Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






2. When a vendor submits a product for evaluation - it submits it to the ____________.






3. The Physical memory address that the CPU uses






4. Subjects and Objects cannot change their security levels once they have been instantiated (created)






5. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






6. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






7. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






8. Which would be designated as objects on a MAC system?






9. Operating System Kernel






10. When the RAM and secondary storage are combined the result is __________.






11. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?






12. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






13. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






14. The Orange book does NOT Cover ________________ - And Database management systems






15. Applications and user activity






16. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






17. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






18. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






19. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






20. Mediates all access and Functions between subjects and objects.






21. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






22. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






23. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






24. Mandatory Protection






25. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






26. What does the simple security (ss) property mean in the Bell-LaPadula model?






27. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. A subject at a given clearance may not read an object at a higher classification






29. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






30. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






31. When a portion of primary memory is accessed by specifying the actual address of the memory location






32. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






33. Which is a straightforward approach that provides access rights to subjects for objects?






34. What are the components of an object's sensitivity label?






35. Permits a database to have two records that are identical except for Their classifications






36. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






37. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






38. The Security Model Incorporates the ____________ that should be enforced in the system.






39. The Bell-LaPadula model Subjects and Objects are ___________.






40. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






41. The Simple Security rule is refered to as______________.






42. TCSEC provides a means to evaluate ______________________.






43. Happen because input data is not checked for appropriate length at time of input






44. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






45. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






47. Execute one instruction at a time.






48. Involves sharing the processor amoung all ready processes






49. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






50. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.