Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

2. Contains the beginning address
A Base Register (Memory Management)
Programmable Read-Only Memory (PROM)
C1
Access Matrix model

3. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
The Red Book
Its Clearance Label (Top Secret - Secret - or Confidential)
Accreditation

4. Minimal Security
A Limit Register (Memory Management)
C2 - Controlled Access Protection
Orange Book - D
C1 - Discretionary Security Protection

5. Which is an ISO standard product evaluation criteria that supersedes several different criteria
System High Security Mode
Thrashing
Compare the security labels
The Common Criteria

6. Verification Protection
Examples of Layered Operating Systems
A security domain
The security kernel
Orange Book A

7. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
B3 - Security Domains
C1 - Discretionary Security Protection
Scalar processors
Complex Instruction Set Computers (CISC)

8. Operating System Kernel
B3 - Rating
Ring 0
A1 - Rating
Division C - Discretionary Protection

9. A type of memory used for High-speed writing and reading activities.
Cache Memory
The Integrity of data within applications
The TCSEC - Aka Orange Book
C2

10. Audit data must be captured and protected to enforce accountability
A security domain
Accountability - Orange Book
Clark-Wilson Model
Ring 0

11. Which would be designated as objects on a MAC system?
Models concerned with integrity
Files - directories and devices
Controls the checks
B1 - Labeled Security

12. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
A Layered Operating System Architecure
Continuous protection - O/B
Need-to-know

13. When the contents of the address defined in the program's instruction is added to that of an index register.
Dedicated Security Mode
A single classification and a Compartment Set
Virtual storage
Indexed addressing

14. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Certification
Life Cycle Assurance Requirement
The Thread (memory Management)

15. Which in the Orange Book ratings represents the highest level of trust?
C2
Relative Addresses
B2
Indexed addressing

16. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Division B - Mandatory Protection
A Base Register (Memory Management)
C2 - Controlled Access Protection
Stored in Reak Memory

17. What is called the formal acceptance of the adequacy of a system's overall security by management?
Logical addresses
Accreditation
The Strong star property rule
State machine model

18. Involves sharing the processor amoung all ready processes
The Rule is talking about writing
Files - directories and devices
Orange Book A
Multitasking

19. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Be protected from modification
Thrashing
Totality of protection mechanisms

20. What does the * (star) property mean in the Bell-LaPadula model?
C2
Access control to the objects by the subjects
No write down
A Domain

21. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
System High Security Mode
Accreditation
Implement software or systems in a production environment
Orange Book - B1

22. Remaining parts of the operating system
Ring 1
Pipelining
Trusted Distribution
Orange Book - A1

23. What access control technique is also known as multilevel security?
Direct addressing
Clark-Wilson
Administrative declaration
Mandatory access control

24. The total combination of protection mechanisms within a computer system
Integrity
The Rule is talking about writing
TCB (Trusted Computing Base)
Prohibits

25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Swap Space
Higher or equal to access class
Controlling unauthorized downgrading of information
Attributable data

26. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Physical security
NOT Integrity
No write down
Security Policy

27. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Enforces the rules
First evaluation class
The reference monitor
Prevent secret information from being accessed

28. TCSEC provides a means to evaluate ______________________.
Multilevel Security Policies
The trustworthiness of an information system
Orange Book - B3
Division D - Minimal Protection

29. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
A Thread
A security domain
Security Policy - Orange Book
D

30. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Multilevel Security Policies
Prevent secret information from being accessed
Access Matrix model

31. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Physical security
Polyinstantiation
Multiprocessing

32. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
All Mandatory Access Control (MAC) systems
Need-to-know
A single classification and a Compartment Set
The *-Property rule (Star property)

33. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
A security kernel
Life Cycle Assurance Requirement
Orange Book - A1
B2 rating

34. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Division B - Mandatory Protection
First evaluation class
Security mechanisms and evalautes their effectivenes

35. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Examples of Layered Operating Systems
Storage and timing
Complex Instruction Set Computers (CISC)
Mandatory access control

36. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Access Matrix model
Bell-LaPadula Model
A and B
The security kernel

37. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
B1
D
Security Policy

38. Bell-LaPadula model was proposed for enforcing access control in _____________________.
B2 rating
Pipelining
Controlling unauthorized downgrading of information
Government and military applications

39. Should always trace to individuals responsible for observing and recording the data
Programmable Read-Only Memory (PROM)
C1 - Discretionary Security Protection
The Security Kernel
Attributable data

40. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
C2
Simple Integrity Axiom
Invocation Property
Be protected from modification

41. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
A lattice of Intergrity Levels
Orange Book interpretations
Life Cycle Assurance Requirement
Security rating B

42. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Division B - Mandatory Protection Architecture
Fail safe
Buffer (temporary data storage area)
C2

43. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
A lattice of Intergrity Levels
A security kernel
Government and military applications
Certification

44. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
Physical security
Life-cycle assurance - O/B
Mandatory Access Control (MAC)

45. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Scalar processors
Orange Book B
Bell-LaPadula Model
Orange Book interpretations

46. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Indirect addressing
The security perimeter
The National Computer Security Center (NCSC)
Physical security

47. The Bell-LaPadula Model is a _______________.
Subject to Object Model
Reduced Instruction Set Computers (RISC)
Pipelining
Buffer overflows

48. A system uses the Reference Monitor to ___________________ of a subject and an object?
Mandatory Access Control (MAC)
Multitasking
Compare the security labels
State machine model

49. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
System High Security Mode
Bell-LaPadula Model
Prohibits

50. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Prohibits
The rule is talking about "Reading"
Dominate the object's sensitivity label

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests