SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Life Cycle Assurance Requirement
Overt channel
Be protected from modification
Orange Book - B1
2. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
B2 - Structured Protection
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
Evaluated separately
3. Which describe a condition when RAM and Secondary storage are used together?
All Mandatory Access Control (MAC) systems
Virtual storage
D
Indirect addressing
4. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
Pipelining
Trusted facility management
Covert channels
5. A domain of trust that shares a single security policy and single management
A security domain
Storage and timing
Implement software or systems in a production environment
Ring 3
6. Which can be used as a covert channel?
The National Computer Security Center (NCSC)
Mandatory access control
A Limit Register (Memory Management)
Storage and timing
7. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
International Standard 15408
Orange Book ratings
Mandatory access control
Buffer (temporary data storage area)
8. The subject must have Need to Know for ONLY the information they are trying to access.
No read up
The trustworthiness of an information system
Reduced Instruction Set Computers (RISC)
System High Security Mode
9. Execute one instruction at a time.
'Dominate'
Scalar processors
Prohibits
Documentation - Orange Book
10. The Policy must be explicit and well defined and enforced by the mechanisms within the system
The trustworthiness of an information system
Security Policy - Orange Book
Trusted Products Evaluation Program (TPEP)
Orange Book B
11. Which in the Orange Book ratings represents the highest level of trust?
B2
Fail safe
Real storage
Types of covert channels
12. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Trusted hardware - Software and Firmware
Stored in Reak Memory
Erasable and Programmable Read-Only Memory (EPROM)
A security domain
13. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
Government and military applications
Controls the checks
All Mandatory Access Control (MAC) systems
14. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Firmware
B3 - Rating
The Red Book
Continuous protection - O/B
15. The Security Model Incorporates the ____________ that should be enforced in the system.
First evaluation class
Dedicated Security Mode
Subject to Object Model
Security Policy
16. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
Labels - Orange Book
Indirect addressing
Models concerned with integrity
17. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Prohibits
Orange Book - A1
Programmable Read-Only Memory (PROM)
The National Computer Security Center (NCSC)
18. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The Monolithic Operation system Architecture
The *-Property rule (Star property)
The security perimeter
Clark-Wilson Model
19. The Bell-LaPadula Model is a _______________.
Physical security
Subject to Object Model
Invocation Property
Orange Book - B2
20. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
B3
Buffer overflows
A security domain
21. The combination of RAM - Cache and the Processor Registers
Accreditation
Controlling unauthorized downgrading of information
'Dominate'
Primary storage
22. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
Isolate processes
A security domain
Security Policy
23. What access control technique is also known as multilevel security?
Virtual Memory
Mandatory access control
B3
The Red Book
24. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
In C2 - Controlled Access Protection environment
Orange Book ratings
Storage and timing
25. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Certification
C2 - Controlled Access Protection
Orange Book interpretations
Clark-Wilson
26. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Buffer (temporary data storage area)
A Thread
Swap Space
Virtual Memory
27. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Ring 0
Basic Security Theorem (used in computer science) definition
Networks and Communications
Need-to-know
28. What does the simple integrity axiom mean in the Biba model?
No read down
Firmware
Relative Addresses
First evaluation class
29. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Administrative declaration
The Trusted Computing Base (TCB)
B2 rating
B1 - Labeled Security rating
30. The Physical memory address that the CPU uses
Programmable Read-Only Memory (PROM)
Relative Addresses
Cache Memory
Absolute addresses
31. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Pagefile.sys file
Swap Space
Access Matrix model
Scalar processors
32. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
The Red Book
C2 - Controlled Access Protection
Controls the checks
33. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Division B - Mandatory Protection Architecture
Trusted Distribution
Multiprocessing
34. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
B3 - Security Domains
C1
Overt channel
Security Policy is clearly defined and documented
35. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The Security Kernel
Swap Space
Identification - Orange Book
The security perimeter
36. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Programmable Read-Only Memory (PROM)
Complex Instruction Set Computers (CISC)
attributability
System High Security Mode
37. Which would be designated as objects on a MAC system?
Trusted Network Interpretation (TNI)
Multitasking
Files - directories and devices
D
38. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
A Thread
Thrashing
All Mandatory Access Control (MAC) systems
Clark-Wilson Model
39. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Security rating B
The Common Criteria
A Thread
Prevent secret information from being accessed
40. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
Orange Book interpretations
Attributable data
A security domain
41. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Its classification label (Top Secret - Secret or confidential)
International Standard 15408
Discretionary Security Property (ds-property)
Attributable - original - accurate - contemporaneous and legible
42. Succesfully Evaluated products are placed on?
C1
Multilevel Security Policies
Administrative declaration
The Evaluated Products List (EPL) with their corresponding rating
43. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Orange Book A
The Monolithic Operation system Architecture
B3
Invocation Property
44. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Orange Book B
Continuous protection - O/B
Invocation Property
An abstract machine
45. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
B2 rating
Examples of Layered Operating Systems
Orange Book B
All Mandatory Access Control (MAC) systems
46. When the address location that is specified in the program instruction contains the address of the final desired location.
The National Computer Security Center (NCSC)
The Simple Security Property
Indirect addressing
Ring 2
47. What are the components of an object's sensitivity label?
Constrained
Assigned labels
Multitasking
A single classification and a Compartment Set
48. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
The Monolithic Operation system Architecture
Constrained
Stored in Reak Memory
The Integrity of data within applications
50. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
A lattice of Intergrity Levels
Thrashing
Simple Security Rule
A Limit Register (Memory Management)
