Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The security kernel is the mechanism that _____________ of the reference monitor concept.






2. Subjects and Objects cannot change their security levels once they have been instantiated (created)






3. Minimal Security






4. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






5. Simpler instructions that require fewer clock cycles to execute.






6. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






7. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






8. The *-Property rule is refered to as ____________.






9. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






10. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






11. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


12. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






13. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






14. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






15. In the Bell-LaPadula Model the Subject's Label contains ___________________.






16. When the contents of the address defined in the program's instruction is added to that of an index register.






17. What does the * (star) property mean in the Bell-LaPadula model?






18. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






19. Applications and user activity






20. Which can be used as a covert channel?






21. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






22. A system uses the Reference Monitor to ___________________ of a subject and an object?






23. Which would be designated as objects on a MAC system?






24. The combination of RAM - Cache and the Processor Registers






25. The assignment of a specific individual to administer the security-related functions of a system.






26. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






27. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






28. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






29. What does the Clark-Wilson security model focus on






30. A subject at a given clearance may not read an object at a higher classification






31. I/O drivers and utilities






32. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






33. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






34. The Reserved hard drive space used to to extend RAM capabilites.






35. What model use an access control triples and requires that the system maintain separation of duty ?






36. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






37. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






38. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






39. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






40. When the RAM and secondary storage are combined the result is __________.






41. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






42. The Biba Model adresses _____________________.






43. A Policy based control. All objects and systems have a sensitivity level assigned to them






44. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






45. What are the components of an object's sensitivity label?






46. Happen because input data is not checked for appropriate length at time of input






47. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






48. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






49. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






50. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m