SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
A single classification and a Compartment Set
A security domain
Highly secure systems (B2 - B3 and A1)
2. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
B2 - Structured Protection
C2 - Controlled Access Protection
Division D - Minimal Protection
Files - directories and devices
3. Mediates all access and Functions between subjects and objects.
Division B - Mandatory Protection Architecture
The Security Kernel
Types of covert channels
The Simple Security Property
4. TCB contains The Security Kernel and all ______________.
Division B - Mandatory Protection
Highly secure systems (B2 - B3 and A1)
security protection mechanisms
The Evaluated Products List (EPL) with their corresponding rating
5. Execute one instruction at a time.
Scalar processors
A Layered Operating System Architecure
Trusted hardware - Software and Firmware
System High Security Mode
6. Remaining parts of the operating system
Orange Book - D
Thrashing
The "No write Down" Rule
Ring 1
7. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The Rule is talking about writing
The security kernel
Orange Book ratings
The National Computer Security Center (NCSC)
8. Should always trace to individuals responsible for observing and recording the data
Relative Addresses
Attributable data
The "No read Up" rule
Examples of Layered Operating Systems
9. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Ring 2
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Most commonly used approach
The National Computer Security Center (NCSC)
10. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Real storage
Access control to the objects by the subjects
Highly secure systems (B2 - B3 and A1)
Covert channels
11. A type of memory used for High-speed writing and reading activities.
Basic Security Theorem (used in computer science) definition
Division C - Discretionary Protection
Networks and Communications
Cache Memory
12. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
B3 - Security Domains
Simple Integrity Axiom
The rule is talking about "Reading"
Division D - Minimal Protection
13. A domain of trust that shares a single security policy and single management
Prohibits
Bell-LaPadula Model
A security domain
Swap Space
14. Access control labels must be associated properly with objects.
Life-cycle assurance - O/B
B1
Labels - Orange Book
Firmware
15. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Orange Book ratings
The "No write Down" Rule
Life-cycle assurance - O/B
The Integrity of data within applications
16. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
A Base Register (Memory Management)
Secondary Storage
Its Clearance Label (Top Secret - Secret - or Confidential)
Orange Book - D
17. I/O drivers and utilities
Ring 2
A Layered Operating System Architecure
Multiprocessing
Attributable data
18. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
The Simple Security Property
Constrained
Files - directories and devices
Controlling unauthorized downgrading of information
19. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Life-cycle assurance - O/B
C2 - Controlled Access Protection
attributability
C1 - Discretionary Security Protection
20. Which TCSEC level first addresses object reuse?
C2
C2 - Controlled Access Protection
Trusted Products Evaluation Program (TPEP)
Polyinstantiation
21. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Identification - Orange Book
Absolute addresses
Orange Book ratings
The National Computer Security Center (NCSC)
22. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Orange Book - B1
Polyinstantiation
Models concerned with integrity
23. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
B3 - Security Domains
International Standard 15408
Highly secure systems (B2 - B3 and A1)
24. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Enforces the rules
Be protected from modification
Security Policy is clearly defined and documented
Thrashing
25. Which would be designated as objects on a MAC system?
Files - directories and devices
Virtual Memory
The Monolithic Operation system Architecture
C2
26. The Security Model Incorporates the ____________ that should be enforced in the system.
The TCSEC - Aka Orange Book
Relative Addresses
The security perimeter
Security Policy
27. Involves sharing the processor amoung all ready processes
Erasable and Programmable Read-Only Memory (EPROM)
Certification
Polyinstantiation
Multitasking
28. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
The Trusted Computing Base (TCB)
Discretionary Security Property (ds-property)
The security perimeter
The Biba Model
29. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Types of covert channels
The Clark Wilson integrity model
C1 - Discrection Security Protection is a type of environment
All Mandatory Access Control (MAC) systems
30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Swap Space
Assigned labels
TCB (Trusted Computing Base)
31. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Life-cycle assurance - O/B
Overt channel
Government and military applications
C2 - Controlled Access Protection
32. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Totality of protection mechanisms
C1
A Thread
Trusted facility management
33. System Architecture that separates system functionality into Hierarchical layers
TCB (Trusted Computing Base)
A Layered Operating System Architecure
Orange Book C
The security perimeter
34. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Multitasking
The Clark Wilson integrity model
Fail safe
36. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Invocation Property
Operational assurance requirements
Simple Security Rule
37. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
A1
Orange Book ratings
C1 - Discrection Security Protection is a type of environment
Overt channel
38. Data in Cache can be accessed much more quickly than Data
Basic Security Theorem (used in computer science) definition
Dedicated Security Mode
The Rule is talking about writing
Stored in Reak Memory
39. Contains the ending address
Trusted Network Interpretation (TNI)
Integrity
Swap Space
A Limit Register (Memory Management)
40. Contains the beginning address
Its Clearance Label (Top Secret - Secret - or Confidential)
Direct Addressing
A Base Register (Memory Management)
C2 - Controlled Access Protection
41. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The reference monitor
The Monolithic Operation system Architecture
No write down
Operational assurance requirements
42. Mandatory Protection
Division B - Mandatory Protection Architecture
The Red Book
Primary storage
Orange Book B
43. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Firmware
Constrained
B2 rating
44. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The Tranqulity principle (The Bell-LaPadula Model)
A1
Totality of protection mechanisms
Reduced Instruction Set Computers (RISC)
46. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Identification - Orange Book
Compare the security labels
Virtual Memory
The reference monitor
47. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
NOT Integrity
Dominate the object's sensitivity label
Ring 3
48. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Swap Space
Discretionary Security Property (ds-property)
C2 - Controlled Access Protection
Models concerned with integrity
49. Another word for Primary storage and distinguishes physical memory from virtual memory.
Pagefile.sys file
*-Integrity Axiom
Real storage
Attributable data
50. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Dedicated Security Mode
Need-to-know
C1
B3
