SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Real storage
Bell-LaPadula Model
Buffer overflows
2. I/O drivers and utilities
Ring 2
The Strong star property rule
Orange Book interpretations
Ring 3
3. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Relative Addresses
C1 - Discretionary Security Protection
An abstract machine
B3 - Rating
4. A Policy based control. All objects and systems have a sensitivity level assigned to them
The National Computer Security Center (NCSC)
A Domain
Division B - Mandatory Protection
Mandatory Access Control (MAC)
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
First evaluation class
Its Clearance Label (Top Secret - Secret - or Confidential)
The Biba Model
Overt channel
6. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
The Evaluated Products List (EPL) with their corresponding rating
Execution Domain
B1 - Labeled Security
7. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Access Matrix model
Dominate the object's sensitivity label
Certification
Overt channel
8. Involves sharing the processor amoung all ready processes
The Strong star property rule
Multitasking
A and B
Access Matrix model
9. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
The Common Criteria
Attributable - original - accurate - contemporaneous and legible
Direct addressing
10. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Pipelining
Ring 1
Orange Book - B2
Trusted Products Evaluation Program (TPEP)
11. Each data object must contain a classification label and each subject must have a clearance label.
C1
Cache Memory
B1 - Labeled Security
Real storage
12. A type of memory used for High-speed writing and reading activities.
The Common Criteria
Cache Memory
Types of covert channels
A security kernel
13. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
A security domain
Attributable data
No read down
The rule is talking about "Reading"
14. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
B3
Orange Book - B3
Its classification label (Top Secret - Secret or confidential)
Trusted hardware - Software and Firmware
15. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
C1 - Discrection Security Protection is a type of environment
A1
Need-to-know
16. The Indexed memory addresses that software uses
Complex Instruction Set Computers (CISC)
Orange Book B
Administrative declaration
Logical addresses
17. Which increases the performance in a computer by overlapping the steps of different instructions?
Indirect addressing
Pipelining
Real storage
Its classification label (Top Secret - Secret or confidential)
18. What is called the formal acceptance of the adequacy of a system's overall security by management?
Security Policy
The reference monitor
Accreditation
Ring 0
19. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
*-Integrity Axiom
The *-Property rule (Star property)
Division D - Minimal Protection
20. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Physical security
The Clark Wilson integrity model
The rule is talking about "Reading"
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
21. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
C2 - Controlled Access Protection
The Security Kernel
Polyinstantiation
22. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Life-cycle assurance - O/B
The Monolithic Operation system Architecture
The Rule is talking about writing
Basic Security Theorem (used in computer science) definition
23. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Security mechanisms and evalautes their effectivenes
Prohibits
Models concerned with integrity
24. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Orange Book - A1
security protection mechanisms
In C2 - Controlled Access Protection environment
The Red Book
25. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Virtual Memory
Orange Book A
Fail safe
Continuous protection - O/B
26. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
The Thread (memory Management)
Most commonly used approach
Orange Book ratings
Trusted facility management
27. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Trusted Distribution
The Clark Wilson integrity model
The Evaluated Products List (EPL) with their corresponding rating
28. When a computer uses more than one CPU in parallel to execute instructions is known as?
Virtual storage
Multiprocessing
A Layered Operating System Architecure
Firmware
29. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Relative Addresses
Physical security
Access control to the objects by the subjects
C2 - Controlled Access Protection
30. Can be erased - modified and upgraded.
Disclosure of residual data
Orange Book - B2
Assigned labels
Erasable and Programmable Read-Only Memory (EPROM)
31. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Multiprocessing
C2 - Controlled Access Protection
Isolate processes
The Clark Wilson integrity model
32. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Clark-Wilson
Division B - Mandatory Protection
B3 - Security Domains
Reduced Instruction Set Computers (RISC)
33. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
An abstract machine
Controls the checks
Constrained
34. All users have a clearance for and a formal need to know about - all data processed with the system.
*-Integrity Axiom
First evaluation class
Dedicated Security Mode
Life-cycle assurance - O/B
35. Another word for Primary storage and distinguishes physical memory from virtual memory.
Multiprocessing
Real storage
Orange Book interpretations
A security domain
36. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Orange Book A
A and B
Prevent secret information from being accessed
37. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Erasable and Programmable Read-Only Memory (EPROM)
Multiprocessing
Physical security
Mandatory Access Control (MAC)
38. When a vendor submits a product for evaluation - it submits it to the ____________.
Division B - Mandatory Protection
C1
Accreditation
The National Computer Security Center (NCSC)
39. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
Absolute addresses
40. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
The TCSEC - Aka Orange Book
Accountability - Orange Book
Indirect addressing
41. A system uses the Reference Monitor to ___________________ of a subject and an object?
Accreditation
Complex Instruction Set Computers (CISC)
Compare the security labels
C2
42. Which is a straightforward approach that provides access rights to subjects for objects?
NOT Integrity
Access Matrix model
Basic Security Theorem (used in computer science) definition
Highly secure systems (B2 - B3 and A1)
43. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A security kernel
Pagefile.sys file
Totality of protection mechanisms
44. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
The National Computer Security Center (NCSC)
Administrative declaration
A Limit Register (Memory Management)
45. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Indirect addressing
State machine model
Fail safe
Compare the security labels
46. TCSEC provides a means to evaluate ______________________.
B2 - Structured Protection
The "No read Up" rule
The security kernel
The trustworthiness of an information system
47. Mandatory Protection
No write down
Orange Book B
Erasable and Programmable Read-Only Memory (EPROM)
B2 - Structured Protection
48. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Security rating B
Secondary Storage
Orange Book - D
49. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Multilevel Security Policies
Execution Domain
Division D - Minimal Protection
The TCSEC - Aka Orange Book
50. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
A1 - Rating
A Domain
Programmable Read-Only Memory (PROM)
B3
