SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
First evaluation class
A Domain
security protection mechanisms
B2 rating
2. Access control labels must be associated properly with objects.
attributability
Absolute addresses
Trusted Distribution
Labels - Orange Book
3. Happen because input data is not checked for appropriate length at time of input
Orange Book ratings
Life Cycle Assurance Requirement
Buffer overflows
The Tranqulity principle (The Bell-LaPadula Model)
4. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book - D
C2 - Controlled Access Protection
A Limit Register (Memory Management)
Orange Book ratings
5. What model use an access control triples and requires that the system maintain separation of duty ?
Identification - Orange Book
The Biba Model
Clark-Wilson
Subject to Object Model
6. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Higher or equal to access class
Controls the checks
Division D - Minimal Protection
7. Users need to be Identified individually to provide more precise acces control and auditing functionality.
B2
C2 - Controlled Access Protection
Covert channels
Virtual storage
8. What does the simple integrity axiom mean in the Biba model?
Labels - Orange Book
No read down
System High Security Mode
Certification
9. Involves sharing the processor amoung all ready processes
Process isolation
Multitasking
Labels - Orange Book
Security mechanisms and evalautes their effectivenes
10. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Simple Integrity Axiom
Accountability - Orange Book
The Security Kernel
Discretionary Security Property (ds-property)
11. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Subject to Object Model
B3
The Clark Wilson integrity model
C2 - Controlled Access Protection
12. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Operational assurance requirements
Orange Book A
Trusted hardware - Software and Firmware
Swap Space
13. Which can be used as a covert channel?
Dedicated Security Mode
Thrashing
Storage and timing
TCB (Trusted Computing Base)
14. Should always trace to individuals responsible for observing and recording the data
Division B - Mandatory Protection Architecture
Scalar processors
Attributable data
attributability
15. The Simple Security rule is refered to as______________.
Thrashing
Life-cycle assurance - O/B
The "No read Up" rule
C2 - Controlled Access Protection
16. I/O drivers and utilities
Virtual Memory
Ring 2
No read down
The Simple Security Property
17. The Bell-LaPadula model Subjects and Objects are ___________.
C1 - Discrection Security Protection is a type of environment
A Layered Operating System Architecure
Integrity
Assigned labels
18. The total combination of protection mechanisms within a computer system
Trusted facility management
Thrashing
TCB (Trusted Computing Base)
Compare the security labels
19. The Orange book does NOT Cover ________________ - And Database management systems
The Monolithic Operation system Architecture
Mandatory access control
Networks and Communications
Government and military applications
20. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Absolute addresses
Primary storage
Orange Book - D
21. Each data object must contain a classification label and each subject must have a clearance label.
Disclosure of residual data
Identification - Orange Book
B1 - Labeled Security
Orange Book B
22. Which in the Orange Book ratings represents the highest level of trust?
A1 - Rating
The Clark Wilson integrity model
B2
Division D - Minimal Protection
23. What prevents a process from accessing another process' data?
Process isolation
Compare the security labels
The Clark Wilson integrity model
Real storage
24. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Clark-Wilson
Ring 0
Bell-LaPadula Model
Enforces the rules
25. In the Bell-LaPadula Model the Object's Label contains ___________________.
Indirect addressing
Highly secure systems (B2 - B3 and A1)
Direct addressing
Its classification label (Top Secret - Secret or confidential)
26. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Division C - Discretionary Protection
The Monolithic Operation system Architecture
Orange Book B
Multilevel Security Policies
27. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Orange Book - D
Complex Instruction Set Computers (CISC)
Files - directories and devices
28. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
A Limit Register (Memory Management)
Buffer overflows
Execution Domain
29. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
A and B
Orange Book - B1
Direct addressing
30. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
31. The Reserved hard drive space used to to extend RAM capabilites.
A Thread
Orange Book - B3
Swap Space
Storage and timing
32. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Pagefile.sys file
Its classification label (Top Secret - Secret or confidential)
C2 - Controlled Access Protection
33. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
The rule is talking about "Reading"
Orange Book - B1
Security Policy - Orange Book
34. The Orange book requires protection against two_____________ - which are these Timing and Storage
D
Simple Security Rule
Types of covert channels
Security rating B
35. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Stored in Reak Memory
Orange Book - B1
Orange Book interpretations
Absolute addresses
36. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Firmware
TCB (Trusted Computing Base)
Certification
37. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Higher or equal to access class
Simple Security Rule
Security mechanisms and evalautes their effectivenes
Reduced Instruction Set Computers (RISC)
38. Contains the beginning address
Orange Book B
A1
A Base Register (Memory Management)
Prevent secret information from being accessed
39. Mandatory Access requires that _____________ be attached to all objects.
Physical security
Direct Addressing
Dedicated Security Mode
Sensitivity labels
40. The subject must have Need to Know for ONLY the information they are trying to access.
An abstract machine
Documentation - Orange Book
Mandatory access control
System High Security Mode
41. Permits a database to have two records that are identical except for Their classifications
Orange Book B
Reduced Instruction Set Computers (RISC)
Polyinstantiation
Trusted Network Interpretation (TNI)
42. As per FDA data should be ______________________________.
B3 - Security Domains
Attributable - original - accurate - contemporaneous and legible
Assigned labels
Secondary Storage
43. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
TCB (Trusted Computing Base)
Security Policy is clearly defined and documented
Prevent secret information from being accessed
Trusted facility management
44. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Identification - Orange Book
Direct addressing
The Evaluated Products List (EPL) with their corresponding rating
45. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
The Thread (memory Management)
Its classification label (Top Secret - Secret or confidential)
C2 - Controlled Access Protection
46. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Pagefile.sys file
All Mandatory Access Control (MAC) systems
Swap Space
Operational assurance requirements
47. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Be protected from modification
Attributable - original - accurate - contemporaneous and legible
State machine model
48. Contains an Address of where the instruction and dara reside that need to be processed.
Integrity
The Thread (memory Management)
Subject to Object Model
Higher or equal to access class
49. A domain of trust that shares a single security policy and single management
The security perimeter
Orange Book ratings
Subject to Object Model
A security domain
50. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Certification
Protection Rings Support
Government and military applications