Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






2. What prevents a process from accessing another process' data?






3. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






4. Intended for environments that require systems to handle classified data.






5. What does the simple integrity axiom mean in the Biba model?






6. A subject at a given clearance may not read an object at a higher classification






7. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






8. The *-Property rule is refered to as ____________.






9. The total combination of protection mechanisms within a computer system






10. In the Bell-LaPadula Model the Subject's Label contains ___________________.






11. When a computer uses more than one CPU in parallel to execute instructions is known as?






12. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






13. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






14. Audit data must be captured and protected to enforce accountability






15. TCSEC provides a means to evaluate ______________________.






16. The assignment of a specific individual to administer the security-related functions of a system.






17. A Policy based control. All objects and systems have a sensitivity level assigned to them






18. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






19. Permits a database to have two records that are identical except for Their classifications






20. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






21. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






22. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






23. What does the * (star) property mean in the Bell-LaPadula model?






24. The combination of RAM - Cache and the Processor Registers






25. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






26. The Biba Model adresses _____________________.






27. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






28. What does the Clark-Wilson security model focus on






29. The Orange book does NOT Cover ________________ - And Database management systems






30. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






31. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


32. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






33. Happen because input data is not checked for appropriate length at time of input






34. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






35. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






36. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






37. Which increases the performance in a computer by overlapping the steps of different instructions?






38. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






39. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






40. Applications and user activity






41. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






42. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






43. The security kernel is the mechanism that _____________ of the reference monitor concept.






44. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






45. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






46. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






47. Verification Protection






48. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






49. Mandatory access control is enfored by the use of security labels.






50. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.