Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Happen because input data is not checked for appropriate length at time of input






2. Simpler instructions that require fewer clock cycles to execute.






3. Which describe a condition when RAM and Secondary storage are used together?






4. The C2 evaluation class of the _________________ offers controlled access protection.






5. Bell-LaPadula model was proposed for enforcing access control in _____________________.






6. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






7. A set of objects that a subject is able to access






8. The Physical memory address that the CPU uses






9. TCSEC provides a means to evaluate ______________________.






10. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






11. The group that oversees the processes of evaluation within TCSEC is?






12. A type of memory used for High-speed writing and reading activities.






13. Should always trace to individuals responsible for observing and recording the data






14. The TCB is the ________________ within a computer system that work together to enforce a security policy.






15. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






16. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






17. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






18. Mandatory access control is enfored by the use of security labels.






19. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






20. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






21. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






22. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






23. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






24. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






25. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






26. The Bell-LaPadula Model is a _______________.






27. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






28. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






29. When a computer uses more than one CPU in parallel to execute instructions is known as?






30. System Architecture that separates system functionality into Hierarchical layers






31. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






32. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






33. Intended for environments that require systems to handle classified data.






34. Contains the ending address






35. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






36. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






37. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






38. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


39. Involves sharing the processor amoung all ready processes






40. Can be erased - modified and upgraded.






41. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






42. In the Bell-LaPadula Model the Subject's Label contains ___________________.






43. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






45. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






46. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






47. Users need to be Identified individually to provide more precise acces control and auditing functionality.






48. What access control technique is also known as multilevel security?






49. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






50. Which in the Orange Book ratings represents the highest level of trust?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests