NCSC)
Thrashing
C2
19. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Invocation Property
System High Security Mode
Trusted Distribution
20. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Simple Integrity Axiom
Orange Book - D
Orange Book interpretations
Discretionary Security Property (ds-property)
21. According to the Orange Book - trusted facility management is not required for which security levels?
First evaluation class
Security mechanisms and evalautes their effectivenes
The Common Criteria
B1
22. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
The Common Criteria
D
Accreditation
C2 - Controlled Access Protection
23. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Swap Space
Secondary Storage
Bell-LaPadula Model
Security Policy
24. All users have a clearance for and a formal need to know about - all data processed with the system.
A1 - Rating
Orange Book - B3
Attributable data
Dedicated Security Mode
25. What does the simple integrity axiom mean in the Biba model?
Prohibits
A and B
Absolute addresses
No read down
26. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Types of covert channels
Be protected from modification
B2 - Structured Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
27. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
C2 - Controlled Access Protection
Prohibits
Examples of Layered Operating Systems
28. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Real storage
Be protected from modification
Mandatory Access Control (MAC)
29. Based on a known address with an offset value applied.
No write down
Clark-Wilson Model
B2
Relative Addresses
30. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
TCB (Trusted Computing Base)
Overt channel
The Biba Model
31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Integrity of data within applications
A Layered Operating System Architecure
32. Should always trace to individuals responsible for observing and recording the data
C1 - Discrection Security Protection is a type of environment
Attributable data
B1 - Labeled Security
Orange Book - B3
33. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Life Cycle Assurance Requirement
Orange Book - B3
B3 - Security Domains
Protection Rings Support
34. What model use an access control triples and requires that the system maintain separation of duty ?
No read up
Multiprocessing
Clark-Wilson Model
Clark-Wilson
35. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
B2 - Structured Protection
Access Matrix model
Clark-Wilson
36. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
All Mandatory Access Control (MAC) systems
Access Matrix model
State machine model
37. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Pagefile.sys file
The rule is talking about "Reading"
Sensitivity labels
Implement software or systems in a production environment
38. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Relative Addresses
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
B2 - Structured Protection
39. The security kernel is the mechanism that _____________ of the reference monitor concept.
Orange Book - D
Enforces the rules
A1 - Rating
No read up
40. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Types of covert channels
Basic Security Theorem (used in computer science) definition
Life Cycle Assurance Requirement
Division B - Mandatory Protection Architecture
41. When the RAM and secondary storage are combined the result is __________.
Secondary Storage
Life Cycle Assurance Requirement
Virtual Memory
Its Clearance Label (Top Secret - Secret - or Confidential)
42. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The Strong star property rule
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Covert channels
The security perimeter
43. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Indexed addressing
In C2 - Controlled Access Protection environment
Orange Book - A1
Orange Book A
44. The Indexed memory addresses that software uses
C1 - Discrection Security Protection is a type of environment
Thrashing
The Common Criteria
Logical addresses
45. What does the Clark-Wilson security model focus on
Orange Book - B1
Orange Book ratings
Pipelining
Integrity
46. Contains the beginning address
C1 - Discrection Security Protection is a type of environment
Constrained
Buffer overflows
A Base Register (Memory Management)
47. When a portion of primary memory is accessed by specifying the actual address of the memory location
Identification - Orange Book
Its classification label (Top Secret - Secret or confidential)
Direct addressing
Mandatory Access Control (MAC)
48. The Biba Model adresses _____________________.
Totality of protection mechanisms
Reduced Instruction Set Computers (RISC)
Multilevel Security Policies
The Integrity of data within applications
49. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Its Clearance Label (Top Secret - Secret - or Confidential)
A security domain
Prevent secret information from being accessed
Basic Security Theorem (used in computer science) definition
50. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
TCB (Trusted Computing Base)
A and B
'Dominate'