Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCB contains The Security Kernel and all ______________.






2. Which uses Protection Profiles and Security Targets?






3. Involves sharing the processor amoung all ready processes






4. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






5. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






6. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






7. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






8. A Policy based control. All objects and systems have a sensitivity level assigned to them






9. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






10. Documentation must be provided - including test - design - and specification document - user guides and manuals






11. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






12. A system uses the Reference Monitor to ___________________ of a subject and an object?






13. When a computer uses more than one CPU in parallel to execute instructions is known as?






14. Based on a known address with an offset value applied.






15. As per FDA data should be ______________________________.






16. When the address location that is specified in the program instruction contains the address of the final desired location.






17. The Security Model Incorporates the ____________ that should be enforced in the system.






18. Which is a straightforward approach that provides access rights to subjects for objects?






19. Succesfully Evaluated products are placed on?






20. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






21. The total combination of protection mechanisms within a computer system






22. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






23. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






24. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






26. What is called the formal acceptance of the adequacy of a system's overall security by management?






27. Which would be designated as objects on a MAC system?






28. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






29. Contains an Address of where the instruction and dara reside that need to be processed.






30. The group that oversees the processes of evaluation within TCSEC is?






31. The Simple Security rule is refered to as______________.






32. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






33. According to the Orange Book - trusted facility management is not required for which security levels?






34. Remaining parts of the operating system






35. Which increases the performance in a computer by overlapping the steps of different instructions?






36. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






37. TCSEC provides a means to evaluate ______________________.






38. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






39. Each data object must contain a classification label and each subject must have a clearance label.






40. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






41. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






42. Which in the Orange Book ratings represents the highest level of trust?






43. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






44. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






45. Happen because input data is not checked for appropriate length at time of input






46. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






47. Simpler instructions that require fewer clock cycles to execute.






48. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






49. The *-Property rule is refered to as ____________.






50. Another word for Primary storage and distinguishes physical memory from virtual memory.