SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Certification
Controlling unauthorized downgrading of information
TCB (Trusted Computing Base)
Discretionary Security Property (ds-property)
2. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Be protected from modification
Dedicated Security Mode
Continuous protection - O/B
C1 - Discretionary Security Protection
3. What access control technique is also known as multilevel security?
Mandatory access control
Direct Addressing
Security rating B
The "No write Down" Rule
4. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Networks and Communications
Swap Space
Trusted Distribution
Trusted Products Evaluation Program (TPEP)
5. What does the * (star) property mean in the Bell-LaPadula model?
Storage and timing
No write down
Buffer overflows
Thrashing
6. The C2 evaluation class of the _________________ offers controlled access protection.
B2 - Structured Protection
Trusted Network Interpretation (TNI)
Files - directories and devices
Government and military applications
7. Mediates all access and Functions between subjects and objects.
The Simple Security Property
The Security Kernel
Documentation - Orange Book
Security Policy
8. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
The Tranqulity principle (The Bell-LaPadula Model)
Life Cycle Assurance Requirement
The Biba Model
The trustworthiness of an information system
9. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
C2 - Controlled Access Protection
Disclosure of residual data
Higher or equal to access class
The reference monitor
10. What does the simple integrity axiom mean in the Biba model?
Clark-Wilson Model
Orange Book - B2
Primary storage
No read down
11. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Absolute addresses
Constrained
Primary storage
Its classification label (Top Secret - Secret or confidential)
12. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Mandatory Access Control (MAC)
Division B - Mandatory Protection
The *-Property rule (Star property)
C1 - Discrection Security Protection is a type of environment
13. In access control terms - the word "dominate" refers to ___________.
In C2 - Controlled Access Protection environment
The Trusted Computing Base (TCB)
Higher or equal to access class
An abstract machine
14. When the RAM and secondary storage are combined the result is __________.
A and B
Virtual Memory
A Layered Operating System Architecure
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
15. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Tranqulity principle (The Bell-LaPadula Model)
B1 - Labeled Security
Security Policy - Orange Book
Government and military applications
16. What does the simple security (ss) property mean in the Bell-LaPadula model?
Access Matrix model
Attributable - original - accurate - contemporaneous and legible
No read up
C2
17. Verification Protection
Buffer (temporary data storage area)
Orange Book - B3
Orange Book A
Security Policy
18. Which TCSEC level first addresses object reuse?
Orange Book - B1
C2
Swap Space
Stored in Reak Memory
19. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Polyinstantiation
Division D - Minimal Protection
Implement software or systems in a production environment
Thrashing
20. Can be erased - modified and upgraded.
Swap Space
Types of covert channels
Mandatory access control
Erasable and Programmable Read-Only Memory (EPROM)
21. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
International Standard 15408
A Layered Operating System Architecure
Life-cycle assurance - O/B
22. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
A Thread
Security Policy is clearly defined and documented
The Evaluated Products List (EPL) with their corresponding rating
Access control to the objects by the subjects
23. Trusted facility management is an assurance requirement only for ________________.
The Simple Security Property
Highly secure systems (B2 - B3 and A1)
The security perimeter
NOT Integrity
24. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
The Evaluated Products List (EPL) with their corresponding rating
Orange Book B
Orange Book - B2
The Red Book
25. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Implement software or systems in a production environment
Orange Book - B2
Cache Memory
C1 - Discretionary Security Protection
26. The Bell-LaPadula Model is a _______________.
Accountability - Orange Book
System High Security Mode
Subject to Object Model
Trusted Products Evaluation Program (TPEP)
27. Which Orange Book evaluation level is described as "Verified Design"?
Pipelining
Logical addresses
A1
Integrity
28. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Orange Book - B2
No write down
C2 - Controlled Access Protection
Reduced Instruction Set Computers (RISC)
29. What does the Clark-Wilson security model focus on
Life Cycle Assurance Requirement
Integrity
The "No write Down" Rule
Mandatory access control
30. Remaining parts of the operating system
Relative Addresses
Multilevel Security Policies
Ring 1
NOT Integrity
31. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Assigned labels
Access control to the objects by the subjects
Complex Instruction Set Computers (CISC)
B1
32. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Attributable - original - accurate - contemporaneous and legible
Orange Book - B2
Reduced Instruction Set Computers (RISC)
33. The group that oversees the processes of evaluation within TCSEC is?
Orange Book - A1
A security domain
Pagefile.sys file
Trusted Products Evaluation Program (TPEP)
34. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Trusted facility management
A1 - Rating
Covert channels
Prevent secret information from being accessed
35. A subject at a given clearance may not read an object at a higher classification
Dominate the object's sensitivity label
A security kernel
Trusted Products Evaluation Program (TPEP)
The Simple Security Property
36. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
attributability
The Common Criteria
Virtual Memory
Basic Security Theorem (used in computer science) definition
37. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Invocation Property
Examples of Layered Operating Systems
Storage and timing
38. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Buffer (temporary data storage area)
Controlling unauthorized downgrading of information
Its Clearance Label (Top Secret - Secret - or Confidential)
Isolate processes
39. Discretionary protection
Discretionary Security Property (ds-property)
Real storage
Orange Book C
Reduced Instruction Set Computers (RISC)
40. When the contents of the address defined in the program's instruction is added to that of an index register.
B2 rating
Scalar processors
A lattice of Intergrity Levels
Indexed addressing
41. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
Subject to Object Model
The Strong star property rule
The Trusted Computing Base (TCB)
42. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Fail safe
The Simple Security Property
Process isolation
Discretionary Security Property (ds-property)
43. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Primary storage
Invocation Property
D
A Base Register (Memory Management)
44. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Multilevel Security Policies
The security perimeter
Pipelining
Mandatory access control
45. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Simple Integrity Axiom
The rule is talking about "Reading"
Trusted hardware - Software and Firmware
B3 - Security Domains
46. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Identification - Orange Book
The Biba Model
Protection Rings Support
Its Clearance Label (Top Secret - Secret - or Confidential)
47. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
A Base Register (Memory Management)
The "No write Down" Rule
Ring 1
48. Contains the beginning address
Security Policy
Bell-LaPadula Model
Division C - Discretionary Protection
A Base Register (Memory Management)
49. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
A Base Register (Memory Management)
Security mechanisms and evalautes their effectivenes
C1 - Discrection Security Protection is a type of environment
50. Happen because input data is not checked for appropriate length at time of input
B1 - Labeled Security
Buffer overflows
Trusted Network Interpretation (TNI)
A Thread
