SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the * (star) property mean in the Bell-LaPadula model?
The rule is talking about "Reading"
Ring 1
A Base Register (Memory Management)
No write down
2. Verification Protection
Orange Book A
Dedicated Security Mode
Direct addressing
An abstract machine
3. Applications and user activity
Primary storage
The Tranqulity principle (The Bell-LaPadula Model)
Ring 3
A Thread
4. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
A single classification and a Compartment Set
Simple Integrity Axiom
Examples of Layered Operating Systems
The Thread (memory Management)
5. Contains the beginning address
Buffer (temporary data storage area)
Primary storage
A Base Register (Memory Management)
Multiprocessing
6. Which increases the performance in a computer by overlapping the steps of different instructions?
The Clark Wilson integrity model
Dominate the object's sensitivity label
No write down
Pipelining
7. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Integrity
Most commonly used approach
The security perimeter
A1
8. The security kernel is the mechanism that _____________ of the reference monitor concept.
Higher or equal to access class
Scalar processors
Enforces the rules
Buffer (temporary data storage area)
9. Simpler instructions that require fewer clock cycles to execute.
B2
Virtual storage
Division B - Mandatory Protection
Reduced Instruction Set Computers (RISC)
10. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Totality of protection mechanisms
Orange Book - A1
Attributable - original - accurate - contemporaneous and legible
Division B - Mandatory Protection Architecture
11. When a portion of primary memory is accessed by specifying the actual address of the memory location
The "No write Down" Rule
Process isolation
Orange Book - B3
Direct addressing
12. A system uses the Reference Monitor to ___________________ of a subject and an object?
The Tranqulity principle (The Bell-LaPadula Model)
Compare the security labels
The Simple Security Property
Pagefile.sys file
13. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
C2 - Controlled Access Protection
Trusted hardware - Software and Firmware
Thrashing
Simple Integrity Axiom
14. In the Bell-LaPadula Model the Object's Label contains ___________________.
The Monolithic Operation system Architecture
Indexed addressing
Protection Rings Support
Its classification label (Top Secret - Secret or confidential)
15. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Secondary Storage
The rule is talking about "Reading"
Multiprocessing
16. The subject must have Need to Know for ONLY the information they are trying to access.
Reduced Instruction Set Computers (RISC)
System High Security Mode
C1 - Discretionary Security Protection
Division D - Minimal Protection
17. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Direct addressing
Orange Book C
attributability
18. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Mandatory access control
The Red Book
The Thread (memory Management)
19. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Higher or equal to access class
Highly secure systems (B2 - B3 and A1)
Virtual storage
The Monolithic Operation system Architecture
20. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
Orange Book - B3
The reference monitor
Prevent secret information from being accessed
21. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
A single classification and a Compartment Set
Prevent secret information from being accessed
Division B - Mandatory Protection
B3
22. The Physical memory address that the CPU uses
C2
Cache Memory
Absolute addresses
First evaluation class
23. The combination of RAM - Cache and the Processor Registers
The Thread (memory Management)
No read up
Reduced Instruction Set Computers (RISC)
Primary storage
24. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Ring 0
*-Integrity Axiom
The National Computer Security Center (NCSC)
Dedicated Security Mode
25. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
A1
Complex Instruction Set Computers (CISC)
Security rating B
Division B - Mandatory Protection
26. Mandatory access control is enfored by the use of security labels.
The Trusted Computing Base (TCB)
Division B - Mandatory Protection
The Simple Security Property
The trustworthiness of an information system
27. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Administrative declaration
Relative Addresses
A security kernel
Direct Addressing
28. The *-Property rule is refered to as ____________.
The "No write Down" Rule
Trusted Distribution
Basic Security Theorem (used in computer science) definition
Secondary Storage
29. The Simple Security rule is refered to as______________.
Orange Book A
The security perimeter
Continuous protection - O/B
The "No read Up" rule
30. Intended for environments that require systems to handle classified data.
B2 - Structured Protection
Stored in Reak Memory
Orange Book B
B1 - Labeled Security rating
31. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
B2 rating
Orange Book B
First evaluation class
Attributable data
32. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Isolate processes
Process isolation
Constrained
Prohibits
33. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Thrashing
Security mechanisms and evalautes their effectivenes
Direct Addressing
34. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The National Computer Security Center (NCSC)
Integrity
Buffer (temporary data storage area)
The TCSEC - Aka Orange Book
35. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Controls the checks
B3
Types of covert channels
System High Security Mode
36. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Its classification label (Top Secret - Secret or confidential)
attributability
Invocation Property
37. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Firmware
D
B2 - Structured Protection
B1
38. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
B1
Security Policy
Process isolation
Simple Security Rule
39. Trusted facility management is an assurance requirement only for ________________.
Logical addresses
Highly secure systems (B2 - B3 and A1)
Indirect addressing
Certification
40. Audit data must be captured and protected to enforce accountability
Division B - Mandatory Protection Architecture
Simple Integrity Axiom
B2 rating
Accountability - Orange Book
41. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
The National Computer Security Center (NCSC)
In C2 - Controlled Access Protection environment
Trusted facility management
Basic Security Theorem (used in computer science) definition
42. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
A1
The Clark Wilson integrity model
The Strong star property rule
The "No read Up" rule
43. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The Integrity of data within applications
No read up
A security kernel
Administrative declaration
44. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The *-Property rule (Star property)
Examples of Layered Operating Systems
Its Clearance Label (Top Secret - Secret - or Confidential)
Invocation Property
45. Documentation must be provided - including test - design - and specification document - user guides and manuals
The security kernel
Security Policy
Orange Book - B1
Documentation - Orange Book
46. The group that oversees the processes of evaluation within TCSEC is?
The trustworthiness of an information system
Relative Addresses
Trusted Products Evaluation Program (TPEP)
Certification
47. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Labels - Orange Book
Multitasking
Identification - Orange Book
Security rating B
48. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Security Policy
Controlling unauthorized downgrading of information
Higher or equal to access class
49. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Buffer overflows
Orange Book B
Logical addresses
50. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
C2
Assigned labels
Operational assurance requirements
First evaluation class