Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the Bell-LaPadula Model the Subject's Label contains ___________________.






2. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






3. A domain of trust that shares a single security policy and single management






4. Remaining parts of the operating system






5. Verification Protection






6. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






8. What prevents a process from accessing another process' data?






9. Minimal Security






10. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






11. Another word for Primary storage and distinguishes physical memory from virtual memory.






12. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






13. TCB contains The Security Kernel and all ______________.






14. When a portion of primary memory is accessed by specifying the actual address of the memory location






15. In access control terms - the word "dominate" refers to ___________.






16. A Policy based control. All objects and systems have a sensitivity level assigned to them






17. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






18. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






19. Which increases the performance in a computer by overlapping the steps of different instructions?






20. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






21. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






22. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






23. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






24. What access control technique is also known as multilevel security?






25. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






26. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






27. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






28. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






29. Which can be used as a covert channel?






30. TCSEC provides a means to evaluate ______________________.






31. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






32. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






33. Operating System Kernel






34. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






35. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






36. Mandatory Protection






37. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






38. What are the components of an object's sensitivity label?






39. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






40. The Simple Security rule is refered to as______________.






41. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






42. The Orange book requires protection against two_____________ - which are these Timing and Storage






43. Individual subjects must be uniquely identified.






44. When a computer uses more than one CPU in parallel to execute instructions is known as?






45. The combination of RAM - Cache and the Processor Registers






46. Happen because input data is not checked for appropriate length at time of input






47. System Architecture that separates system functionality into Hierarchical layers






48. Which is a straightforward approach that provides access rights to subjects for objects?






49. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






50. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)