Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






2. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






3. Which increases the performance in a computer by overlapping the steps of different instructions?






4. Permits a database to have two records that are identical except for Their classifications






5. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






6. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






7. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






8. A type of memory used for High-speed writing and reading activities.






9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






10. What is called the formal acceptance of the adequacy of a system's overall security by management?






11. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






12. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






13. The group that oversees the processes of evaluation within TCSEC is?






14. Audit data must be captured and protected to enforce accountability






15. All users have a clearance for and a formal need to know about - all data processed with the system.






16. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






17. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






18. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






19. Which is a straightforward approach that provides access rights to subjects for objects?






20. Which uses Protection Profiles and Security Targets?






21. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






22. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






23. The security kernel is the mechanism that _____________ of the reference monitor concept.






24. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






25. When a vendor submits a product for evaluation - it submits it to the ____________.






26. I/O drivers and utilities






27. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






28. Which Orange Book evaluation level is described as "Verified Design"?






29. Discretionary protection






30. When the address location that is specified in the program instruction contains the address of the final desired location.






31. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






32. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






33. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






34. Based on a known address with an offset value applied.






35. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






36. The Physical memory address that the CPU uses






37. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






38. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






39. Which can be used as a covert channel?






40. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






41. The Biba Model adresses _____________________.






42. Users need to be Identified individually to provide more precise acces control and auditing functionality.






43. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






44. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






45. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






46. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






47. Used by Windows systems to reserve the "Swap Space"






48. Which TCSEC level first addresses object reuse?






49. The Policy must be explicit and well defined and enforced by the mechanisms within the system






50. In the Bell-LaPadula Model the Subject's Label contains ___________________.