SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
B2 rating
The reference monitor
NOT Integrity
C2
2. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Access Matrix model
The Strong star property rule
International Standard 15408
Assigned labels
3. Access control labels must be associated properly with objects.
Labels - Orange Book
Constrained
Direct addressing
Erasable and Programmable Read-Only Memory (EPROM)
4. When the contents of the address defined in the program's instruction is added to that of an index register.
Higher or equal to access class
Constrained
The rule is talking about "Reading"
Indexed addressing
5. TCB contains The Security Kernel and all ______________.
A security domain
C2
B3
security protection mechanisms
6. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The security perimeter
Multitasking
The rule is talking about "Reading"
Division B - Mandatory Protection Architecture
7. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B1 - Labeled Security
Continuous protection - O/B
The Trusted Computing Base (TCB)
B3 - Security Domains
8. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
A Layered Operating System Architecure
Trusted Products Evaluation Program (TPEP)
The TCSEC - Aka Orange Book
Ring 0
9. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Examples of Layered Operating Systems
A Layered Operating System Architecure
A1 - Rating
10. Individual subjects must be uniquely identified.
The security kernel
Indirect addressing
Security mechanisms and evalautes their effectivenes
Identification - Orange Book
11. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
C2
Ring 0
Totality of protection mechanisms
12. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Models concerned with integrity
Orange Book - A1
A1
Integrity
13. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Cache Memory
Ring 3
The security kernel
Simple Security Rule
14. Which would be designated as objects on a MAC system?
A lattice of Intergrity Levels
Attributable - original - accurate - contemporaneous and legible
Disclosure of residual data
Files - directories and devices
15. When a vendor submits a product for evaluation - it submits it to the ____________.
The Simple Security Property
Ring 2
Process isolation
The National Computer Security Center (NCSC)
16. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The TCSEC - Aka Orange Book
Invocation Property
security protection mechanisms
Overt channel
17. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Buffer overflows
The Strong star property rule
Absolute addresses
18. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Trusted Distribution
The "No read Up" rule
Fail safe
19. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Administrative declaration
No write down
Networks and Communications
20. What is called the formal acceptance of the adequacy of a system's overall security by management?
Mandatory Access Control (MAC)
Integrity
Accreditation
Direct Addressing
21. What prevents a process from accessing another process' data?
A Limit Register (Memory Management)
C2 - Controlled Access Protection
Process isolation
International Standard 15408
22. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Division B - Mandatory Protection
Invocation Property
Higher or equal to access class
23. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
A Thread
Protection Rings Support
Files - directories and devices
24. Which is a straightforward approach that provides access rights to subjects for objects?
Process isolation
Access Matrix model
*-Integrity Axiom
A Domain
25. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Trusted Network Interpretation (TNI)
Orange Book - D
No read down
Simple Integrity Axiom
26. Should always trace to individuals responsible for observing and recording the data
B2 - Structured Protection
Life-cycle assurance - O/B
Attributable data
Virtual Memory
27. Happen because input data is not checked for appropriate length at time of input
Access control to the objects by the subjects
Fail safe
Buffer overflows
C2
28. Simpler instructions that require fewer clock cycles to execute.
Higher or equal to access class
The "No read Up" rule
Reduced Instruction Set Computers (RISC)
Assigned labels
29. Mandatory access control is enfored by the use of security labels.
Prohibits
Dominate the object's sensitivity label
Division B - Mandatory Protection
Programmable Read-Only Memory (PROM)
30. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Clark-Wilson
C2 - Controlled Access Protection
The security perimeter
Logical addresses
31. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
Controls the checks
C2 - Controlled Access Protection
Ring 1
32. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
International Standard 15408
The security kernel
Logical addresses
Covert channels
33. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Life Cycle Assurance Requirement
Multiprocessing
Thrashing
Continuous protection - O/B
34. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Prevent secret information from being accessed
Its Clearance Label (Top Secret - Secret - or Confidential)
Multitasking
Access control to the objects by the subjects
35. The security kernel is the mechanism that _____________ of the reference monitor concept.
A and B
Enforces the rules
Attributable - original - accurate - contemporaneous and legible
Its Clearance Label (Top Secret - Secret - or Confidential)
36. A type of memory used for High-speed writing and reading activities.
Cache Memory
Dedicated Security Mode
Administrative declaration
Relative Addresses
37. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Execution Domain
Subject to Object Model
B1 - Labeled Security rating
38. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The Red Book
Trusted hardware - Software and Firmware
Totality of protection mechanisms
Orange Book ratings
39. Which TCSEC level first addresses object reuse?
Basic Security Theorem (used in computer science) definition
The Trusted Computing Base (TCB)
Bell-LaPadula Model
C2
40. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
The "No read Up" rule
A Layered Operating System Architecure
Erasable and Programmable Read-Only Memory (EPROM)
Trusted Distribution
41. Operating System Kernel
Ring 0
Division D - Minimal Protection
Multitasking
The "No write Down" Rule
42. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. Data in Cache can be accessed much more quickly than Data
An abstract machine
C2 - Controlled Access Protection
B3 - Rating
Stored in Reak Memory
44. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
C1 - Discrection Security Protection is a type of environment
Ring 2
Direct addressing
The *-Property rule (Star property)
45. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division B - Mandatory Protection
Division D - Minimal Protection
Mandatory Access Control (MAC)
The security perimeter
46. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Life-cycle assurance - O/B
Erasable and Programmable Read-Only Memory (EPROM)
Direct Addressing
Enforces the rules
47. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
No write down
B2 - Structured Protection
48. The C2 evaluation class of the _________________ offers controlled access protection.
Virtual Memory
Trusted Network Interpretation (TNI)
Prohibits
Direct addressing
49. Intended for environments that require systems to handle classified data.
Clark-Wilson Model
B1 - Labeled Security rating
State machine model
An abstract machine
50. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Multitasking
The Monolithic Operation system Architecture
Models concerned with integrity
Prevent secret information from being accessed
