SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The security kernel
A Thread
Invocation Property
A1
2. Minimal Security
Enforces the rules
Most commonly used approach
Security Policy is clearly defined and documented
Orange Book - D
3. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
A and B
Orange Book ratings
Higher or equal to access class
4. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Models concerned with integrity
Simple Integrity Axiom
Attributable data
Security rating B
5. The TCB is the ________________ within a computer system that work together to enforce a security policy.
B1 - Labeled Security rating
B2 - Structured Protection
International Standard 15408
Totality of protection mechanisms
6. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Ring 2
Trusted Network Interpretation (TNI)
Accreditation
7. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
attributability
Disclosure of residual data
The *-Property rule (Star property)
8. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
C2 - Controlled Access Protection
The reference monitor
Its Clearance Label (Top Secret - Secret - or Confidential)
9. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
The National Computer Security Center (NCSC)
Accreditation
Its Clearance Label (Top Secret - Secret - or Confidential)
10. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Thrashing
State machine model
Continuous protection - O/B
Isolate processes
11. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
Real storage
Dominate the object's sensitivity label
The National Computer Security Center (NCSC)
12. When a vendor submits a product for evaluation - it submits it to the ____________.
Evaluated separately
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A lattice of Intergrity Levels
The National Computer Security Center (NCSC)
13. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
A Domain
Division C - Discretionary Protection
C2
Higher or equal to access class
14. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Life-cycle assurance - O/B
B3
Government and military applications
C1 - Discrection Security Protection is a type of environment
15. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Most commonly used approach
Government and military applications
Networks and Communications
16. Access control labels must be associated properly with objects.
Labels - Orange Book
Life-cycle assurance - O/B
Accreditation
Orange Book - A1
17. Execute one instruction at a time.
security protection mechanisms
Reduced Instruction Set Computers (RISC)
Controls the checks
Scalar processors
18. The Security Model Incorporates the ____________ that should be enforced in the system.
Invocation Property
Security Policy
A Base Register (Memory Management)
All Mandatory Access Control (MAC) systems
19. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Most commonly used approach
Programmable Read-Only Memory (PROM)
Bell-LaPadula Model
C2 - Controlled Access Protection
20. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Reduced Instruction Set Computers (RISC)
Covert channels
B3
21. TCB contains The Security Kernel and all ______________.
Simple Integrity Axiom
Subject to Object Model
security protection mechanisms
Assigned labels
22. As per FDA data should be ______________________________.
Continuous protection - O/B
State machine model
Buffer overflows
Attributable - original - accurate - contemporaneous and legible
23. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Trusted Distribution
Orange Book ratings
C1
Integrity
24. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Covert channels
Physical security
Government and military applications
The security kernel
25. Discretionary protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Multilevel Security Policies
Accountability - Orange Book
Orange Book C
26. Subjects and Objects cannot change their security levels once they have been instantiated (created)
B3 - Security Domains
The TCSEC - Aka Orange Book
Files - directories and devices
The Tranqulity principle (The Bell-LaPadula Model)
27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
C2 - Controlled Access Protection
Security Policy
The Biba Model
A and B
28. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Complex Instruction Set Computers (CISC)
The security kernel
The Evaluated Products List (EPL) with their corresponding rating
Orange Book - B2
29. The combination of RAM - Cache and the Processor Registers
Clark-Wilson Model
Invocation Property
Primary storage
B1 - Labeled Security
30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
attributability
Trusted Distribution
Controlling unauthorized downgrading of information
Indirect addressing
31. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
The reference monitor
Access control to the objects by the subjects
Its Clearance Label (Top Secret - Secret - or Confidential)
B3
32. The Orange book requires protection against two_____________ - which are these Timing and Storage
Ring 2
Types of covert channels
The Thread (memory Management)
Orange Book - B3
33. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Most commonly used approach
Models concerned with integrity
Highly secure systems (B2 - B3 and A1)
34. The Indexed memory addresses that software uses
Integrity
Administrative declaration
Mandatory access control
Logical addresses
35. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Logical addresses
The Rule is talking about writing
Integrity
The Common Criteria
36. Which increases the performance in a computer by overlapping the steps of different instructions?
A1
Stored in Reak Memory
Pipelining
A security domain
37. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Simple Integrity Axiom
Scalar processors
Trusted Products Evaluation Program (TPEP)
38. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Polyinstantiation
Operational assurance requirements
A1
C2 - Controlled Access Protection
39. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
The rule is talking about "Reading"
C1 - Discretionary Security Protection
Invocation Property
40. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Assigned labels
The rule is talking about "Reading"
Be protected from modification
Erasable and Programmable Read-Only Memory (EPROM)
41. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Administrative declaration
Orange Book - D
A and B
Orange Book - B1
42. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
C1 - Discretionary Security Protection
Dedicated Security Mode
A security kernel
Polyinstantiation
43. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
C1 - Discrection Security Protection is a type of environment
Continuous protection - O/B
Division C - Discretionary Protection
44. Which is a straightforward approach that provides access rights to subjects for objects?
Execution Domain
The rule is talking about "Reading"
The Security Kernel
Access Matrix model
45. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
The Strong star property rule
C2 - Controlled Access Protection
B1 - Labeled Security
Scalar processors
46. A Policy based control. All objects and systems have a sensitivity level assigned to them
Be protected from modification
Buffer (temporary data storage area)
Programmable Read-Only Memory (PROM)
Mandatory Access Control (MAC)
47. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
The Security Kernel
Enforces the rules
C1 - Discretionary Security Protection
No read down
48. Remaining parts of the operating system
Ring 1
The trustworthiness of an information system
Polyinstantiation
The Tranqulity principle (The Bell-LaPadula Model)
49. The Orange book does NOT Cover ________________ - And Database management systems
Dominate the object's sensitivity label
Networks and Communications
Multilevel Security Policies
Trusted Network Interpretation (TNI)
50. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
B2 - Structured Protection
Clark-Wilson Model
security protection mechanisms
Security Policy is clearly defined and documented
