SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The assignment of a specific individual to administer the security-related functions of a system.
B1 - Labeled Security
Trusted facility management
Attributable data
The security kernel
2. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The reference monitor
Stored in Reak Memory
System High Security Mode
Prevent secret information from being accessed
4. The Orange book requires protection against two_____________ - which are these Timing and Storage
Files - directories and devices
Invocation Property
Division D - Minimal Protection
Types of covert channels
5. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The Simple Security Property
The Trusted Computing Base (TCB)
Invocation Property
Labels - Orange Book
6. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
B3
Physical security
Multiprocessing
7. A set of objects that a subject is able to access
A Domain
Dedicated Security Mode
Be protected from modification
Life-cycle assurance - O/B
8. Remaining parts of the operating system
C1 - Discrection Security Protection is a type of environment
The Strong star property rule
Ring 1
Higher or equal to access class
9. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Be protected from modification
Security mechanisms and evalautes their effectivenes
Higher or equal to access class
Buffer overflows
10. I/O drivers and utilities
Cache Memory
Indexed addressing
Access Matrix model
Ring 2
11. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
Execution Domain
B1 - Labeled Security rating
Covert channels
12. Mediates all access and Functions between subjects and objects.
Erasable and Programmable Read-Only Memory (EPROM)
The Security Kernel
B1
The security perimeter
13. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Dedicated Security Mode
attributability
The Strong star property rule
Dedicated Security Mode
14. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Continuous protection - O/B
No read up
Stored in Reak Memory
Orange Book ratings
15. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Direct addressing
Most commonly used approach
Constrained
The security kernel
16. Mandatory Access requires that _____________ be attached to all objects.
A and B
Sensitivity labels
Thrashing
Life Cycle Assurance Requirement
17. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Orange Book A
Totality of protection mechanisms
Simple Security Rule
Indexed addressing
18. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Examples of Layered Operating Systems
C1
The Biba Model
19. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Labels - Orange Book
Orange Book A
Orange Book - B1
20. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Integrity
Thrashing
B3 - Rating
Examples of Layered Operating Systems
21. All users have a clearance for and a formal need to know about - all data processed with the system.
Dedicated Security Mode
Examples of Layered Operating Systems
Enforces the rules
Clark-Wilson
22. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
A single classification and a Compartment Set
B2
The Common Criteria
23. Happen because input data is not checked for appropriate length at time of input
Buffer overflows
Bell-LaPadula Model
Disclosure of residual data
Pagefile.sys file
24. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Trusted Products Evaluation Program (TPEP)
Operational assurance requirements
The Common Criteria
Trusted facility management
25. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
The Tranqulity principle (The Bell-LaPadula Model)
C2 - Controlled Access Protection
Primary storage
26. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Access Matrix model
The *-Property rule (Star property)
The security perimeter
C1 - Discrection Security Protection is a type of environment
27. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
C2 - Controlled Access Protection
Invocation Property
B3
Division B - Mandatory Protection Architecture
28. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
The Integrity of data within applications
Orange Book - D
B2 - Structured Protection
Orange Book - B3
29. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Dedicated Security Mode
The Thread (memory Management)
B1 - Labeled Security
30. Simpler instructions that require fewer clock cycles to execute.
NOT Integrity
Reduced Instruction Set Computers (RISC)
The Common Criteria
Orange Book - D
31. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
The Security Kernel
Orange Book - B1
Disclosure of residual data
The Red Book
32. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Indirect addressing
Logical addresses
A1 - Rating
Constrained
33. Applications and user activity
Types of covert channels
Security mechanisms and evalautes their effectivenes
B3
Ring 3
34. Access control labels must be associated properly with objects.
Labels - Orange Book
'Dominate'
A Layered Operating System Architecure
Networks and Communications
35. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
C2 - Controlled Access Protection
Secondary Storage
Trusted Distribution
Access control to the objects by the subjects
36. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Orange Book interpretations
Thrashing
Logical addresses
37. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Mandatory Access Control (MAC)
Pipelining
Identification - Orange Book
38. The group that oversees the processes of evaluation within TCSEC is?
The Trusted Computing Base (TCB)
Trusted Products Evaluation Program (TPEP)
Accountability - Orange Book
The "No read Up" rule
39. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Swap Space
Models concerned with integrity
The rule is talking about "Reading"
C1 - Discretionary Security Protection
40. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Orange Book C
Government and military applications
Continuous protection - O/B
The Integrity of data within applications
41. Execute one instruction at a time.
Orange Book interpretations
Access control to the objects by the subjects
Scalar processors
Firmware
42. Documentation must be provided - including test - design - and specification document - user guides and manuals
Orange Book - B1
Documentation - Orange Book
Trusted Products Evaluation Program (TPEP)
A and B
43. The Reserved hard drive space used to to extend RAM capabilites.
Dedicated Security Mode
Bell-LaPadula Model
The security perimeter
Swap Space
44. What access control technique is also known as multilevel security?
Pagefile.sys file
Mandatory access control
Trusted hardware - Software and Firmware
Highly secure systems (B2 - B3 and A1)
45. The total combination of protection mechanisms within a computer system
Direct addressing
TCB (Trusted Computing Base)
The Biba Model
The security perimeter
46. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Security mechanisms and evalautes their effectivenes
Covert channels
International Standard 15408
Division C - Discretionary Protection
47. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Continuous protection - O/B
Indexed addressing
C2 - Controlled Access Protection
Trusted facility management
48. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
The Evaluated Products List (EPL) with their corresponding rating
Virtual Memory
B2 rating
49. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Models concerned with integrity
C2 - Controlled Access Protection
Indexed addressing
Protection Rings Support
50. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
The *-Property rule (Star property)
*-Integrity Axiom
B3 - Security Domains
The Rule is talking about writing