SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Common Criteria
A Base Register (Memory Management)
Trusted Distribution
The Rule is talking about writing
2. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Attributable - original - accurate - contemporaneous and legible
*-Integrity Axiom
Multilevel Security Policies
Clark-Wilson Model
3. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
State machine model
The National Computer Security Center (NCSC)
The reference monitor
Need-to-know
4. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
A security kernel
Sensitivity labels
Bell-LaPadula Model
Real storage
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
The Thread (memory Management)
Basic Security Theorem (used in computer science) definition
Its Clearance Label (Top Secret - Secret - or Confidential)
TCB (Trusted Computing Base)
6. A set of objects that a subject is able to access
The Security Kernel
Identification - Orange Book
A Domain
Pipelining
7. A domain of trust that shares a single security policy and single management
A security domain
Attributable data
Highly secure systems (B2 - B3 and A1)
The Common Criteria
8. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Its classification label (Top Secret - Secret or confidential)
Prohibits
Higher or equal to access class
Trusted Network Interpretation (TNI)
9. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
security protection mechanisms
Polyinstantiation
Implement software or systems in a production environment
International Standard 15408
10. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Orange Book A
A Limit Register (Memory Management)
The Strong star property rule
Subject to Object Model
11. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
NOT Integrity
Clark-Wilson Model
Secondary Storage
12. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Swap Space
Simple Integrity Axiom
Fail safe
Complex Instruction Set Computers (CISC)
13. Applications and user activity
Secondary Storage
B3
The reference monitor
Ring 3
14. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Prevent secret information from being accessed
Be protected from modification
Indexed addressing
Ring 2
15. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
The Clark Wilson integrity model
Scalar processors
B2
The Trusted Computing Base (TCB)
16. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Absolute addresses
Evaluated separately
Division B - Mandatory Protection Architecture
Attributable - original - accurate - contemporaneous and legible
17. A type of memory used for High-speed writing and reading activities.
Orange Book interpretations
The Biba Model
TCB (Trusted Computing Base)
Cache Memory
18. The Physical memory address that the CPU uses
Absolute addresses
Accreditation
security protection mechanisms
A1 - Rating
19. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Swap Space
The Monolithic Operation system Architecture
Stored in Reak Memory
Simple Security Rule
20. When a portion of primary memory is accessed by specifying the actual address of the memory location
Security Policy - Orange Book
Direct addressing
NOT Integrity
Accountability - Orange Book
21. The Indexed memory addresses that software uses
Mandatory Access Control (MAC)
The Red Book
Logical addresses
The "No read Up" rule
22. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Life-cycle assurance - O/B
Security Policy
Logical addresses
23. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Isolate processes
Multilevel Security Policies
24. The combination of RAM - Cache and the Processor Registers
Reduced Instruction Set Computers (RISC)
Disclosure of residual data
The Strong star property rule
Primary storage
25. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
Orange Book - D
Virtual Memory
Models concerned with integrity
26. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Ring 2
Access control to the objects by the subjects
A Domain
27. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Invocation Property
Administrative declaration
Reduced Instruction Set Computers (RISC)
Simple Integrity Axiom
28. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Accreditation
Firmware
Dominate the object's sensitivity label
Basic Security Theorem (used in computer science) definition
29. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Sensitivity labels
Virtual Memory
Orange Book B
Need-to-know
30. Which uses Protection Profiles and Security Targets?
The security perimeter
International Standard 15408
Clark-Wilson Model
All Mandatory Access Control (MAC) systems
31. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Discretionary Security Property (ds-property)
Virtual storage
B3 - Rating
A1
32. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
*-Integrity Axiom
Prevent secret information from being accessed
C1 - Discretionary Security Protection
33. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
B3 - Security Domains
The Rule is talking about writing
Documentation - Orange Book
34. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. When a computer uses more than one CPU in parallel to execute instructions is known as?
Operational assurance requirements
security protection mechanisms
Storage and timing
Multiprocessing
36. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Security Policy
The rule is talking about "Reading"
Life-cycle assurance - O/B
B3
37. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A single classification and a Compartment Set
A1 - Rating
Invocation Property
A1
38. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Administrative declaration
attributability
B1
Erasable and Programmable Read-Only Memory (EPROM)
39. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Primary storage
B3 - Security Domains
Operational assurance requirements
B2
40. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Programmable Read-Only Memory (PROM)
The Red Book
Totality of protection mechanisms
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
41. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Mandatory access control
International Standard 15408
Physical security
Identification - Orange Book
42. The Orange book requires protection against two_____________ - which are these Timing and Storage
Dedicated Security Mode
Types of covert channels
Pagefile.sys file
The National Computer Security Center (NCSC)
43. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Real storage
Subject to Object Model
The "No write Down" Rule
*-Integrity Axiom
44. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Life-cycle assurance - O/B
Orange Book - B2
A1
Division B - Mandatory Protection Architecture
45. As per FDA data should be ______________________________.
A single classification and a Compartment Set
Attributable - original - accurate - contemporaneous and legible
Absolute addresses
Orange Book ratings
46. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Invocation Property
No write down
The Strong star property rule
Secondary Storage
47. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
Assigned labels
Scalar processors
Programmable Read-Only Memory (PROM)
48. Which TCSEC level first addresses object reuse?
Simple Security Rule
First evaluation class
Prevent secret information from being accessed
C2
49. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
Real storage
A Thread
Clark-Wilson Model
50. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Mandatory Access Control (MAC)
Assigned labels
attributability
B2 - Structured Protection
