Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Remaining parts of the operating system






2. A type of memory used for High-speed writing and reading activities.






3. A system uses the Reference Monitor to ___________________ of a subject and an object?






4. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






5. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






6. The total combination of protection mechanisms within a computer system






7. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






8. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






9. A Policy based control. All objects and systems have a sensitivity level assigned to them






10. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


11. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






12. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






13. When the contents of the address defined in the program's instruction is added to that of an index register.






14. Permits a database to have two records that are identical except for Their classifications






15. Which uses Protection Profiles and Security Targets?






16. What does the simple integrity axiom mean in the Biba model?






17. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






18. Contains the ending address






19. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






20. The Simple Security rule is refered to as______________.






21. The Biba Model adresses _____________________.






22. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






23. I/O drivers and utilities






24. Each data object must contain a classification label and each subject must have a clearance label.






25. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






26. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






28. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






29. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






30. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






31. The TCB is the ________________ within a computer system that work together to enforce a security policy.






32. The Orange book requires protection against two_____________ - which are these Timing and Storage






33. The Orange book does NOT Cover ________________ - And Database management systems






34. In the Bell-LaPadula Model the Subject's Label contains ___________________.






35. Minimal Security






36. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






37. Which is an ISO standard product evaluation criteria that supersedes several different criteria






38. The Indexed memory addresses that software uses






39. Access control labels must be associated properly with objects.






40. The assignment of a specific individual to administer the security-related functions of a system.






41. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






42. Documentation must be provided - including test - design - and specification document - user guides and manuals






43. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






45. Discretionary protection






46. The Reserved hard drive space used to to extend RAM capabilites.






47. The Policy must be explicit and well defined and enforced by the mechanisms within the system






48. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






49. Which would be designated as objects on a MAC system?






50. When the RAM and secondary storage are combined the result is __________.