Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Secondary Storage
B2 - Structured Protection
Simple Security Rule
Multitasking

2. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
B3
Accountability - Orange Book
The "No write Down" Rule

3. All users have a clearance for and a formal need to know about - all data processed with the system.
Security Policy is clearly defined and documented
Certification
C1 - Discrection Security Protection is a type of environment
Dedicated Security Mode

4. What model use an access control triples and requires that the system maintain separation of duty ?
Sensitivity labels
Highly secure systems (B2 - B3 and A1)
Clark-Wilson
The Integrity of data within applications

5. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3 - Rating
B3
NOT Integrity
A Domain

6. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Virtual Memory
Firmware
B2

7. The group that oversees the processes of evaluation within TCSEC is?
Its Clearance Label (Top Secret - Secret - or Confidential)
Ring 0
Trusted Products Evaluation Program (TPEP)
Buffer overflows

8. The Simple Security rule is refered to as______________.
The "No read Up" rule
TCB (Trusted Computing Base)
Ring 0
Trusted Distribution

9. When the RAM and secondary storage are combined the result is __________.
Isolate processes
Examples of Layered Operating Systems
Life Cycle Assurance Requirement
Virtual Memory

10. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
C2 - Controlled Access Protection
Orange Book - B3
Dedicated Security Mode
The Strong star property rule

11. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Programmable Read-Only Memory (PROM)
Orange Book - B1
NOT Integrity
C2 - Controlled Access Protection

12. Remaining parts of the operating system
The Common Criteria
The rule is talking about "Reading"
Ring 1
Its Clearance Label (Top Secret - Secret - or Confidential)

13. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Highly secure systems (B2 - B3 and A1)
Documentation - Orange Book
Orange Book C

14. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Orange Book B
First evaluation class
Disclosure of residual data
Be protected from modification

15. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Isolate processes
The *-Property rule (Star property)
Life Cycle Assurance Requirement
Buffer (temporary data storage area)

16. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
C2 - Controlled Access Protection
Storage and timing
Examples of Layered Operating Systems

17. Which can be used as a covert channel?
Storage and timing
Logical addresses
Complex Instruction Set Computers (CISC)
Orange Book - D

18. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

19. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Orange Book - A1
Reduced Instruction Set Computers (RISC)
*-Integrity Axiom
Orange Book C

20. A type of memory used for High-speed writing and reading activities.
Cache Memory
A security kernel
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Controlling unauthorized downgrading of information

21. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Highly secure systems (B2 - B3 and A1)
Assigned labels
The Strong star property rule

22. Should always trace to individuals responsible for observing and recording the data
Attributable data
Continuous protection - O/B
'Dominate'
The Evaluated Products List (EPL) with their corresponding rating

23. The combination of RAM - Cache and the Processor Registers
The Clark Wilson integrity model
Primary storage
Clark-Wilson Model
C2 - Controlled Access Protection

24. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Direct addressing
Evaluated separately
Continuous protection - O/B
Security Policy - Orange Book

25. Which would be designated as objects on a MAC system?
Files - directories and devices
Division B - Mandatory Protection Architecture
Trusted Network Interpretation (TNI)
Basic Security Theorem (used in computer science) definition

26. The Indexed memory addresses that software uses
B1 - Labeled Security rating
Logical addresses
Enforces the rules
B1

27. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Orange Book - B3
A Base Register (Memory Management)
Access Matrix model

28. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Isolate processes
Access Matrix model
Bell-LaPadula Model

29. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Programmable Read-Only Memory (PROM)
Trusted Distribution
The security kernel
Clark-Wilson Model

30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Division D - Minimal Protection
Prohibits
A Base Register (Memory Management)
Trusted Distribution

31. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Multiprocessing
C2
Security rating B

32. The Reserved hard drive space used to to extend RAM capabilites.
C1
Trusted hardware - Software and Firmware
The Red Book
Swap Space

33. Mandatory Protection
Virtual storage
A Domain
Clark-Wilson
Orange Book B

34. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Prevent secret information from being accessed
The trustworthiness of an information system
Totality of protection mechanisms

35. Contains an Address of where the instruction and dara reside that need to be processed.
Indexed addressing
The Integrity of data within applications
The Thread (memory Management)
The National Computer Security Center (NCSC)

36. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Physical security
Dedicated Security Mode
Overt channel

37. A subject at a given clearance may not read an object at a higher classification
Cache Memory
The Simple Security Property
B3
Bell-LaPadula Model

38. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The "No write Down" Rule
B3 - Security Domains
Access control to the objects by the subjects
Trusted Distribution

39. What does the simple integrity axiom mean in the Biba model?
No read down
No write down
A security kernel
Thrashing

40. Documentation must be provided - including test - design - and specification document - user guides and manuals
B3
B2 - Structured Protection
Indexed addressing
Documentation - Orange Book

41. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Clark-Wilson Model
Orange Book B
B2
The Trusted Computing Base (TCB)

42. In the Bell-LaPadula Model the Subject's Label contains ___________________.
The TCSEC - Aka Orange Book
Government and military applications
Its Clearance Label (Top Secret - Secret - or Confidential)
Operational assurance requirements

43. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Indirect addressing
B3 - Rating
Direct addressing

44. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Orange Book - B1
Invocation Property
Indirect addressing
The Integrity of data within applications

45. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Logical addresses
Simple Integrity Axiom
C1

46. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
C1 - Discretionary Security Protection
Administrative declaration
Discretionary Security Property (ds-property)

47. A Policy based control. All objects and systems have a sensitivity level assigned to them
NOT Integrity
A Layered Operating System Architecure
Mandatory Access Control (MAC)
Mandatory access control

48. Applications and user activity
Cache Memory
The "No write Down" Rule
Ring 3
Attributable - original - accurate - contemporaneous and legible

49. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Clark-Wilson
First evaluation class
B3 - Rating

50. The Orange book requires protection against two_____________ - which are these Timing and Storage
Orange Book ratings
Virtual Memory
Types of covert channels
Sensitivity labels

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests