SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of memory used for High-speed writing and reading activities.
The "No read Up" rule
B3 - Security Domains
Orange Book A
Cache Memory
2. Mediates all access and Functions between subjects and objects.
The Security Kernel
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book - B3
Direct addressing
3. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
All Mandatory Access Control (MAC) systems
A1 - Rating
Types of covert channels
4. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Fail safe
C2
The *-Property rule (Star property)
Prevent secret information from being accessed
5. Data in Cache can be accessed much more quickly than Data
Pipelining
Stored in Reak Memory
Discretionary Security Property (ds-property)
No read down
6. Involves sharing the processor amoung all ready processes
Division C - Discretionary Protection
A Base Register (Memory Management)
The trustworthiness of an information system
Multitasking
7. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Assigned labels
Security Policy is clearly defined and documented
Orange Book - B1
Multilevel Security Policies
8. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
C2 - Controlled Access Protection
Controls the checks
Documentation - Orange Book
Clark-Wilson Model
9. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
The Trusted Computing Base (TCB)
The rule is talking about "Reading"
Swap Space
10. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
The Red Book
Thrashing
C2
11. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Storage and timing
First evaluation class
The Red Book
Security mechanisms and evalautes their effectivenes
12. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Simple Security Rule
The "No write Down" Rule
Life-cycle assurance - O/B
The Clark Wilson integrity model
13. What is called the formal acceptance of the adequacy of a system's overall security by management?
Trusted Distribution
Accreditation
Multiprocessing
Firmware
14. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
The Security Kernel
Buffer (temporary data storage area)
International Standard 15408
15. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Mandatory Access Control (MAC)
The trustworthiness of an information system
The Rule is talking about writing
16. The *-Property rule is refered to as ____________.
Orange Book - B3
The TCSEC - Aka Orange Book
The "No write Down" Rule
The National Computer Security Center (NCSC)
17. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
A and B
Constrained
Files - directories and devices
Multiprocessing
18. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Swap Space
Virtual Memory
A and B
The Evaluated Products List (EPL) with their corresponding rating
19. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Trusted facility management
Evaluated separately
Virtual Memory
Life-cycle assurance - O/B
20. Individual subjects must be uniquely identified.
The Tranqulity principle (The Bell-LaPadula Model)
Identification - Orange Book
Security rating B
A lattice of Intergrity Levels
21. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Dominate the object's sensitivity label
A Limit Register (Memory Management)
The Strong star property rule
22. Discretionary protection
An abstract machine
Division C - Discretionary Protection
Orange Book C
NOT Integrity
23. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
B2 - Structured Protection
Orange Book - B2
Discretionary Security Property (ds-property)
24. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Attributable data
Access control to the objects by the subjects
Erasable and Programmable Read-Only Memory (EPROM)
25. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Controlling unauthorized downgrading of information
Mandatory access control
The security kernel
26. The Physical memory address that the CPU uses
Mandatory Access Control (MAC)
Orange Book A
In C2 - Controlled Access Protection environment
Absolute addresses
27. When the address location that is specified in the program instruction contains the address of the final desired location.
Continuous protection - O/B
Indirect addressing
Complex Instruction Set Computers (CISC)
The Evaluated Products List (EPL) with their corresponding rating
28. Documentation must be provided - including test - design - and specification document - user guides and manuals
Programmable Read-Only Memory (PROM)
Implement software or systems in a production environment
Documentation - Orange Book
Government and military applications
29. Mandatory access control is enfored by the use of security labels.
A Domain
Certification
Orange Book B
Division B - Mandatory Protection
30. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Thread (memory Management)
Execution Domain
The Trusted Computing Base (TCB)
Multitasking
31. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Buffer overflows
Trusted Distribution
Basic Security Theorem (used in computer science) definition
The Thread (memory Management)
32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Certification
Firmware
security protection mechanisms
33. Contains the ending address
The Clark Wilson integrity model
B2
C2
A Limit Register (Memory Management)
34. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Orange Book B
Orange Book interpretations
Process isolation
Protection Rings Support
35. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Division B - Mandatory Protection Architecture
Execution Domain
C1
Physical security
36. TCB contains The Security Kernel and all ______________.
Attributable - original - accurate - contemporaneous and legible
C1 - Discretionary Security Protection
*-Integrity Axiom
security protection mechanisms
37. The security kernel is the mechanism that _____________ of the reference monitor concept.
Absolute addresses
The security kernel
Accountability - Orange Book
Enforces the rules
38. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
C1
A and B
Multitasking
The security kernel
39. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
The Security Kernel
Orange Book - B3
Totality of protection mechanisms
40. The Orange book does NOT Cover ________________ - And Database management systems
A security domain
Administrative declaration
Networks and Communications
Access control to the objects by the subjects
41. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Ring 0
*-Integrity Axiom
Cache Memory
D
42. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Division C - Discretionary Protection
Orange Book - B2
The Common Criteria
Accountability - Orange Book
43. Used by Windows systems to reserve the "Swap Space"
The security perimeter
Be protected from modification
Pagefile.sys file
Division C - Discretionary Protection
44. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Controls the checks
Operational assurance requirements
Trusted hardware - Software and Firmware
Programmable Read-Only Memory (PROM)
45. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
The rule is talking about "Reading"
Physical security
Attributable data
The Strong star property rule
46. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
A Limit Register (Memory Management)
Thrashing
In C2 - Controlled Access Protection environment
Networks and Communications
47. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Security Policy is clearly defined and documented
Orange Book C
All Mandatory Access Control (MAC) systems
48. Operating System Kernel
Trusted Distribution
Erasable and Programmable Read-Only Memory (EPROM)
Ring 0
Overt channel
49. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
D
The Simple Security Property
Evaluated separately
Simple Integrity Axiom
50. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
No read down
Assigned labels
Division D - Minimal Protection