Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






2. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






3. What is called the formal acceptance of the adequacy of a system's overall security by management?






4. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






5. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






6. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






7. A subject at a given clearance may not read an object at a higher classification






8. According to the Orange Book - trusted facility management is not required for which security levels?






9. Individual subjects must be uniquely identified.






10. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






11. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






12. The assignment of a specific individual to administer the security-related functions of a system.






13. Documentation must be provided - including test - design - and specification document - user guides and manuals






14. The total combination of protection mechanisms within a computer system






15. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






16. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






17. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






18. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






19. A domain of trust that shares a single security policy and single management






20. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






21. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






22. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






23. The Biba Model adresses _____________________.






24. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






25. When the contents of the address defined in the program's instruction is added to that of an index register.






26. Involves sharing the processor amoung all ready processes






27. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






28. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






29. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






30. I/O drivers and utilities






31. What prevents a process from accessing another process' data?






32. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






33. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






34. The Bell-LaPadula Model is a _______________.






35. Mandatory access control is enfored by the use of security labels.






36. A set of objects that a subject is able to access






37. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






38. Trusted facility management is an assurance requirement only for ________________.






39. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






40. A type of memory used for High-speed writing and reading activities.






41. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






42. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






43. When a computer uses more than one CPU in parallel to execute instructions is known as?






44. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






45. Operating System Kernel






46. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






47. Access control labels must be associated properly with objects.






48. A Policy based control. All objects and systems have a sensitivity level assigned to them






49. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






50. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.