SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Programmable Read-Only Memory (PROM)
Be protected from modification
Trusted facility management
2. Subjects and Objects cannot change their security levels once they have been instantiated (created)
International Standard 15408
Security mechanisms and evalautes their effectivenes
The Tranqulity principle (The Bell-LaPadula Model)
Enforces the rules
3. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book C
Virtual Memory
Attributable data
Orange Book - B1
4. What does the * (star) property mean in the Bell-LaPadula model?
Division B - Mandatory Protection Architecture
Security mechanisms and evalautes their effectivenes
The Monolithic Operation system Architecture
No write down
5. The total combination of protection mechanisms within a computer system
The Common Criteria
TCB (Trusted Computing Base)
Security Policy
The Evaluated Products List (EPL) with their corresponding rating
6. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Secondary Storage
Access control to the objects by the subjects
Division D - Minimal Protection
Disclosure of residual data
7. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Buffer overflows
Networks and Communications
Primary storage
8. Permits a database to have two records that are identical except for Their classifications
Ring 0
Security Policy is clearly defined and documented
Polyinstantiation
Implement software or systems in a production environment
9. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Fail safe
C2
Documentation - Orange Book
Ring 3
10. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
11. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Higher or equal to access class
Accreditation
Security Policy - Orange Book
A Limit Register (Memory Management)
12. Users need to be Identified individually to provide more precise acces control and auditing functionality.
The rule is talking about "Reading"
C2 - Controlled Access Protection
Basic Security Theorem (used in computer science) definition
Its classification label (Top Secret - Secret or confidential)
13. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Security Policy
Buffer overflows
Be protected from modification
Ring 1
14. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Orange Book interpretations
Accountability - Orange Book
B2 - Structured Protection
C1 - Discrection Security Protection is a type of environment
15. Which can be used as a covert channel?
Storage and timing
The trustworthiness of an information system
C2 - Controlled Access Protection
Multiprocessing
16. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
The Biba Model
Accreditation
Real storage
17. A set of objects that a subject is able to access
Security mechanisms and evalautes their effectivenes
The *-Property rule (Star property)
Controlling unauthorized downgrading of information
A Domain
18. All users have a clearance for and a formal need to know about - all data processed with the system.
Prevent secret information from being accessed
Dedicated Security Mode
Swap Space
Administrative declaration
19. Involves sharing the processor amoung all ready processes
Security rating B
Enforces the rules
Multitasking
Security Policy - Orange Book
20. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
The Evaluated Products List (EPL) with their corresponding rating
Mandatory Access Control (MAC)
Protection Rings Support
21. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Examples of Layered Operating Systems
C2
The National Computer Security Center (NCSC)
C1 - Discretionary Security Protection
22. When the address location that is specified in the program instruction contains the address of the final desired location.
Security Policy
Indirect addressing
Certification
Overt channel
23. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Operational assurance requirements
Orange Book - D
Attributable - original - accurate - contemporaneous and legible
24. The Biba Model adresses _____________________.
B1 - Labeled Security
Models concerned with integrity
The Integrity of data within applications
C2 - Controlled Access Protection
25. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Security Policy is clearly defined and documented
A Thread
The security perimeter
Division B - Mandatory Protection Architecture
26. Simpler instructions that require fewer clock cycles to execute.
Indirect addressing
An abstract machine
Scalar processors
Reduced Instruction Set Computers (RISC)
27. What does the Clark-Wilson security model focus on
In C2 - Controlled Access Protection environment
Certification
Integrity
Controlling unauthorized downgrading of information
28. Which TCSEC level first addresses object reuse?
NOT Integrity
C2
The Tranqulity principle (The Bell-LaPadula Model)
State machine model
29. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A and B
No read down
Accreditation
30. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Certification
Multiprocessing
Virtual storage
31. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Ring 0
Buffer (temporary data storage area)
Accreditation
NOT Integrity
32. Used by Windows systems to reserve the "Swap Space"
The National Computer Security Center (NCSC)
Pagefile.sys file
Orange Book - B2
Access Matrix model
33. As per FDA data should be ______________________________.
Discretionary Security Property (ds-property)
Scalar processors
No read up
Attributable - original - accurate - contemporaneous and legible
34. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
A Base Register (Memory Management)
The National Computer Security Center (NCSC)
Programmable Read-Only Memory (PROM)
Simple Security Rule
35. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
C2
Simple Security Rule
Buffer (temporary data storage area)
Ring 1
36. What access control technique is also known as multilevel security?
The Tranqulity principle (The Bell-LaPadula Model)
Orange Book B
Networks and Communications
Mandatory access control
37. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The Clark Wilson integrity model
B2 rating
The security perimeter
Networks and Communications
38. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
B3 - Security Domains
Higher or equal to access class
Continuous protection - O/B
Operational assurance requirements
39. What prevents a process from accessing another process' data?
The *-Property rule (Star property)
The Security Kernel
Process isolation
Covert channels
40. Succesfully Evaluated products are placed on?
The Simple Security Property
The Evaluated Products List (EPL) with their corresponding rating
A Thread
In C2 - Controlled Access Protection environment
41. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B1
B3 - Security Domains
Disclosure of residual data
Orange Book - B1
42. Remaining parts of the operating system
Ring 1
Isolate processes
A Thread
The security kernel
43. I/O drivers and utilities
Absolute addresses
Covert channels
Mandatory access control
Ring 2
44. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Access Matrix model
The "No write Down" Rule
A1 - Rating
Its Clearance Label (Top Secret - Secret - or Confidential)
45. Mandatory access control is enfored by the use of security labels.
Mandatory access control
Division B - Mandatory Protection
Highly secure systems (B2 - B3 and A1)
Most commonly used approach
46. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
State machine model
The Integrity of data within applications
Examples of Layered Operating Systems
47. Access control labels must be associated properly with objects.
Orange Book - B2
Indexed addressing
Stored in Reak Memory
Labels - Orange Book
48. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
C1 - Discrection Security Protection is a type of environment
Certification
Orange Book A
Models concerned with integrity
49. Which would be designated as objects on a MAC system?
Highly secure systems (B2 - B3 and A1)
In C2 - Controlled Access Protection environment
Files - directories and devices
Orange Book ratings
50. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Ring 3
Administrative declaration
The Trusted Computing Base (TCB)
Dedicated Security Mode