SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
TCB (Trusted Computing Base)
Certification
Buffer overflows
The reference monitor
2. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Trusted Distribution
A lattice of Intergrity Levels
Security Policy - Orange Book
Government and military applications
3. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Logical addresses
Physical security
Security rating B
Orange Book ratings
4. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
The "No write Down" Rule
A1
Clark-Wilson
5. According to the Orange Book - trusted facility management is not required for which security levels?
The security perimeter
B1
Disclosure of residual data
A Base Register (Memory Management)
6. The Physical memory address that the CPU uses
Absolute addresses
Bell-LaPadula Model
B3 - Rating
C1 - Discrection Security Protection is a type of environment
7. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Direct addressing
The rule is talking about "Reading"
Multitasking
Pipelining
8. The Security Model Incorporates the ____________ that should be enforced in the system.
B2 rating
Enforces the rules
Assigned labels
Security Policy
9. The Reserved hard drive space used to to extend RAM capabilites.
Fail safe
B3 - Security Domains
Swap Space
Ring 2
10. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
System High Security Mode
Assigned labels
Highly secure systems (B2 - B3 and A1)
11. Remaining parts of the operating system
Ring 1
Buffer overflows
Storage and timing
Reduced Instruction Set Computers (RISC)
12. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
Dedicated Security Mode
The Rule is talking about writing
Buffer (temporary data storage area)
13. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Security mechanisms and evalautes their effectivenes
B2 rating
Multilevel Security Policies
Trusted Products Evaluation Program (TPEP)
14. Which increases the performance in a computer by overlapping the steps of different instructions?
Subject to Object Model
Virtual storage
Complex Instruction Set Computers (CISC)
Pipelining
15. Which describe a condition when RAM and Secondary storage are used together?
Attributable data
Buffer overflows
Virtual storage
Orange Book - D
16. Minimal Security
Orange Book - D
B3
Security Policy - Orange Book
Higher or equal to access class
17. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
Trusted Network Interpretation (TNI)
attributability
Orange Book A
18. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The reference monitor
B3 - Security Domains
The *-Property rule (Star property)
Security mechanisms and evalautes their effectivenes
19. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
The Trusted Computing Base (TCB)
B3
First evaluation class
20. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
A security domain
Orange Book A
Orange Book - B3
Continuous protection - O/B
21. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Labels - Orange Book
Prevent secret information from being accessed
C1
Erasable and Programmable Read-Only Memory (EPROM)
22. Can be erased - modified and upgraded.
B1
Orange Book interpretations
Erasable and Programmable Read-Only Memory (EPROM)
The National Computer Security Center (NCSC)
23. I/O drivers and utilities
The Security Kernel
Ring 2
Higher or equal to access class
Division B - Mandatory Protection Architecture
24. Based on a known address with an offset value applied.
Relative Addresses
International Standard 15408
Sensitivity labels
Storage and timing
25. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Administrative declaration
The National Computer Security Center (NCSC)
A security kernel
B3
26. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Integrity
Overt channel
Complex Instruction Set Computers (CISC)
Orange Book interpretations
27. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Division D - Minimal Protection
The rule is talking about "Reading"
A security kernel
The Evaluated Products List (EPL) with their corresponding rating
28. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Orange Book - B1
Operational assurance requirements
The Rule is talking about writing
29. What does the * (star) property mean in the Bell-LaPadula model?
Orange Book C
Examples of Layered Operating Systems
Simple Security Rule
No write down
30. TCSEC provides a means to evaluate ______________________.
Assigned labels
A Thread
Trusted hardware - Software and Firmware
The trustworthiness of an information system
31. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
The Tranqulity principle (The Bell-LaPadula Model)
Buffer (temporary data storage area)
Operational assurance requirements
Security Policy is clearly defined and documented
32. Mediates all access and Functions between subjects and objects.
The Security Kernel
Physical security
Buffer overflows
Covert channels
33. What does the Clark-Wilson security model focus on
Subject to Object Model
Integrity
Life Cycle Assurance Requirement
Certification
34. The combination of RAM - Cache and the Processor Registers
Primary storage
The Red Book
Buffer (temporary data storage area)
Subject to Object Model
35. Mandatory Access requires that _____________ be attached to all objects.
B3 - Rating
Sensitivity labels
Access control to the objects by the subjects
Clark-Wilson Model
36. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The *-Property rule (Star property)
The "No write Down" Rule
Totality of protection mechanisms
The reference monitor
38. A system uses the Reference Monitor to ___________________ of a subject and an object?
Polyinstantiation
Compare the security labels
State machine model
Stored in Reak Memory
39. A subject at a given clearance may not read an object at a higher classification
Simple Security Rule
The Rule is talking about writing
The Simple Security Property
Orange Book - B2
40. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Examples of Layered Operating Systems
Disclosure of residual data
Mandatory access control
41. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Accreditation
Attributable data
Basic Security Theorem (used in computer science) definition
Implement software or systems in a production environment
42. Which is an ISO standard product evaluation criteria that supersedes several different criteria
C1
Absolute addresses
The Common Criteria
Reduced Instruction Set Computers (RISC)
43. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Direct addressing
A Domain
B3 - Rating
The Monolithic Operation system Architecture
44. What does the simple security (ss) property mean in the Bell-LaPadula model?
The security perimeter
No read up
Dedicated Security Mode
TCB (Trusted Computing Base)
45. Which would be designated as objects on a MAC system?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Files - directories and devices
Dedicated Security Mode
Government and military applications
46. Which Orange Book evaluation level is described as "Verified Design"?
Disclosure of residual data
C2 - Controlled Access Protection
Virtual storage
A1
47. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
The National Computer Security Center (NCSC)
Simple Security Rule
The security kernel
48. Which uses Protection Profiles and Security Targets?
Models concerned with integrity
International Standard 15408
The Simple Security Property
Orange Book C
49. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Most commonly used approach
B3
Documentation - Orange Book
State machine model
50. Individual subjects must be uniquely identified.
D
The security perimeter
Identification - Orange Book
Relative Addresses
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests