SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
A Base Register (Memory Management)
Ring 3
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C2 - Controlled Access Protection
2. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
The Red Book
Security mechanisms and evalautes their effectivenes
Implement software or systems in a production environment
Orange Book C
3. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Division B - Mandatory Protection Architecture
Evaluated separately
Dominate the object's sensitivity label
4. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Trusted Network Interpretation (TNI)
Orange Book ratings
The Biba Model
5. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Orange Book B
Direct Addressing
First evaluation class
6. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Reduced Instruction Set Computers (RISC)
Basic Security Theorem (used in computer science) definition
B2
B3
7. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Ring 2
The Thread (memory Management)
Evaluated separately
8. Verification Protection
Isolate processes
Direct Addressing
Orange Book A
Be protected from modification
9. Which would be designated as objects on a MAC system?
The Integrity of data within applications
Orange Book B
Files - directories and devices
B3 - Rating
10. Each data object must contain a classification label and each subject must have a clearance label.
Indirect addressing
A1
Basic Security Theorem (used in computer science) definition
B1 - Labeled Security
11. Which describe a condition when RAM and Secondary storage are used together?
Physical security
Secondary Storage
Virtual storage
The Simple Security Property
12. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
Disclosure of residual data
No read up
The security perimeter
13. Involves sharing the processor amoung all ready processes
Multitasking
Enforces the rules
The Red Book
Secondary Storage
14. What access control technique is also known as multilevel security?
Mandatory access control
Orange Book ratings
Covert channels
The trustworthiness of an information system
15. A set of objects that a subject is able to access
C2 - Controlled Access Protection
A Domain
Security rating B
Administrative declaration
16. When a vendor submits a product for evaluation - it submits it to the ____________.
Scalar processors
A Domain
A1 - Rating
The National Computer Security Center (NCSC)
17. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Clark-Wilson
The Security Kernel
Multitasking
19. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
C1 - Discretionary Security Protection
Direct Addressing
A Domain
Highly secure systems (B2 - B3 and A1)
20. Data in Cache can be accessed much more quickly than Data
Examples of Layered Operating Systems
Simple Security Rule
International Standard 15408
Stored in Reak Memory
21. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Networks and Communications
Indexed addressing
A and B
22. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Basic Security Theorem (used in computer science) definition
Multitasking
Buffer (temporary data storage area)
No write down
23. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
System High Security Mode
The Simple Security Property
Accreditation
Trusted hardware - Software and Firmware
24. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Dominate the object's sensitivity label
The Tranqulity principle (The Bell-LaPadula Model)
An abstract machine
Prohibits
25. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
TCB (Trusted Computing Base)
Physical security
A1
Implement software or systems in a production environment
26. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Buffer (temporary data storage area)
Controlling unauthorized downgrading of information
A1 - Rating
Discretionary Security Property (ds-property)
27. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
The Monolithic Operation system Architecture
Overt channel
Government and military applications
28. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Compare the security labels
Orange Book - B3
Security rating B
The TCSEC - Aka Orange Book
29. What model use an access control triples and requires that the system maintain separation of duty ?
Orange Book interpretations
Networks and Communications
Clark-Wilson
Security Policy
30. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Orange Book - B1
B1 - Labeled Security rating
The Common Criteria
D
31. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
System High Security Mode
Most commonly used approach
Division C - Discretionary Protection
Security rating B
32. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
Complex Instruction Set Computers (CISC)
Documentation - Orange Book
Fail safe
33. Happen because input data is not checked for appropriate length at time of input
Orange Book ratings
B2
Buffer overflows
Process isolation
34. According to the Orange Book - trusted facility management is not required for which security levels?
Storage and timing
B1
Ring 1
Networks and Communications
35. A type of memory used for High-speed writing and reading activities.
The Thread (memory Management)
Cache Memory
Administrative declaration
All Mandatory Access Control (MAC) systems
36. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Pipelining
Physical security
Simple Security Rule
B1
37. Applications and user activity
Buffer overflows
Ring 3
Dominate the object's sensitivity label
Reduced Instruction Set Computers (RISC)
38. Which can be used as a covert channel?
Storage and timing
Sensitivity labels
B1 - Labeled Security
Invocation Property
39. In the Bell-LaPadula Model the Object's Label contains ___________________.
Direct addressing
Administrative declaration
C2
Its classification label (Top Secret - Secret or confidential)
40. When a portion of primary memory is accessed by specifying the actual address of the memory location
The National Computer Security Center (NCSC)
Direct addressing
A1 - Rating
Division C - Discretionary Protection
41. In access control terms - the word "dominate" refers to ___________.
B2
Ring 1
A security domain
Higher or equal to access class
42. Which TCSEC level first addresses object reuse?
First evaluation class
C2
A security domain
Bell-LaPadula Model
43. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The security perimeter
Subject to Object Model
Totality of protection mechanisms
Indirect addressing
44. Access control labels must be associated properly with objects.
Labels - Orange Book
C2
B3 - Rating
No write down
45. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
C2 - Controlled Access Protection
Accountability - Orange Book
Storage and timing
46. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The Rule is talking about writing
The National Computer Security Center (NCSC)
B2 rating
C1
47. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Protection Rings Support
Cache Memory
Identification - Orange Book
The security perimeter
48. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. What does the simple integrity axiom mean in the Biba model?
The Common Criteria
Buffer overflows
The security perimeter
No read down
50. Trusted facility management is an assurance requirement only for ________________.
Totality of protection mechanisms
Trusted facility management
Highly secure systems (B2 - B3 and A1)
Models concerned with integrity