SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Discretionary Security Property (ds-property)
Life-cycle assurance - O/B
Totality of protection mechanisms
C1 - Discretionary Security Protection
2. Another word for Primary storage and distinguishes physical memory from virtual memory.
Trusted hardware - Software and Firmware
Firmware
Real storage
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
3. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Dominate the object's sensitivity label
Multiprocessing
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Government and military applications
4. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Isolate processes
Assigned labels
Accountability - Orange Book
B2 - Structured Protection
5. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Multiprocessing
A and B
Execution Domain
The Red Book
6. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
A Domain
Security rating B
Models concerned with integrity
7. When the RAM and secondary storage are combined the result is __________.
Trusted facility management
Virtual Memory
Controlling unauthorized downgrading of information
Its classification label (Top Secret - Secret or confidential)
8. What is called the formal acceptance of the adequacy of a system's overall security by management?
Orange Book A
Basic Security Theorem (used in computer science) definition
Accreditation
The Trusted Computing Base (TCB)
9. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Erasable and Programmable Read-Only Memory (EPROM)
Security Policy is clearly defined and documented
The "No write Down" Rule
The Integrity of data within applications
10. Access control labels must be associated properly with objects.
Labels - Orange Book
Orange Book - B3
security protection mechanisms
Mandatory Access Control (MAC)
11. Subjects and Objects cannot change their security levels once they have been instantiated (created)
A Layered Operating System Architecure
The Common Criteria
The Tranqulity principle (The Bell-LaPadula Model)
The Monolithic Operation system Architecture
12. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Attributable - original - accurate - contemporaneous and legible
Need-to-know
13. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Buffer overflows
The Clark Wilson integrity model
Security rating B
Types of covert channels
14. When the address location that is specified in the program instruction contains the address of the final desired location.
The reference monitor
Life Cycle Assurance Requirement
Indirect addressing
Real storage
15. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Storage and timing
Identification - Orange Book
attributability
16. The Reserved hard drive space used to to extend RAM capabilites.
C2 - Controlled Access Protection
Process isolation
Thrashing
Swap Space
17. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
The Integrity of data within applications
The National Computer Security Center (NCSC)
System High Security Mode
18. Execute one instruction at a time.
Ring 2
B2 rating
Cache Memory
Scalar processors
19. Can be erased - modified and upgraded.
Stored in Reak Memory
Enforces the rules
International Standard 15408
Erasable and Programmable Read-Only Memory (EPROM)
20. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
No read down
Orange Book interpretations
'Dominate'
Identification - Orange Book
21. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Thrashing
Polyinstantiation
Simple Integrity Axiom
22. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Security rating B
attributability
Orange Book B
23. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Accountability - Orange Book
Invocation Property
Evaluated separately
24. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Subject to Object Model
B1 - Labeled Security rating
Multitasking
25. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Virtual storage
Execution Domain
The Monolithic Operation system Architecture
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
26. System Architecture that separates system functionality into Hierarchical layers
Buffer (temporary data storage area)
A Layered Operating System Architecure
Orange Book C
Trusted hardware - Software and Firmware
27. Intended for environments that require systems to handle classified data.
Accountability - Orange Book
System High Security Mode
B1 - Labeled Security rating
Ring 3
28. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
All Mandatory Access Control (MAC) systems
The *-Property rule (Star property)
B3
Division C - Discretionary Protection
29. Operating System Kernel
NOT Integrity
An abstract machine
Ring 0
C2 - Controlled Access Protection
30. The Orange book requires protection against two_____________ - which are these Timing and Storage
Totality of protection mechanisms
Types of covert channels
Buffer (temporary data storage area)
A Layered Operating System Architecure
31. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Trusted Products Evaluation Program (TPEP)
Isolate processes
Orange Book - B1
Be protected from modification
32. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
International Standard 15408
Direct Addressing
Certification
33. Permits a database to have two records that are identical except for Their classifications
Real storage
Assigned labels
Relative Addresses
Polyinstantiation
34. Mandatory Access requires that _____________ be attached to all objects.
Administrative declaration
Controlling unauthorized downgrading of information
Sensitivity labels
D
35. Which is a straightforward approach that provides access rights to subjects for objects?
Orange Book - B2
Access Matrix model
Models concerned with integrity
Need-to-know
36. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Compare the security labels
Life Cycle Assurance Requirement
Isolate processes
Orange Book - B3
37. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
No write down
Security Policy is clearly defined and documented
Thrashing
An abstract machine
39. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
International Standard 15408
Trusted Network Interpretation (TNI)
Firmware
Clark-Wilson Model
40. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Enforces the rules
Absolute addresses
Orange Book B
41. Succesfully Evaluated products are placed on?
TCB (Trusted Computing Base)
Orange Book - D
C2 - Controlled Access Protection
The Evaluated Products List (EPL) with their corresponding rating
42. What does the * (star) property mean in the Bell-LaPadula model?
A Layered Operating System Architecure
The security perimeter
The Tranqulity principle (The Bell-LaPadula Model)
No write down
43. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Dominate the object's sensitivity label
Real storage
Absolute addresses
44. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Physical security
Simple Security Rule
A and B
Secondary Storage
45. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Covert channels
Multilevel Security Policies
security protection mechanisms
C1 - Discrection Security Protection is a type of environment
46. Remaining parts of the operating system
The TCSEC - Aka Orange Book
Division C - Discretionary Protection
International Standard 15408
Ring 1
47. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
The security perimeter
Pagefile.sys file
Division B - Mandatory Protection
Controls the checks
48. Which Orange Book evaluation level is described as "Verified Design"?
Types of covert channels
A1
Documentation - Orange Book
Orange Book - D
49. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Be protected from modification
Trusted facility management
Life Cycle Assurance Requirement
Swap Space
50. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
The National Computer Security Center (NCSC)
Mandatory access control
B2 rating
