Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The group that oversees the processes of evaluation within TCSEC is?






2. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






3. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






4. As per FDA data should be ______________________________.






5. What model use an access control triples and requires that the system maintain separation of duty ?






6. A system uses the Reference Monitor to ___________________ of a subject and an object?






7. A subject at a given clearance may not read an object at a higher classification






8. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






9. Bell-LaPadula model was proposed for enforcing access control in _____________________.






10. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






11. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






12. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






13. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






14. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






15. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






16. The Indexed memory addresses that software uses






17. The Bell-LaPadula model Subjects and Objects are ___________.






18. Intended for environments that require systems to handle classified data.






19. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






20. I/O drivers and utilities






21. Used by Windows systems to reserve the "Swap Space"






22. Data in Cache can be accessed much more quickly than Data






23. Remaining parts of the operating system






24. Which describe a condition when RAM and Secondary storage are used together?






25. What are the components of an object's sensitivity label?






26. When a vendor submits a product for evaluation - it submits it to the ____________.






27. Which in the Orange Book ratings represents the highest level of trust?






28. The Simple Security rule is refered to as______________.






29. A Policy based control. All objects and systems have a sensitivity level assigned to them






30. The Bell-LaPadula Model is a _______________.






31. In the Bell-LaPadula Model the Subject's Label contains ___________________.






32. Contains the beginning address






33. The Availability - Integrity and confidentiality requirements of multitasking operating systems






34. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






35. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






36. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






37. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






38. The total combination of protection mechanisms within a computer system






39. Which uses Protection Profiles and Security Targets?






40. In access control terms - the word "dominate" refers to ___________.






41. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






42. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






43. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






44. Applications and user activity






45. The combination of RAM - Cache and the Processor Registers






46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






47. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






48. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






49. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






50. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.