Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
The Biba Model
Security rating B
Clark-Wilson Model

2. Applications and user activity
Division B - Mandatory Protection
The Monolithic Operation system Architecture
Ring 3
The Evaluated Products List (EPL) with their corresponding rating

3. The Indexed memory addresses that software uses
Division D - Minimal Protection
Logical addresses
Firmware
Compare the security labels

4. What model use an access control triples and requires that the system maintain separation of duty ?
Secondary Storage
Clark-Wilson
Multilevel Security Policies
The security kernel

5. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Logical addresses
The Common Criteria
Government and military applications
B3 - Security Domains

6. The C2 evaluation class of the _________________ offers controlled access protection.
Multiprocessing
Compare the security labels
Scalar processors
Trusted Network Interpretation (TNI)

7. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
The *-Property rule (Star property)
Government and military applications
The Simple Security Property
A Thread

8. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Totality of protection mechanisms
Life-cycle assurance - O/B
Secondary Storage

9. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Orange Book - A1
Need-to-know
The security kernel
Polyinstantiation

10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Models concerned with integrity
Ring 3
Controlling unauthorized downgrading of information
Security Policy is clearly defined and documented

11. Intended for environments that require systems to handle classified data.
The Simple Security Property
Ring 3
Multilevel Security Policies
B1 - Labeled Security rating

12. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Be protected from modification
Trusted hardware - Software and Firmware
TCB (Trusted Computing Base)
Execution Domain

13. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Cache Memory
Direct Addressing
NOT Integrity

14. System Architecture that separates system functionality into Hierarchical layers
Trusted facility management
Simple Integrity Axiom
Sensitivity labels
A Layered Operating System Architecure

15. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
Access control to the objects by the subjects
Attributable - original - accurate - contemporaneous and legible
Real storage

16. When a computer uses more than one CPU in parallel to execute instructions is known as?
The Evaluated Products List (EPL) with their corresponding rating
C2 - Controlled Access Protection
Multiprocessing
Absolute addresses

17. Documentation must be provided - including test - design - and specification document - user guides and manuals
Simple Integrity Axiom
Thrashing
Documentation - Orange Book
Implement software or systems in a production environment

18. Permits a database to have two records that are identical except for Their classifications
Basic Security Theorem (used in computer science) definition
Evaluated separately
Polyinstantiation
The Monolithic Operation system Architecture

19. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
System High Security Mode
Trusted hardware - Software and Firmware
Virtual Memory
C2 - Controlled Access Protection

20. When the contents of the address defined in the program's instruction is added to that of an index register.
Programmable Read-Only Memory (PROM)
A security domain
Multiprocessing
Indexed addressing

21. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
The National Computer Security Center (NCSC)
The Integrity of data within applications
Ring 0
State machine model

22. TCB contains The Security Kernel and all ______________.
security protection mechanisms
An abstract machine
Documentation - Orange Book
Implement software or systems in a production environment

23. Succesfully Evaluated products are placed on?
The Tranqulity principle (The Bell-LaPadula Model)
The Evaluated Products List (EPL) with their corresponding rating
Primary storage
Compare the security labels

24. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Polyinstantiation
Scalar processors
A single classification and a Compartment Set

25. What does the simple integrity axiom mean in the Biba model?
attributability
No read down
The Simple Security Property
The Monolithic Operation system Architecture

26. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Virtual Memory
Examples of Layered Operating Systems
All Mandatory Access Control (MAC) systems
Firmware

27. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Basic Security Theorem (used in computer science) definition
The Thread (memory Management)
Most commonly used approach
B3 - Security Domains

28. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Identification - Orange Book
A and B
The Biba Model
System High Security Mode

29. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
The Clark Wilson integrity model
Process isolation
Orange Book B

30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Pagefile.sys file
C1 - Discretionary Security Protection
Trusted Distribution
Swap Space

31. Individual subjects must be uniquely identified.
B1
Identification - Orange Book
Orange Book C
Integrity

32. The Bell-LaPadula model Subjects and Objects are ___________.
Orange Book ratings
Disclosure of residual data
Assigned labels
Ring 3

33. The Biba Model adresses _____________________.
The reference monitor
The Integrity of data within applications
Fail safe
Physical security

34. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
The Clark Wilson integrity model
System High Security Mode
Orange Book A
International Standard 15408

35. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
C2 - Controlled Access Protection
Orange Book - B1
Security Policy

36. Which TCSEC level first addresses object reuse?
C2
Dedicated Security Mode
Enforces the rules
C2 - Controlled Access Protection

37. What are the components of an object's sensitivity label?
The National Computer Security Center (NCSC)
A single classification and a Compartment Set
Orange Book C
Multitasking

38. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Fail safe
Trusted Network Interpretation (TNI)
B3

39. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Examples of Layered Operating Systems
Dedicated Security Mode
Subject to Object Model
*-Integrity Axiom

40. Mandatory Access requires that _____________ be attached to all objects.
Controlling unauthorized downgrading of information
Sensitivity labels
Secondary Storage
Stored in Reak Memory

41. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The *-Property rule (Star property)
Prohibits
Multilevel Security Policies
The security perimeter

42. When the address location that is specified in the program instruction contains the address of the final desired location.
The Simple Security Property
Indirect addressing
Polyinstantiation
Division C - Discretionary Protection

43. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
No read up
Bell-LaPadula Model
Files - directories and devices
A security kernel

44. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
B1
Division B - Mandatory Protection Architecture
Direct Addressing
Continuous protection - O/B

45. The Reserved hard drive space used to to extend RAM capabilites.
Security rating B
Swap Space
Bell-LaPadula Model
Isolate processes

46. In the Bell-LaPadula Model the Object's Label contains ___________________.
International Standard 15408
C1 - Discrection Security Protection is a type of environment
Its classification label (Top Secret - Secret or confidential)
Accreditation

47. All users have a clearance for and a formal need to know about - all data processed with the system.
Examples of Layered Operating Systems
Orange Book C
C2 - Controlled Access Protection
Dedicated Security Mode

48. I/O drivers and utilities
Ring 2
First evaluation class
The Rule is talking about writing
C2 - Controlled Access Protection

49. Which increases the performance in a computer by overlapping the steps of different instructions?
A1
Its Clearance Label (Top Secret - Secret - or Confidential)
Pipelining
All Mandatory Access Control (MAC) systems

50. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Controls the checks
Indirect addressing
An abstract machine
Security Policy - Orange Book

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests