SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which is a straightforward approach that provides access rights to subjects for objects?
Execution Domain
Access Matrix model
Swap Space
Its classification label (Top Secret - Secret or confidential)
2. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Trusted Network Interpretation (TNI)
The Monolithic Operation system Architecture
*-Integrity Axiom
3. The Indexed memory addresses that software uses
Models concerned with integrity
Process isolation
B3 - Security Domains
Logical addresses
4. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
A Thread
Covert channels
Clark-Wilson
The Trusted Computing Base (TCB)
5. What does the simple security (ss) property mean in the Bell-LaPadula model?
C2 - Controlled Access Protection
No read up
attributability
The TCSEC - Aka Orange Book
6. The group that oversees the processes of evaluation within TCSEC is?
Examples of Layered Operating Systems
Multitasking
B3 - Rating
Trusted Products Evaluation Program (TPEP)
7. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
B2 rating
Highly secure systems (B2 - B3 and A1)
Access Matrix model
C1
8. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
The security kernel
A1
Indirect addressing
9. Applications and user activity
Security Policy - Orange Book
Direct addressing
Buffer (temporary data storage area)
Ring 3
10. Which describe a condition when RAM and Secondary storage are used together?
The National Computer Security Center (NCSC)
No read up
Simple Integrity Axiom
Virtual storage
11. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Accountability - Orange Book
Totality of protection mechanisms
A lattice of Intergrity Levels
attributability
12. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
The security perimeter
Sensitivity labels
Trusted Distribution
Continuous protection - O/B
13. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
*-Integrity Axiom
A single classification and a Compartment Set
Life-cycle assurance - O/B
B2
14. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Security Policy is clearly defined and documented
Fail safe
attributability
B3 - Rating
15. When the RAM and secondary storage are combined the result is __________.
Need-to-know
B3 - Security Domains
Protection Rings Support
Virtual Memory
16. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
Indexed addressing
Multilevel Security Policies
Documentation - Orange Book
17. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Subject to Object Model
B3 - Rating
No read down
Secondary Storage
18. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
An abstract machine
The reference monitor
Discretionary Security Property (ds-property)
19. Happen because input data is not checked for appropriate length at time of input
The Red Book
A and B
Buffer overflows
Scalar processors
20. The Bell-LaPadula model Subjects and Objects are ___________.
C1
Assigned labels
Trusted hardware - Software and Firmware
The National Computer Security Center (NCSC)
21. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
A Base Register (Memory Management)
A Domain
Security rating B
Thrashing
22. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
NOT Integrity
Buffer (temporary data storage area)
Sensitivity labels
Overt channel
23. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Firmware
Be protected from modification
Mandatory access control
Operational assurance requirements
24. Should always trace to individuals responsible for observing and recording the data
Attributable data
A lattice of Intergrity Levels
Multilevel Security Policies
Orange Book interpretations
25. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
The Evaluated Products List (EPL) with their corresponding rating
Simple Integrity Axiom
Its classification label (Top Secret - Secret or confidential)
26. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Prevent secret information from being accessed
A Limit Register (Memory Management)
The Clark Wilson integrity model
Physical security
27. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Basic Security Theorem (used in computer science) definition
Orange Book - B1
No read up
28. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Accreditation
Dedicated Security Mode
Pagefile.sys file
A Limit Register (Memory Management)
29. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Overt channel
Division B - Mandatory Protection Architecture
A Layered Operating System Architecure
Life Cycle Assurance Requirement
30. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Its Clearance Label (Top Secret - Secret - or Confidential)
Administrative declaration
Orange Book - A1
Higher or equal to access class
31. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
The Monolithic Operation system Architecture
The "No write Down" Rule
Multiprocessing
32. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Dominate the object's sensitivity label
C1
Basic Security Theorem (used in computer science) definition
A Domain
33. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
The National Computer Security Center (NCSC)
Subject to Object Model
C2
B3
34. Which increases the performance in a computer by overlapping the steps of different instructions?
C2
Thrashing
Pipelining
A security kernel
35. In the Bell-LaPadula Model the Object's Label contains ___________________.
Reduced Instruction Set Computers (RISC)
D
The National Computer Security Center (NCSC)
Its classification label (Top Secret - Secret or confidential)
36. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Isolate processes
Orange Book interpretations
Scalar processors
37. The Reserved hard drive space used to to extend RAM capabilites.
A single classification and a Compartment Set
The Monolithic Operation system Architecture
Files - directories and devices
Swap Space
38. Mandatory Protection
The Red Book
Attributable data
Orange Book B
Orange Book C
39. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Indexed addressing
The Rule is talking about writing
The Thread (memory Management)
An abstract machine
40. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Firmware
Accountability - Orange Book
Controlling unauthorized downgrading of information
Cache Memory
41. Execute one instruction at a time.
Scalar processors
Division D - Minimal Protection
No write down
Absolute addresses
42. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Integrity
C2
B3 - Security Domains
The National Computer Security Center (NCSC)
43. Based on a known address with an offset value applied.
Absolute addresses
Prevent secret information from being accessed
B3
Relative Addresses
44. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Prevent secret information from being accessed
Dedicated Security Mode
C2 - Controlled Access Protection
45. When the address location that is specified in the program instruction contains the address of the final desired location.
Scalar processors
Indirect addressing
C2 - Controlled Access Protection
The Simple Security Property
46. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
B3
C2 - Controlled Access Protection
Assigned labels
47. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Higher or equal to access class
The rule is talking about "Reading"
Evaluated separately
C1 - Discretionary Security Protection
48. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
B1 - Labeled Security
Examples of Layered Operating Systems
The reference monitor
Division D - Minimal Protection
49. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Stored in Reak Memory
D
In C2 - Controlled Access Protection environment
The security perimeter
50. The *-Property rule is refered to as ____________.
The "No write Down" Rule
In C2 - Controlled Access Protection environment
Bell-LaPadula Model
Orange Book - B1