Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






2. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






3. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






4. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






5. Subjects and Objects cannot change their security levels once they have been instantiated (created)






6. A system uses the Reference Monitor to ___________________ of a subject and an object?






7. In the Bell-LaPadula Model the Subject's Label contains ___________________.






8. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






9. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






10. Which increases the performance in a computer by overlapping the steps of different instructions?






11. Which TCSEC level first addresses object reuse?






12. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






13. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






14. In access control terms - the word "dominate" refers to ___________.






15. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






16. When a vendor submits a product for evaluation - it submits it to the ____________.






17. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






18. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






19. When a computer uses more than one CPU in parallel to execute instructions is known as?






20. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






21. All users have a clearance for and a formal need to know about - all data processed with the system.






22. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






23. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






24. Another word for Primary storage and distinguishes physical memory from virtual memory.






25. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






26. Which is an ISO standard product evaluation criteria that supersedes several different criteria






27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






28. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






29. Bell-LaPadula model was proposed for enforcing access control in _____________________.






30. The Security Model Incorporates the ____________ that should be enforced in the system.






31. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






32. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






33. Mandatory Access requires that _____________ be attached to all objects.






34. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






35. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






36. Access control labels must be associated properly with objects.






37. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






38. The Orange book requires protection against two_____________ - which are these Timing and Storage






39. The Indexed memory addresses that software uses






40. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






41. A domain of trust that shares a single security policy and single management






42. Happen because input data is not checked for appropriate length at time of input






43. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






44. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






45. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






46. What does the simple integrity axiom mean in the Biba model?






47. Contains the ending address






48. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






49. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






50. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.