SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Individual subjects must be uniquely identified.
All Mandatory Access Control (MAC) systems
Firmware
Identification - Orange Book
The security perimeter
2. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
A Limit Register (Memory Management)
Protection Rings Support
The reference monitor
Covert channels
3. The Reserved hard drive space used to to extend RAM capabilites.
Cache Memory
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Swap Space
Primary storage
4. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Virtual Memory
Pipelining
The Strong star property rule
A and B
5. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Continuous protection - O/B
Fail safe
Logical addresses
6. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
A and B
The Thread (memory Management)
Need-to-know
The Rule is talking about writing
7. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
B1 - Labeled Security
Most commonly used approach
C1 - Discretionary Security Protection
8. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The Rule is talking about writing
Pipelining
Division B - Mandatory Protection Architecture
The Strong star property rule
9. Permits a database to have two records that are identical except for Their classifications
Trusted Distribution
An abstract machine
Polyinstantiation
*-Integrity Axiom
10. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Dominate the object's sensitivity label
Secondary Storage
Models concerned with integrity
Cache Memory
11. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
B2
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Invocation Property
Accountability - Orange Book
12. The Physical memory address that the CPU uses
Absolute addresses
B3
Pagefile.sys file
B1 - Labeled Security rating
13. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Assigned labels
Secondary Storage
C2 - Controlled Access Protection
No read up
14. Which increases the performance in a computer by overlapping the steps of different instructions?
Labels - Orange Book
Pipelining
The rule is talking about "Reading"
Totality of protection mechanisms
15. When a portion of primary memory is accessed by specifying the actual address of the memory location
The Monolithic Operation system Architecture
Trusted Network Interpretation (TNI)
Direct addressing
Firmware
16. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
The "No read Up" rule
Division C - Discretionary Protection
The National Computer Security Center (NCSC)
B3 - Security Domains
17. Which in the Orange Book ratings represents the highest level of trust?
B2
TCB (Trusted Computing Base)
Models concerned with integrity
Pipelining
18. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
The Trusted Computing Base (TCB)
Protection Rings Support
Swap Space
Ring 2
19. The *-Property rule is refered to as ____________.
A Domain
Networks and Communications
B3 - Rating
The "No write Down" Rule
20. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. A domain of trust that shares a single security policy and single management
The Trusted Computing Base (TCB)
Totality of protection mechanisms
Ring 1
A security domain
22. Documentation must be provided - including test - design - and specification document - user guides and manuals
Firmware
B2
Documentation - Orange Book
Its classification label (Top Secret - Secret or confidential)
23. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. TCSEC provides a means to evaluate ______________________.
Highly secure systems (B2 - B3 and A1)
No read down
Erasable and Programmable Read-Only Memory (EPROM)
The trustworthiness of an information system
25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Orange Book ratings
The TCSEC - Aka Orange Book
Trusted hardware - Software and Firmware
26. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
A security domain
The Security Kernel
Assigned labels
Physical security
27. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Its classification label (Top Secret - Secret or confidential)
A Domain
Virtual storage
Buffer (temporary data storage area)
28. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Be protected from modification
C1 - Discretionary Security Protection
A Thread
29. Simpler instructions that require fewer clock cycles to execute.
Be protected from modification
Orange Book C
Simple Security Rule
Reduced Instruction Set Computers (RISC)
30. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Covert channels
Simple Security Rule
The Thread (memory Management)
The Biba Model
31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Clark-Wilson
Attributable - original - accurate - contemporaneous and legible
Operational assurance requirements
Basic Security Theorem (used in computer science) definition
32. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Certification
Mandatory access control
'Dominate'
Protection Rings Support
33. Remaining parts of the operating system
Orange Book - D
Orange Book - A1
Swap Space
Ring 1
34. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Assigned labels
Accreditation
Files - directories and devices
Firmware
35. In the Bell-LaPadula Model the Object's Label contains ___________________.
Bell-LaPadula Model
'Dominate'
Its classification label (Top Secret - Secret or confidential)
Programmable Read-Only Memory (PROM)
36. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
No read down
Access control to the objects by the subjects
Its Clearance Label (Top Secret - Secret - or Confidential)
The Monolithic Operation system Architecture
37. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Clark-Wilson
Multitasking
Security rating B
C1 - Discretionary Security Protection
38. The security kernel is the mechanism that _____________ of the reference monitor concept.
Ring 0
The rule is talking about "Reading"
Multiprocessing
Enforces the rules
39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
B3 - Rating
Dominate the object's sensitivity label
The *-Property rule (Star property)
The Red Book
40. What does the Clark-Wilson security model focus on
Access Matrix model
*-Integrity Axiom
Physical security
Integrity
41. Involves sharing the processor amoung all ready processes
Multitasking
*-Integrity Axiom
Its Clearance Label (Top Secret - Secret - or Confidential)
Isolate processes
42. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Mandatory Access Control (MAC)
Storage and timing
Multilevel Security Policies
Erasable and Programmable Read-Only Memory (EPROM)
43. The combination of RAM - Cache and the Processor Registers
Primary storage
Pagefile.sys file
Mandatory Access Control (MAC)
The rule is talking about "Reading"
44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
A Layered Operating System Architecure
Sensitivity labels
Thrashing
Certification
45. A type of memory used for High-speed writing and reading activities.
The Common Criteria
Cache Memory
Labels - Orange Book
A security domain
46. Audit data must be captured and protected to enforce accountability
Virtual storage
A lattice of Intergrity Levels
Its Clearance Label (Top Secret - Secret - or Confidential)
Accountability - Orange Book
47. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Division C - Discretionary Protection
Complex Instruction Set Computers (CISC)
In C2 - Controlled Access Protection environment
'Dominate'
48. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Pagefile.sys file
The Clark Wilson integrity model
C2 - Controlled Access Protection
A1
49. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Clark-Wilson Model
A Layered Operating System Architecure
Disclosure of residual data
Trusted Distribution
50. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
Simple Integrity Axiom
A security kernel
Clark-Wilson Model
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests