SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Simpler instructions that require fewer clock cycles to execute.
Isolate processes
Reduced Instruction Set Computers (RISC)
Accreditation
Constrained
2. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Integrity
TCB (Trusted Computing Base)
Multiprocessing
C2 - Controlled Access Protection
3. Verification Protection
Orange Book A
B3 - Security Domains
Swap Space
A and B
4. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
A security kernel
Security mechanisms and evalautes their effectivenes
B2
5. Which in the Orange Book ratings represents the highest level of trust?
Controls the checks
The "No write Down" Rule
Protection Rings Support
B2
6. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
'Dominate'
Execution Domain
Physical security
Bell-LaPadula Model
7. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The "No write Down" Rule
attributability
Labels - Orange Book
Orange Book A
8. Should always trace to individuals responsible for observing and recording the data
Attributable data
The Common Criteria
Thrashing
The security kernel
9. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
The Simple Security Property
Buffer overflows
Security mechanisms and evalautes their effectivenes
Certification
10. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
International Standard 15408
Administrative declaration
Clark-Wilson Model
The rule is talking about "Reading"
11. Minimal Security
Orange Book - D
Orange Book - A1
Models concerned with integrity
C2
12. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
B1 - Labeled Security rating
Invocation Property
Disclosure of residual data
C2
13. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Prohibits
Real storage
Government and military applications
Division C - Discretionary Protection
14. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Reduced Instruction Set Computers (RISC)
Disclosure of residual data
A1 - Rating
Firmware
15. TCB contains The Security Kernel and all ______________.
Primary storage
Its Clearance Label (Top Secret - Secret - or Confidential)
Reduced Instruction Set Computers (RISC)
security protection mechanisms
16. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
An abstract machine
B3 - Rating
B2 - Structured Protection
17. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Mandatory access control
Orange Book - A1
Division D - Minimal Protection
18. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
Orange Book interpretations
Security mechanisms and evalautes their effectivenes
Polyinstantiation
19. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Pagefile.sys file
Trusted facility management
Real storage
20. Data in Cache can be accessed much more quickly than Data
The TCSEC - Aka Orange Book
No read up
Clark-Wilson Model
Stored in Reak Memory
21. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Constrained
Complex Instruction Set Computers (CISC)
Trusted Products Evaluation Program (TPEP)
Government and military applications
22. The C2 evaluation class of the _________________ offers controlled access protection.
Clark-Wilson
Trusted Network Interpretation (TNI)
Administrative declaration
Access Matrix model
23. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Buffer overflows
Simple Security Rule
Complex Instruction Set Computers (CISC)
Orange Book - B3
24. The Physical memory address that the CPU uses
Absolute addresses
International Standard 15408
A Thread
Government and military applications
25. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Swap Space
Orange Book - A1
Access Matrix model
26. Based on a known address with an offset value applied.
System High Security Mode
Orange Book - B1
Life Cycle Assurance Requirement
Relative Addresses
27. A type of memory used for High-speed writing and reading activities.
Sensitivity labels
Security Policy
Cache Memory
The Red Book
28. The Biba Model adresses _____________________.
The Integrity of data within applications
Controlling unauthorized downgrading of information
Multitasking
A security domain
29. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Constrained
Primary storage
Security mechanisms and evalautes their effectivenes
Multilevel Security Policies
30. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
First evaluation class
Prevent secret information from being accessed
Virtual storage
31. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Dedicated Security Mode
Firmware
Certification
Orange Book - A1
32. A domain of trust that shares a single security policy and single management
A and B
Mandatory access control
The "No read Up" rule
A security domain
33. What does the simple security (ss) property mean in the Bell-LaPadula model?
Process isolation
No read up
C1 - Discretionary Security Protection
Constrained
34. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Storage and timing
State machine model
No read down
Highly secure systems (B2 - B3 and A1)
35. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
B3
Isolate processes
Higher or equal to access class
A1 - Rating
36. TCSEC provides a means to evaluate ______________________.
Most commonly used approach
No write down
The trustworthiness of an information system
Be protected from modification
37. What are the components of an object's sensitivity label?
State machine model
A single classification and a Compartment Set
Stored in Reak Memory
B1
38. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Be protected from modification
Trusted Network Interpretation (TNI)
Life Cycle Assurance Requirement
A Limit Register (Memory Management)
39. Can be erased - modified and upgraded.
A single classification and a Compartment Set
Trusted Network Interpretation (TNI)
A Base Register (Memory Management)
Erasable and Programmable Read-Only Memory (EPROM)
40. The security kernel is the mechanism that _____________ of the reference monitor concept.
Discretionary Security Property (ds-property)
Virtual storage
Enforces the rules
A security kernel
41. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Ring 3
B3
A lattice of Intergrity Levels
State machine model
42. The Bell-LaPadula model Subjects and Objects are ___________.
The security perimeter
Access control to the objects by the subjects
Government and military applications
Assigned labels
43. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Its classification label (Top Secret - Secret or confidential)
attributability
Orange Book - B3
45. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Biba Model
Totality of protection mechanisms
Files - directories and devices
The Monolithic Operation system Architecture
46. Which uses Protection Profiles and Security Targets?
Trusted Distribution
'Dominate'
International Standard 15408
The Trusted Computing Base (TCB)
47. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
Orange Book - D
Logical addresses
The Strong star property rule
48. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Pipelining
The Evaluated Products List (EPL) with their corresponding rating
Ring 1
49. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Its classification label (Top Secret - Secret or confidential)
Life-cycle assurance - O/B
A Base Register (Memory Management)
Sensitivity labels
50. Remaining parts of the operating system
Ring 1
Fail safe
Files - directories and devices
In C2 - Controlled Access Protection environment