SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Disclosure of residual data
Constrained
Identification - Orange Book
Dominate the object's sensitivity label
2. Based on a known address with an offset value applied.
Ring 3
Protection Rings Support
TCB (Trusted Computing Base)
Relative Addresses
3. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
4. The Physical memory address that the CPU uses
Absolute addresses
C2
Process isolation
International Standard 15408
5. When the RAM and secondary storage are combined the result is __________.
Division D - Minimal Protection
The Trusted Computing Base (TCB)
Virtual Memory
C2
6. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Security Policy
The Red Book
A Limit Register (Memory Management)
Storage and timing
7. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
C2 - Controlled Access Protection
B3 - Rating
Division C - Discretionary Protection
A lattice of Intergrity Levels
8. Mandatory Access requires that _____________ be attached to all objects.
The security perimeter
The reference monitor
No read down
Sensitivity labels
9. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
Security Policy is clearly defined and documented
B3
Ring 1
10. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Sensitivity labels
Real storage
Operational assurance requirements
11. Which Orange Book evaluation level is described as "Verified Design"?
Controlling unauthorized downgrading of information
Swap Space
The security kernel
A1
12. Involves sharing the processor amoung all ready processes
Multitasking
Identification - Orange Book
Disclosure of residual data
Its classification label (Top Secret - Secret or confidential)
13. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
C2
Access control to the objects by the subjects
Evaluated separately
Storage and timing
14. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Virtual storage
Be protected from modification
Invocation Property
An abstract machine
15. The Biba Model adresses _____________________.
The Integrity of data within applications
security protection mechanisms
Division C - Discretionary Protection
Certification
16. Verification Protection
Orange Book A
B1
A single classification and a Compartment Set
A Domain
17. Permits a database to have two records that are identical except for Their classifications
Orange Book - B3
Need-to-know
The Rule is talking about writing
Polyinstantiation
18. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
State machine model
C2 - Controlled Access Protection
The security kernel
19. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Orange Book C
The Tranqulity principle (The Bell-LaPadula Model)
Clark-Wilson Model
Attributable - original - accurate - contemporaneous and legible
20. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Networks and Communications
Identification - Orange Book
Stored in Reak Memory
21. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The TCSEC - Aka Orange Book
Complex Instruction Set Computers (CISC)
The Biba Model
The Evaluated Products List (EPL) with their corresponding rating
22. System Architecture that separates system functionality into Hierarchical layers
The Trusted Computing Base (TCB)
A Layered Operating System Architecure
Multilevel Security Policies
Dedicated Security Mode
23. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Orange Book - D
The TCSEC - Aka Orange Book
A1 - Rating
Models concerned with integrity
24. When the address location that is specified in the program instruction contains the address of the final desired location.
C1 - Discrection Security Protection is a type of environment
Indirect addressing
Subject to Object Model
Polyinstantiation
25. The Bell-LaPadula model Subjects and Objects are ___________.
Mandatory access control
No read up
Assigned labels
Division B - Mandatory Protection Architecture
26. The Bell-LaPadula Model is a _______________.
Subject to Object Model
The Biba Model
Controls the checks
In C2 - Controlled Access Protection environment
27. What does the Clark-Wilson security model focus on
Multitasking
Integrity
B2 - Structured Protection
Dedicated Security Mode
28. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
No read up
Controlling unauthorized downgrading of information
Division B - Mandatory Protection Architecture
Security Policy is clearly defined and documented
29. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Labels - Orange Book
Complex Instruction Set Computers (CISC)
Dominate the object's sensitivity label
The Monolithic Operation system Architecture
30. The group that oversees the processes of evaluation within TCSEC is?
Life Cycle Assurance Requirement
Clark-Wilson
Trusted Products Evaluation Program (TPEP)
International Standard 15408
31. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Controlling unauthorized downgrading of information
Examples of Layered Operating Systems
attributability
Life-cycle assurance - O/B
32. Trusted facility management is an assurance requirement only for ________________.
Continuous protection - O/B
Highly secure systems (B2 - B3 and A1)
The National Computer Security Center (NCSC)
B3
33. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
No read down
Isolate processes
Attributable - original - accurate - contemporaneous and legible
The Simple Security Property
34. What prevents a process from accessing another process' data?
Logical addresses
Process isolation
The Integrity of data within applications
Integrity
35. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Trusted Network Interpretation (TNI)
Security rating B
Operational assurance requirements
Ring 3
36. TCB contains The Security Kernel and all ______________.
Relative Addresses
The Simple Security Property
Security Policy - Orange Book
security protection mechanisms
37. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Protection Rings Support
Scalar processors
The security kernel
38. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Multiprocessing
System High Security Mode
Be protected from modification
Overt channel
39. The Simple Security rule is refered to as______________.
The "No read Up" rule
Basic Security Theorem (used in computer science) definition
Enforces the rules
A Domain
40. Should always trace to individuals responsible for observing and recording the data
Virtual Memory
Attributable data
Isolate processes
Files - directories and devices
41. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Division C - Discretionary Protection
Sensitivity labels
Isolate processes
42. Each data object must contain a classification label and each subject must have a clearance label.
Orange Book - B1
In C2 - Controlled Access Protection environment
B1 - Labeled Security
attributability
43. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Examples of Layered Operating Systems
Ring 3
An abstract machine
Accountability - Orange Book
44. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Trusted Products Evaluation Program (TPEP)
Invocation Property
Clark-Wilson
45. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Attributable - original - accurate - contemporaneous and legible
Orange Book - A1
The trustworthiness of an information system
Buffer overflows
46. When the contents of the address defined in the program's instruction is added to that of an index register.
A Layered Operating System Architecure
Indexed addressing
The Evaluated Products List (EPL) with their corresponding rating
Clark-Wilson
47. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Most commonly used approach
Secondary Storage
Need-to-know
B3 - Security Domains
48. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Complex Instruction Set Computers (CISC)
Disclosure of residual data
Its Clearance Label (Top Secret - Secret - or Confidential)
Process isolation
49. Contains the beginning address
B2 rating
A Base Register (Memory Management)
Subject to Object Model
Reduced Instruction Set Computers (RISC)
50. Individual subjects must be uniquely identified.
C2 - Controlled Access Protection
Ring 1
Identification - Orange Book
Access control to the objects by the subjects
