SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
C2 - Controlled Access Protection
Files - directories and devices
A single classification and a Compartment Set
2. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
First evaluation class
Sensitivity labels
Pagefile.sys file
3. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Primary storage
Ring 1
C1 - Discretionary Security Protection
Mandatory access control
4. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
A lattice of Intergrity Levels
Life-cycle assurance - O/B
B2 rating
The rule is talking about "Reading"
5. Which increases the performance in a computer by overlapping the steps of different instructions?
C2 - Controlled Access Protection
B2
B2 - Structured Protection
Pipelining
6. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Security Policy is clearly defined and documented
B2 - Structured Protection
Life-cycle assurance - O/B
Multitasking
7. When a portion of primary memory is accessed by specifying the actual address of the memory location
The *-Property rule (Star property)
Real storage
Direct addressing
The Common Criteria
8. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Discretionary Security Property (ds-property)
B2 rating
A Domain
Polyinstantiation
9. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The Strong star property rule
Examples of Layered Operating Systems
Controlling unauthorized downgrading of information
Prevent secret information from being accessed
10. Individual subjects must be uniquely identified.
A Thread
Examples of Layered Operating Systems
Identification - Orange Book
Fail safe
11. In access control terms - the word "dominate" refers to ___________.
D
Higher or equal to access class
Clark-Wilson Model
A security domain
12. What are the components of an object's sensitivity label?
Buffer overflows
A Thread
Physical security
A single classification and a Compartment Set
13. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Logical addresses
Division D - Minimal Protection
C2
14. Happen because input data is not checked for appropriate length at time of input
Programmable Read-Only Memory (PROM)
Protection Rings Support
Buffer overflows
Evaluated separately
15. When a computer uses more than one CPU in parallel to execute instructions is known as?
Firmware
B2
Virtual storage
Multiprocessing
16. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
Polyinstantiation
Access control to the objects by the subjects
Accreditation
17. According to the Orange Book - trusted facility management is not required for which security levels?
The trustworthiness of an information system
The security kernel
Networks and Communications
B1
18. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Dedicated Security Mode
Types of covert channels
Absolute addresses
19. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
The Strong star property rule
The trustworthiness of an information system
B2 - Structured Protection
20. Contains an Address of where the instruction and dara reside that need to be processed.
Trusted hardware - Software and Firmware
The Trusted Computing Base (TCB)
The Thread (memory Management)
Evaluated separately
21. The group that oversees the processes of evaluation within TCSEC is?
'Dominate'
Types of covert channels
Trusted Products Evaluation Program (TPEP)
Erasable and Programmable Read-Only Memory (EPROM)
22. What does the Clark-Wilson security model focus on
Mandatory access control
Integrity
Orange Book B
Higher or equal to access class
23. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Assigned labels
The "No write Down" Rule
Division B - Mandatory Protection
24. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
A Thread
C2 - Controlled Access Protection
Physical security
B3
25. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Compare the security labels
A Thread
The security perimeter
26. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Evaluated separately
The Biba Model
A Domain
Virtual storage
27. What does the simple security (ss) property mean in the Bell-LaPadula model?
Thrashing
No read up
Administrative declaration
The National Computer Security Center (NCSC)
28. Involves sharing the processor amoung all ready processes
Orange Book - B3
Multitasking
Operational assurance requirements
The Trusted Computing Base (TCB)
29. Should always trace to individuals responsible for observing and recording the data
Orange Book C
Attributable data
Division B - Mandatory Protection
Orange Book ratings
30. Verification Protection
Trusted Network Interpretation (TNI)
Orange Book A
B2 - Structured Protection
Sensitivity labels
31. The subject must have Need to Know for ONLY the information they are trying to access.
C2
System High Security Mode
Controls the checks
A Limit Register (Memory Management)
32. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
The Clark Wilson integrity model
First evaluation class
C1
Trusted Distribution
33. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Basic Security Theorem (used in computer science) definition
Stored in Reak Memory
Sensitivity labels
Security Policy - Orange Book
34. The Physical memory address that the CPU uses
The Security Kernel
Highly secure systems (B2 - B3 and A1)
Absolute addresses
B3
35. Which would be designated as objects on a MAC system?
Trusted hardware - Software and Firmware
B2 rating
Files - directories and devices
Division B - Mandatory Protection Architecture
36. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
The "No read Up" rule
TCB (Trusted Computing Base)
A security domain
37. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Simple Security Rule
An abstract machine
Orange Book interpretations
Constrained
38. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Controls the checks
Swap Space
Higher or equal to access class
The security kernel
39. The combination of RAM - Cache and the Processor Registers
Ring 1
attributability
C2
Primary storage
40. The Biba Model adresses _____________________.
The Integrity of data within applications
Complex Instruction Set Computers (CISC)
'Dominate'
B1 - Labeled Security rating
41. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Multilevel Security Policies
Basic Security Theorem (used in computer science) definition
Accountability - Orange Book
42. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Primary storage
B3 - Security Domains
Isolate processes
Security Policy is clearly defined and documented
43. What access control technique is also known as multilevel security?
Ring 1
Operational assurance requirements
Mandatory access control
Discretionary Security Property (ds-property)
44. In the Bell-LaPadula Model the Subject's Label contains ___________________.
A Domain
Its Clearance Label (Top Secret - Secret - or Confidential)
TCB (Trusted Computing Base)
Buffer (temporary data storage area)
45. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Identification - Orange Book
Virtual storage
B3
46. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
B2
Clark-Wilson Model
Programmable Read-Only Memory (PROM)
47. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Life Cycle Assurance Requirement
Accountability - Orange Book
Totality of protection mechanisms
48. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Integrity
The Thread (memory Management)
Fail safe
Ring 1
49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Orange Book interpretations
Multilevel Security Policies
The Simple Security Property
The Red Book
50. Documentation must be provided - including test - design - and specification document - user guides and manuals
Administrative declaration
An abstract machine
The National Computer Security Center (NCSC)
Documentation - Orange Book
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests