Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
C2 - Controlled Access Protection
Files - directories and devices
A single classification and a Compartment Set

2. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
First evaluation class
Sensitivity labels
Pagefile.sys file

3. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Primary storage
Ring 1
C1 - Discretionary Security Protection
Mandatory access control

4. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
A lattice of Intergrity Levels
Life-cycle assurance - O/B
B2 rating
The rule is talking about "Reading"

5. Which increases the performance in a computer by overlapping the steps of different instructions?
C2 - Controlled Access Protection
B2
B2 - Structured Protection
Pipelining

6. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Security Policy is clearly defined and documented
B2 - Structured Protection
Life-cycle assurance - O/B
Multitasking

7. When a portion of primary memory is accessed by specifying the actual address of the memory location
The *-Property rule (Star property)
Real storage
Direct addressing
The Common Criteria

8. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Discretionary Security Property (ds-property)
B2 rating
A Domain
Polyinstantiation

9. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The Strong star property rule
Examples of Layered Operating Systems
Controlling unauthorized downgrading of information
Prevent secret information from being accessed

10. Individual subjects must be uniquely identified.
A Thread
Examples of Layered Operating Systems
Identification - Orange Book
Fail safe

11. In access control terms - the word "dominate" refers to ___________.
D
Higher or equal to access class
Clark-Wilson Model
A security domain

12. What are the components of an object's sensitivity label?
Buffer overflows
A Thread
Physical security
A single classification and a Compartment Set

13. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Logical addresses
Division D - Minimal Protection
C2

14. Happen because input data is not checked for appropriate length at time of input
Programmable Read-Only Memory (PROM)
Protection Rings Support
Buffer overflows
Evaluated separately

15. When a computer uses more than one CPU in parallel to execute instructions is known as?
Firmware
B2
Virtual storage
Multiprocessing

16. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
Polyinstantiation
Access control to the objects by the subjects
Accreditation

17. According to the Orange Book - trusted facility management is not required for which security levels?
The trustworthiness of an information system
The security kernel
Networks and Communications
B1

18. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Dedicated Security Mode
Types of covert channels
Absolute addresses

19. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
The Strong star property rule
The trustworthiness of an information system
B2 - Structured Protection

20. Contains an Address of where the instruction and dara reside that need to be processed.
Trusted hardware - Software and Firmware
The Trusted Computing Base (TCB)
The Thread (memory Management)
Evaluated separately

21. The group that oversees the processes of evaluation within TCSEC is?
'Dominate'
Types of covert channels
Trusted Products Evaluation Program (TPEP)
Erasable and Programmable Read-Only Memory (EPROM)

22. What does the Clark-Wilson security model focus on
Mandatory access control
Integrity
Orange Book B
Higher or equal to access class

23. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Assigned labels
The "No write Down" Rule
Division B - Mandatory Protection

24. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
A Thread
C2 - Controlled Access Protection
Physical security
B3

25. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Compare the security labels
A Thread
The security perimeter

26. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Evaluated separately
The Biba Model
A Domain
Virtual storage

27. What does the simple security (ss) property mean in the Bell-LaPadula model?
Thrashing
No read up
Administrative declaration
The National Computer Security Center (NCSC)

28. Involves sharing the processor amoung all ready processes
Orange Book - B3
Multitasking
Operational assurance requirements
The Trusted Computing Base (TCB)

29. Should always trace to individuals responsible for observing and recording the data
Orange Book C
Attributable data
Division B - Mandatory Protection
Orange Book ratings

30. Verification Protection
Trusted Network Interpretation (TNI)
Orange Book A
B2 - Structured Protection
Sensitivity labels

31. The subject must have Need to Know for ONLY the information they are trying to access.
C2
System High Security Mode
Controls the checks
A Limit Register (Memory Management)

32. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
The Clark Wilson integrity model
First evaluation class
C1
Trusted Distribution

33. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Basic Security Theorem (used in computer science) definition
Stored in Reak Memory
Sensitivity labels
Security Policy - Orange Book

34. The Physical memory address that the CPU uses
The Security Kernel
Highly secure systems (B2 - B3 and A1)
Absolute addresses
B3

35. Which would be designated as objects on a MAC system?
Trusted hardware - Software and Firmware
B2 rating
Files - directories and devices
Division B - Mandatory Protection Architecture

36. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
The "No read Up" rule
TCB (Trusted Computing Base)
A security domain

37. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Simple Security Rule
An abstract machine
Orange Book interpretations
Constrained

38. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Controls the checks
Swap Space
Higher or equal to access class
The security kernel

39. The combination of RAM - Cache and the Processor Registers
Ring 1
attributability
C2
Primary storage

40. The Biba Model adresses _____________________.
The Integrity of data within applications
Complex Instruction Set Computers (CISC)
'Dominate'
B1 - Labeled Security rating

41. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Multilevel Security Policies
Basic Security Theorem (used in computer science) definition
Accountability - Orange Book

42. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Primary storage
B3 - Security Domains
Isolate processes
Security Policy is clearly defined and documented

43. What access control technique is also known as multilevel security?
Ring 1
Operational assurance requirements
Mandatory access control
Discretionary Security Property (ds-property)

44. In the Bell-LaPadula Model the Subject's Label contains ___________________.
A Domain
Its Clearance Label (Top Secret - Secret - or Confidential)
TCB (Trusted Computing Base)
Buffer (temporary data storage area)

45. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Identification - Orange Book
Virtual storage
B3

46. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
B2
Clark-Wilson Model
Programmable Read-Only Memory (PROM)

47. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Life Cycle Assurance Requirement
Accountability - Orange Book
Totality of protection mechanisms

48. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Integrity
The Thread (memory Management)
Fail safe
Ring 1

49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Orange Book interpretations
Multilevel Security Policies
The Simple Security Property
The Red Book

50. Documentation must be provided - including test - design - and specification document - user guides and manuals
Administrative declaration
An abstract machine
The National Computer Security Center (NCSC)
Documentation - Orange Book

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests