Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the simple security (ss) property mean in the Bell-LaPadula model?






2. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






3. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






4. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






5. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






6. Users need to be Identified individually to provide more precise acces control and auditing functionality.






7. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






8. Trusted facility management is an assurance requirement only for ________________.






9. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






10. Access control labels must be associated properly with objects.






11. Verification Protection






12. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






13. What does the Clark-Wilson security model focus on






14. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






15. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






16. The Indexed memory addresses that software uses






17. Which TCSEC level first addresses object reuse?






18. Execute one instruction at a time.






19. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






20. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






21. System Architecture that separates system functionality into Hierarchical layers






22. Operating System Kernel






23. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






24. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






25. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






26. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






27. What prevents a process from accessing another process' data?






28. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






29. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


30. What does the simple integrity axiom mean in the Biba model?






31. Individual subjects must be uniquely identified.






32. The Simple Security rule is refered to as______________.






33. Another word for Primary storage and distinguishes physical memory from virtual memory.






34. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






35. When a vendor submits a product for evaluation - it submits it to the ____________.






36. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






37. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






38. The combination of RAM - Cache and the Processor Registers






39. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






40. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






41. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






42. The assignment of a specific individual to administer the security-related functions of a system.






43. The subject must have Need to Know for ONLY the information they are trying to access.






44. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






45. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






46. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






47. The Security Model Incorporates the ____________ that should be enforced in the system.






48. Applications and user activity






49. Discretionary protection






50. Which would be designated as objects on a MAC system?






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests