SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains the beginning address
A Base Register (Memory Management)
Isolate processes
Enforces the rules
attributability
2. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Orange Book A
Continuous protection - O/B
Process isolation
3. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Mandatory Access Control (MAC)
A Layered Operating System Architecure
B1 - Labeled Security
Evaluated separately
4. The Orange book does NOT Cover ________________ - And Database management systems
*-Integrity Axiom
Networks and Communications
Execution Domain
Process isolation
5. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
A and B
Subject to Object Model
Controlling unauthorized downgrading of information
Controls the checks
6. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Disclosure of residual data
Continuous protection - O/B
The Strong star property rule
Prevent secret information from being accessed
7. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
'Dominate'
Process isolation
Life-cycle assurance - O/B
B3
8. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
The *-Property rule (Star property)
Trusted Network Interpretation (TNI)
Higher or equal to access class
All Mandatory Access Control (MAC) systems
9. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Files - directories and devices
Labels - Orange Book
The Evaluated Products List (EPL) with their corresponding rating
10. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Division B - Mandatory Protection Architecture
The Rule is talking about writing
C2 - Controlled Access Protection
Simple Security Rule
11. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Integrity
Attributable data
Indirect addressing
12. When a vendor submits a product for evaluation - it submits it to the ____________.
Dominate the object's sensitivity label
Mandatory Access Control (MAC)
The National Computer Security Center (NCSC)
A Base Register (Memory Management)
13. What are the components of an object's sensitivity label?
Constrained
Implement software or systems in a production environment
Examples of Layered Operating Systems
A single classification and a Compartment Set
14. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Implement software or systems in a production environment
Multilevel Security Policies
An abstract machine
A security kernel
15. When the RAM and secondary storage are combined the result is __________.
The Strong star property rule
The *-Property rule (Star property)
Virtual Memory
Higher or equal to access class
16. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Virtual Memory
*-Integrity Axiom
Thrashing
C2
17. The combination of RAM - Cache and the Processor Registers
All Mandatory Access Control (MAC) systems
Buffer overflows
The Red Book
Primary storage
18. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The Thread (memory Management)
Orange Book - B1
Division B - Mandatory Protection Architecture
Security mechanisms and evalautes their effectivenes
19. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
Security Policy
Stored in Reak Memory
Ring 0
20. Another word for Primary storage and distinguishes physical memory from virtual memory.
Direct addressing
Discretionary Security Property (ds-property)
Real storage
C2 - Controlled Access Protection
21. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
A Limit Register (Memory Management)
C1 - Discrection Security Protection is a type of environment
The Thread (memory Management)
A Thread
22. The Bell-LaPadula model Subjects and Objects are ___________.
A security domain
Assigned labels
Multiprocessing
Networks and Communications
23. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
The Red Book
C1 - Discrection Security Protection is a type of environment
Security Policy is clearly defined and documented
Absolute addresses
24. Which is a straightforward approach that provides access rights to subjects for objects?
The National Computer Security Center (NCSC)
Access Matrix model
Its classification label (Top Secret - Secret or confidential)
Pipelining
25. Operating System Kernel
Its classification label (Top Secret - Secret or confidential)
Ring 0
A Domain
Firmware
26. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Ring 0
A lattice of Intergrity Levels
Controlling unauthorized downgrading of information
Basic Security Theorem (used in computer science) definition
27. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Multitasking
The rule is talking about "Reading"
D
Logical addresses
28. The Biba Model adresses _____________________.
Orange Book - B3
Polyinstantiation
Cache Memory
The Integrity of data within applications
29. Minimal Security
Mandatory access control
Orange Book - D
The Rule is talking about writing
A single classification and a Compartment Set
30. Access control labels must be associated properly with objects.
Labels - Orange Book
The "No write Down" Rule
Subject to Object Model
Multiprocessing
31. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Highly secure systems (B2 - B3 and A1)
Security Policy - Orange Book
First evaluation class
C2 - Controlled Access Protection
32. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Cache Memory
Compare the security labels
Division B - Mandatory Protection Architecture
The security perimeter
33. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
B2
Ring 0
Trusted Distribution
Subject to Object Model
34. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Storage and timing
Certification
The security perimeter
Stored in Reak Memory
35. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Programmable Read-Only Memory (PROM)
Access control to the objects by the subjects
Dominate the object's sensitivity label
Clark-Wilson Model
36. The *-Property rule is refered to as ____________.
Controls the checks
C1 - Discrection Security Protection is a type of environment
International Standard 15408
The "No write Down" Rule
37. The Reserved hard drive space used to to extend RAM capabilites.
Orange Book - B1
The Security Kernel
Evaluated separately
Swap Space
38. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Storage and timing
attributability
B3 - Security Domains
39. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Execution Domain
Real storage
C2 - Controlled Access Protection
Life-cycle assurance - O/B
40. Which in the Orange Book ratings represents the highest level of trust?
Stored in Reak Memory
The Strong star property rule
B2
Administrative declaration
41. Mediates all access and Functions between subjects and objects.
Higher or equal to access class
The Trusted Computing Base (TCB)
Attributable - original - accurate - contemporaneous and legible
The Security Kernel
42. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Its classification label (Top Secret - Secret or confidential)
Firmware
Accreditation
43. What does the Clark-Wilson security model focus on
Integrity
B2 rating
Storage and timing
Swap Space
44. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Implement software or systems in a production environment
Division C - Discretionary Protection
Programmable Read-Only Memory (PROM)
B1 - Labeled Security
45. Used by Windows systems to reserve the "Swap Space"
Integrity
Security rating B
Pagefile.sys file
Operational assurance requirements
46. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Administrative declaration
B1
Most commonly used approach
Execution Domain
47. When a portion of primary memory is accessed by specifying the actual address of the memory location
A security kernel
The security perimeter
Life Cycle Assurance Requirement
Direct addressing
48. Should always trace to individuals responsible for observing and recording the data
C1
Attributable data
Security rating B
A Base Register (Memory Management)
49. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Prohibits
Orange Book - B3
System High Security Mode
Orange Book - A1
50. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
Controlling unauthorized downgrading of information
Basic Security Theorem (used in computer science) definition
Fail safe
