Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Individual subjects must be uniquely identified.






2. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






3. The Reserved hard drive space used to to extend RAM capabilites.






4. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






5. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






6. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






7. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






8. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






9. Permits a database to have two records that are identical except for Their classifications






10. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






11. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






12. The Physical memory address that the CPU uses






13. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






14. Which increases the performance in a computer by overlapping the steps of different instructions?






15. When a portion of primary memory is accessed by specifying the actual address of the memory location






16. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






17. Which in the Orange Book ratings represents the highest level of trust?






18. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






19. The *-Property rule is refered to as ____________.






20. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


21. A domain of trust that shares a single security policy and single management






22. Documentation must be provided - including test - design - and specification document - user guides and manuals






23. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


24. TCSEC provides a means to evaluate ______________________.






25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






26. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






27. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






28. A subject at a given clearance may not read an object at a higher classification






29. Simpler instructions that require fewer clock cycles to execute.






30. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






32. The Availability - Integrity and confidentiality requirements of multitasking operating systems






33. Remaining parts of the operating system






34. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






35. In the Bell-LaPadula Model the Object's Label contains ___________________.






36. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






37. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






38. The security kernel is the mechanism that _____________ of the reference monitor concept.






39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






40. What does the Clark-Wilson security model focus on






41. Involves sharing the processor amoung all ready processes






42. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






43. The combination of RAM - Cache and the Processor Registers






44. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






45. A type of memory used for High-speed writing and reading activities.






46. Audit data must be captured and protected to enforce accountability






47. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






48. Users need to be Identified individually to provide more precise acces control and auditing functionality.






49. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






50. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests