Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Which Orange Book evaluation level is described as "Verified Design"?
A1
Controlling unauthorized downgrading of information
Pipelining
Security mechanisms and evalautes their effectivenes

2. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
Virtual storage
The Integrity of data within applications
No write down

3. A Policy based control. All objects and systems have a sensitivity level assigned to them
Bell-LaPadula Model
The Strong star property rule
Files - directories and devices
Mandatory Access Control (MAC)

4. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Trusted Products Evaluation Program (TPEP)
Multiprocessing
B2 - Structured Protection
Simple Integrity Axiom

5. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Its classification label (Top Secret - Secret or confidential)
A Base Register (Memory Management)
A security kernel

6. Which describe a condition when RAM and Secondary storage are used together?
The Simple Security Property
D
Ring 1
Virtual storage

7. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Trusted hardware - Software and Firmware
An abstract machine
Prohibits

8. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Totality of protection mechanisms
The trustworthiness of an information system
Certification

9. When a vendor submits a product for evaluation - it submits it to the ____________.
Examples of Layered Operating Systems
Totality of protection mechanisms
The National Computer Security Center (NCSC)
Enforces the rules

10. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Division B - Mandatory Protection
The Strong star property rule
A1
A Layered Operating System Architecure

11. What are the components of an object's sensitivity label?
First evaluation class
Prevent secret information from being accessed
Mandatory access control
A single classification and a Compartment Set

12. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Accountability - Orange Book
Orange Book ratings
Evaluated separately
Firmware

13. Which uses Protection Profiles and Security Targets?
International Standard 15408
C2
Scalar processors
C1 - Discrection Security Protection is a type of environment

14. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Bell-LaPadula Model
The Common Criteria
A and B
*-Integrity Axiom

15. The Orange book requires protection against two_____________ - which are these Timing and Storage
Implement software or systems in a production environment
The security perimeter
A and B
Types of covert channels

16. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Scalar processors
Orange Book B
Bell-LaPadula Model

17. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Direct Addressing
Relative Addresses
Basic Security Theorem (used in computer science) definition
Access control to the objects by the subjects

18. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
C1 - Discretionary Security Protection
Examples of Layered Operating Systems
The National Computer Security Center (NCSC)
Security mechanisms and evalautes their effectivenes

19. Each data object must contain a classification label and each subject must have a clearance label.
The Thread (memory Management)
The Security Kernel
Models concerned with integrity
B1 - Labeled Security

20. TCB contains The Security Kernel and all ______________.
Overt channel
Isolate processes
security protection mechanisms
The "No read Up" rule

21. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Its classification label (Top Secret - Secret or confidential)
Firmware
Invocation Property
Trusted Distribution

22. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
C2
An abstract machine
The Integrity of data within applications
Most commonly used approach

23. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Virtual storage
Orange Book - B2
All Mandatory Access Control (MAC) systems
B3

24. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Basic Security Theorem (used in computer science) definition
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Prohibits

25. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Compare the security labels
Overt channel
A1
Most commonly used approach

26. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Scalar processors
C1 - Discrection Security Protection is a type of environment
Primary storage
Prohibits

27. Contains the beginning address
Accountability - Orange Book
Examples of Layered Operating Systems
A Base Register (Memory Management)
No write down

28. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Government and military applications
Security Policy - Orange Book
C1 - Discrection Security Protection is a type of environment
Division B - Mandatory Protection Architecture

29. What access control technique is also known as multilevel security?
A single classification and a Compartment Set
The rule is talking about "Reading"
The security perimeter
Mandatory access control

30. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Access control to the objects by the subjects
B3 - Rating
The National Computer Security Center (NCSC)

31. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Files - directories and devices
Reduced Instruction Set Computers (RISC)
B3
B3 - Security Domains

32. Remaining parts of the operating system
Protection Rings Support
Relative Addresses
A Limit Register (Memory Management)
Ring 1

33. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
The Strong star property rule
Networks and Communications
Ring 3

34. Mandatory Protection
Orange Book B
Examples of Layered Operating Systems
The Security Kernel
The reference monitor

35. Succesfully Evaluated products are placed on?
Clark-Wilson Model
An abstract machine
Trusted Network Interpretation (TNI)
The Evaluated Products List (EPL) with their corresponding rating

36. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Life Cycle Assurance Requirement
Division D - Minimal Protection
The *-Property rule (Star property)
B2 - Structured Protection

37. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Files - directories and devices
Prevent secret information from being accessed
'Dominate'

38. The *-Property rule is refered to as ____________.
No read up
Dominate the object's sensitivity label
Orange Book - B1
The "No write Down" Rule

39. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
B1 - Labeled Security rating
Identification - Orange Book
Ring 3
The Rule is talking about writing

40. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
Examples of Layered Operating Systems
Polyinstantiation
Multitasking

41. Data in Cache can be accessed much more quickly than Data
Protection Rings Support
Scalar processors
Absolute addresses
Stored in Reak Memory

42. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Trusted Products Evaluation Program (TPEP)
'Dominate'
NOT Integrity
The Security Kernel

43. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Trusted Distribution
Security Policy
First evaluation class

44. The Biba Model adresses _____________________.
The reference monitor
Life-cycle assurance - O/B
The Integrity of data within applications
Invocation Property

45. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Programmable Read-Only Memory (PROM)
State machine model
Protection Rings Support
No read up

46. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
B3 - Security Domains
Higher or equal to access class
Operational assurance requirements
Division B - Mandatory Protection Architecture

47. Minimal Security
No write down
NOT Integrity
Orange Book - D
Invocation Property

48. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
Life-cycle assurance - O/B
Ring 0
B3

49. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
A lattice of Intergrity Levels
Orange Book - A1
Trusted hardware - Software and Firmware
Labels - Orange Book

50. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
C2 - Controlled Access Protection
Government and military applications
Absolute addresses

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests