Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When the RAM and secondary storage are combined the result is __________.






2. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






3. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






4. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






5. What does the * (star) property mean in the Bell-LaPadula model?






6. What are the components of an object's sensitivity label?






7. The Bell-LaPadula Model is a _______________.






8. A type of memory used for High-speed writing and reading activities.






9. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






10. Minimal Security






11. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






12. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






13. The Security Model Incorporates the ____________ that should be enforced in the system.






14. Which increases the performance in a computer by overlapping the steps of different instructions?






15. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






16. Used by Windows systems to reserve the "Swap Space"






17. Which is an ISO standard product evaluation criteria that supersedes several different criteria






18. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






19. A set of objects that a subject is able to access






20. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






21. In the Bell-LaPadula Model the Object's Label contains ___________________.






22. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






23. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






24. A Policy based control. All objects and systems have a sensitivity level assigned to them






25. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






26. The *-Property rule is refered to as ____________.






27. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






28. The Availability - Integrity and confidentiality requirements of multitasking operating systems






29. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






30. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






31. The security kernel is the mechanism that _____________ of the reference monitor concept.






32. Subjects and Objects cannot change their security levels once they have been instantiated (created)






33. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






34. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






35. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






36. Intended for environments that require systems to handle classified data.






37. Which TCSEC level first addresses object reuse?






38. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






39. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






40. When the contents of the address defined in the program's instruction is added to that of an index register.






41. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






42. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






43. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






44. Contains the ending address






45. Each data object must contain a classification label and each subject must have a clearance label.






46. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






47. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






48. Contains the beginning address






49. Another word for Primary storage and distinguishes physical memory from virtual memory.






50. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.