SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When the address location that is specified in the program instruction contains the address of the final desired location.
No write down
Process isolation
Indirect addressing
Most commonly used approach
2. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Indexed addressing
Firmware
The Biba Model
3. The C2 evaluation class of the _________________ offers controlled access protection.
Accreditation
Trusted Network Interpretation (TNI)
Mandatory Access Control (MAC)
A1 - Rating
4. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B3
Invocation Property
Mandatory access control
Firmware
5. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Controlling unauthorized downgrading of information
B1
Division D - Minimal Protection
Primary storage
6. Audit data must be captured and protected to enforce accountability
Relative Addresses
Accountability - Orange Book
Be protected from modification
C1 - Discrection Security Protection is a type of environment
7. What prevents a process from accessing another process' data?
Highly secure systems (B2 - B3 and A1)
Networks and Communications
Sensitivity labels
Process isolation
8. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
A single classification and a Compartment Set
Documentation - Orange Book
NOT Integrity
A Base Register (Memory Management)
9. Can be erased - modified and upgraded.
Division B - Mandatory Protection Architecture
Need-to-know
Ring 3
Erasable and Programmable Read-Only Memory (EPROM)
10. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Clark-Wilson
The Tranqulity principle (The Bell-LaPadula Model)
C2 - Controlled Access Protection
Relative Addresses
11. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Direct Addressing
Implement software or systems in a production environment
The "No write Down" Rule
12. When a vendor submits a product for evaluation - it submits it to the ____________.
Secondary Storage
The National Computer Security Center (NCSC)
Pagefile.sys file
Life-cycle assurance - O/B
13. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
14. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Networks and Communications
B3 - Rating
Protection Rings Support
A Base Register (Memory Management)
15. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Orange Book - B1
C1
*-Integrity Axiom
B1
16. The Bell-LaPadula model Subjects and Objects are ___________.
Types of covert channels
Orange Book - B1
The National Computer Security Center (NCSC)
Assigned labels
17. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
The Monolithic Operation system Architecture
The Rule is talking about writing
Prohibits
Clark-Wilson Model
18. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
A and B
Relative Addresses
Overt channel
Fail safe
19. The Reserved hard drive space used to to extend RAM capabilites.
Types of covert channels
Swap Space
B2
A1 - Rating
20. Which can be used as a covert channel?
An abstract machine
Indirect addressing
The Trusted Computing Base (TCB)
Storage and timing
21. Which uses Protection Profiles and Security Targets?
Polyinstantiation
The security perimeter
International Standard 15408
Scalar processors
22. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Indirect addressing
B3 - Security Domains
The Trusted Computing Base (TCB)
Swap Space
23. TCB contains The Security Kernel and all ______________.
The Strong star property rule
Basic Security Theorem (used in computer science) definition
security protection mechanisms
Multiprocessing
24. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Enforces the rules
Trusted Products Evaluation Program (TPEP)
Swap Space
25. Applications and user activity
Integrity
C2 - Controlled Access Protection
Identification - Orange Book
Ring 3
26. Each data object must contain a classification label and each subject must have a clearance label.
Integrity
B1 - Labeled Security
B3 - Security Domains
A Domain
27. The Physical memory address that the CPU uses
Controlling unauthorized downgrading of information
A Thread
B1 - Labeled Security rating
Absolute addresses
28. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
Enforces the rules
Scalar processors
Prevent secret information from being accessed
29. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Types of covert channels
Most commonly used approach
Direct addressing
Division C - Discretionary Protection
30. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Constrained
C2
Be protected from modification
Its classification label (Top Secret - Secret or confidential)
31. In access control terms - the word "dominate" refers to ___________.
A Domain
Orange Book - B1
Higher or equal to access class
Buffer (temporary data storage area)
32. A domain of trust that shares a single security policy and single management
A security domain
The security perimeter
Identification - Orange Book
D
33. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
Virtual Memory
The security kernel
attributability
34. TCSEC provides a means to evaluate ______________________.
A Domain
The trustworthiness of an information system
Controls the checks
The Evaluated Products List (EPL) with their corresponding rating
35. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
A security kernel
No read down
The Rule is talking about writing
Implement software or systems in a production environment
36. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
A Domain
Security mechanisms and evalautes their effectivenes
B2 rating
Identification - Orange Book
37. Which TCSEC level first addresses object reuse?
C2
Prohibits
Enforces the rules
Multitasking
38. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Evaluated separately
The Evaluated Products List (EPL) with their corresponding rating
Higher or equal to access class
39. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Trusted hardware - Software and Firmware
The TCSEC - Aka Orange Book
Security Policy - Orange Book
The Strong star property rule
40. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Orange Book A
Trusted Products Evaluation Program (TPEP)
Basic Security Theorem (used in computer science) definition
41. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The Monolithic Operation system Architecture
The reference monitor
Thrashing
Networks and Communications
42. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
The Biba Model
Certification
Absolute addresses
The Trusted Computing Base (TCB)
43. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
*-Integrity Axiom
An abstract machine
A Domain
The Clark Wilson integrity model
44. A subject at a given clearance may not read an object at a higher classification
A security kernel
The Simple Security Property
Dedicated Security Mode
Isolate processes
45. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
Be protected from modification
Files - directories and devices
Virtual Memory
46. Mandatory access control is enfored by the use of security labels.
All Mandatory Access Control (MAC) systems
Division C - Discretionary Protection
Totality of protection mechanisms
Division B - Mandatory Protection
47. What are the components of an object's sensitivity label?
Indexed addressing
Types of covert channels
A single classification and a Compartment Set
Security mechanisms and evalautes their effectivenes
48. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Erasable and Programmable Read-Only Memory (EPROM)
State machine model
The Rule is talking about writing
Controls the checks
49. Data in Cache can be accessed much more quickly than Data
Sensitivity labels
The Red Book
Stored in Reak Memory
Types of covert channels
50. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Government and military applications
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C2 - Controlled Access Protection
Absolute addresses