Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Applications and user activity






2. Should always trace to individuals responsible for observing and recording the data






3. Verification Protection






4. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






5. The TCB is the ________________ within a computer system that work together to enforce a security policy.






6. What model use an access control triples and requires that the system maintain separation of duty ?






7. When a vendor submits a product for evaluation - it submits it to the ____________.






8. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






9. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






10. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






11. A subject at a given clearance may not read an object at a higher classification






12. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






13. A type of memory used for High-speed writing and reading activities.






14. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






15. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






16. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






17. Execute one instruction at a time.






18. Contains the beginning address






19. The Bell-LaPadula model Subjects and Objects are ___________.






20. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






21. As per FDA data should be ______________________________.






22. Audit data must be captured and protected to enforce accountability






23. In access control terms - the word "dominate" refers to ___________.






24. The Orange book does NOT Cover ________________ - And Database management systems






25. What is called the formal acceptance of the adequacy of a system's overall security by management?






26. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






27. Contains the ending address






28. Used by Windows systems to reserve the "Swap Space"






29. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






30. What does the * (star) property mean in the Bell-LaPadula model?






31. Mandatory Protection






32. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






33. The subject must have Need to Know for ONLY the information they are trying to access.






34. The Simple Security rule is refered to as______________.






35. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






36. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






37. Remaining parts of the operating system






38. What access control technique is also known as multilevel security?






39. What does the simple security (ss) property mean in the Bell-LaPadula model?






40. What prevents a process from accessing another process' data?






41. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






42. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






43. The Biba Model adresses _____________________.






44. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






45. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






46. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






47. The Physical memory address that the CPU uses






48. Which TCSEC level first addresses object reuse?






49. The C2 evaluation class of the _________________ offers controlled access protection.






50. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.