SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
A Base Register (Memory Management)
The *-Property rule (Star property)
Thrashing
Subject to Object Model
2. What prevents a process from accessing another process' data?
Ring 1
Orange Book interpretations
Files - directories and devices
Process isolation
3. What is called the formal acceptance of the adequacy of a system's overall security by management?
The Rule is talking about writing
Implement software or systems in a production environment
Accreditation
Documentation - Orange Book
4. Minimal Security
Simple Integrity Axiom
Indexed addressing
The Thread (memory Management)
Orange Book - D
5. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Thrashing
Be protected from modification
Buffer overflows
The *-Property rule (Star property)
6. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Orange Book A
All Mandatory Access Control (MAC) systems
Trusted Distribution
The Strong star property rule
7. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Accountability - Orange Book
Trusted hardware - Software and Firmware
Orange Book - B1
A security kernel
8. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Multitasking
Orange Book - B2
The Simple Security Property
Ring 3
9. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Trusted Network Interpretation (TNI)
Constrained
The Tranqulity principle (The Bell-LaPadula Model)
Complex Instruction Set Computers (CISC)
10. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Ring 2
The security perimeter
Execution Domain
The Thread (memory Management)
11. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
Mandatory Access Control (MAC)
A lattice of Intergrity Levels
The Evaluated Products List (EPL) with their corresponding rating
12. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
An abstract machine
The Biba Model
All Mandatory Access Control (MAC) systems
Assigned labels
13. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Simple Integrity Axiom
The "No read Up" rule
Multilevel Security Policies
Direct Addressing
14. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Documentation - Orange Book
D
Invocation Property
The Tranqulity principle (The Bell-LaPadula Model)
15. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Implement software or systems in a production environment
*-Integrity Axiom
Need-to-know
Accountability - Orange Book
16. Which would be designated as objects on a MAC system?
Implement software or systems in a production environment
Files - directories and devices
Most commonly used approach
First evaluation class
17. Remaining parts of the operating system
The Biba Model
C2 - Controlled Access Protection
Ring 1
A security kernel
18. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Discretionary Security Property (ds-property)
A lattice of Intergrity Levels
NOT Integrity
Dedicated Security Mode
19. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Be protected from modification
Simple Integrity Axiom
A Thread
All Mandatory Access Control (MAC) systems
20. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Secondary Storage
NOT Integrity
All Mandatory Access Control (MAC) systems
The Monolithic Operation system Architecture
21. When the address location that is specified in the program instruction contains the address of the final desired location.
Bell-LaPadula Model
A security domain
Indirect addressing
B1 - Labeled Security
22. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Erasable and Programmable Read-Only Memory (EPROM)
Protection Rings Support
Overt channel
Prohibits
23. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
A Limit Register (Memory Management)
Indexed addressing
C2
Indirect addressing
24. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Orange Book - B2
Orange Book B
Continuous protection - O/B
The Evaluated Products List (EPL) with their corresponding rating
25. What does the * (star) property mean in the Bell-LaPadula model?
Disclosure of residual data
Physical security
No write down
The Monolithic Operation system Architecture
26. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Dedicated Security Mode
Operational assurance requirements
C1 - Discretionary Security Protection
27. The Security Model Incorporates the ____________ that should be enforced in the system.
B2 - Structured Protection
A Limit Register (Memory Management)
The Thread (memory Management)
Security Policy
28. What does the Clark-Wilson security model focus on
Integrity
Disclosure of residual data
The security perimeter
Overt channel
29. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Models concerned with integrity
*-Integrity Axiom
Storage and timing
30. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
TCB (Trusted Computing Base)
Bell-LaPadula Model
The Integrity of data within applications
31. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
The security perimeter
Security mechanisms and evalautes their effectivenes
The Common Criteria
A Thread
32. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
C1 - Discrection Security Protection is a type of environment
attributability
Administrative declaration
Implement software or systems in a production environment
33. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Mandatory Access Control (MAC)
Buffer (temporary data storage area)
Direct Addressing
A lattice of Intergrity Levels
34. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
Certification
A Limit Register (Memory Management)
C2
35. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Erasable and Programmable Read-Only Memory (EPROM)
The Rule is talking about writing
Disclosure of residual data
A security kernel
36. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Documentation - Orange Book
Orange Book interpretations
Controls the checks
Models concerned with integrity
37. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
Polyinstantiation
Be protected from modification
Division B - Mandatory Protection Architecture
38. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Accountability - Orange Book
D
Simple Integrity Axiom
C2
39. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Accreditation
Orange Book B
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Constrained
40. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Mandatory access control
Relative Addresses
B2 - Structured Protection
Prohibits
41. I/O drivers and utilities
Trusted Products Evaluation Program (TPEP)
A Base Register (Memory Management)
Ring 2
Trusted facility management
42. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Orange Book C
Security rating B
The Integrity of data within applications
43. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Identification - Orange Book
The Common Criteria
The Tranqulity principle (The Bell-LaPadula Model)
44. Which is a straightforward approach that provides access rights to subjects for objects?
System High Security Mode
Access Matrix model
Logical addresses
B2 rating
45. Which describe a condition when RAM and Secondary storage are used together?
Orange Book B
The "No write Down" Rule
Primary storage
Virtual storage
46. The Simple Security rule is refered to as______________.
*-Integrity Axiom
No write down
The "No read Up" rule
Virtual storage
47. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B3 - Rating
Firmware
System High Security Mode
Security Policy is clearly defined and documented
48. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
In C2 - Controlled Access Protection environment
Multilevel Security Policies
Controlling unauthorized downgrading of information
Evaluated separately
49. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Logical addresses
Indexed addressing
C2 - Controlled Access Protection
50. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
B3
The National Computer Security Center (NCSC)
Controls the checks
The reference monitor