Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






2. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






3. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






4. When a portion of primary memory is accessed by specifying the actual address of the memory location






5. Operating System Kernel






6. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






7. Succesfully Evaluated products are placed on?






8. Applications and user activity






9. The subject must have Need to Know for ONLY the information they are trying to access.






10. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






11. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






12. What are the components of an object's sensitivity label?






13. Access control labels must be associated properly with objects.






14. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






15. According to the Orange Book - trusted facility management is not required for which security levels?






16. A domain of trust that shares a single security policy and single management






17. Which TCSEC level first addresses object reuse?






18. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






19. In the Bell-LaPadula Model the Object's Label contains ___________________.






20. A system uses the Reference Monitor to ___________________ of a subject and an object?






21. Based on a known address with an offset value applied.






22. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






23. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






24. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






25. What prevents a process from accessing another process' data?






26. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






27. Mandatory Protection






28. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






29. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






30. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






31. The assignment of a specific individual to administer the security-related functions of a system.






32. Audit data must be captured and protected to enforce accountability






33. When the RAM and secondary storage are combined the result is __________.






34. The Availability - Integrity and confidentiality requirements of multitasking operating systems






35. The group that oversees the processes of evaluation within TCSEC is?






36. Execute one instruction at a time.






37. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






38. Bell-LaPadula model was proposed for enforcing access control in _____________________.






39. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






40. What access control technique is also known as multilevel security?






41. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






42. Another word for Primary storage and distinguishes physical memory from virtual memory.






43. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






44. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






45. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






46. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






47. TCSEC provides a means to evaluate ______________________.






48. Simpler instructions that require fewer clock cycles to execute.






49. Verification Protection






50. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests