SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
State machine model
B1 - Labeled Security rating
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Accountability - Orange Book
2. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
A1 - Rating
Sensitivity labels
Simple Security Rule
The Common Criteria
3. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
C2 - Controlled Access Protection
Trusted Distribution
Simple Integrity Axiom
4. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Orange Book - A1
attributability
Continuous protection - O/B
The security kernel
5. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Trusted Network Interpretation (TNI)
The TCSEC - Aka Orange Book
The "No read Up" rule
Labels - Orange Book
6. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Primary storage
Physical security
Be protected from modification
A security domain
7. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Types of covert channels
Simple Security Rule
Trusted Distribution
Evaluated separately
8. Used by Windows systems to reserve the "Swap Space"
Evaluated separately
Highly secure systems (B2 - B3 and A1)
Access control to the objects by the subjects
Pagefile.sys file
9. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Thrashing
Disclosure of residual data
The Trusted Computing Base (TCB)
10. Which describe a condition when RAM and Secondary storage are used together?
A security kernel
Virtual storage
Controlling unauthorized downgrading of information
A Layered Operating System Architecure
11. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Firmware
Process isolation
B2
12. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Virtual storage
Thrashing
Clark-Wilson
13. When a portion of primary memory is accessed by specifying the actual address of the memory location
Its classification label (Top Secret - Secret or confidential)
C2 - Controlled Access Protection
Direct addressing
Firmware
14. The Orange book does NOT Cover ________________ - And Database management systems
Orange Book B
The security kernel
Isolate processes
Networks and Communications
15. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The Simple Security Property
Complex Instruction Set Computers (CISC)
The Strong star property rule
International Standard 15408
16. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B1
No read down
Orange Book - B3
The Common Criteria
17. Involves sharing the processor amoung all ready processes
The Rule is talking about writing
International Standard 15408
Access control to the objects by the subjects
Multitasking
18. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Files - directories and devices
Basic Security Theorem (used in computer science) definition
'Dominate'
19. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
The Clark Wilson integrity model
Division C - Discretionary Protection
Bell-LaPadula Model
20. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Access control to the objects by the subjects
Controls the checks
Need-to-know
A Domain
21. The *-Property rule is refered to as ____________.
A1
Simple Security Rule
A Domain
The "No write Down" Rule
22. Applications and user activity
The Security Kernel
Documentation - Orange Book
The security kernel
Ring 3
23. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
A1 - Rating
Access control to the objects by the subjects
A Base Register (Memory Management)
Secondary Storage
24. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Files - directories and devices
Absolute addresses
Life Cycle Assurance Requirement
25. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Access control to the objects by the subjects
Accountability - Orange Book
The National Computer Security Center (NCSC)
B3 - Security Domains
26. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Overt channel
Accreditation
attributability
Process isolation
27. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
C1
Swap Space
Division D - Minimal Protection
Administrative declaration
28. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Higher or equal to access class
Swap Space
Pagefile.sys file
Protection Rings Support
29. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Certification
Invocation Property
The Simple Security Property
Orange Book ratings
30. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Overt channel
Division C - Discretionary Protection
Evaluated separately
Assigned labels
31. What does the simple integrity axiom mean in the Biba model?
'Dominate'
Covert channels
No read down
Firmware
32. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Cache Memory
Disclosure of residual data
A Domain
33. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Ring 0
'Dominate'
The Strong star property rule
Accountability - Orange Book
34. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Direct Addressing
Programmable Read-Only Memory (PROM)
Storage and timing
C1
35. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
The "No read Up" rule
Constrained
Accreditation
36. What are the components of an object's sensitivity label?
The Red Book
A single classification and a Compartment Set
Fail safe
A Limit Register (Memory Management)
37. All users have a clearance for and a formal need to know about - all data processed with the system.
TCB (Trusted Computing Base)
Certification
Dedicated Security Mode
A single classification and a Compartment Set
38. What prevents a process from accessing another process' data?
Process isolation
A1 - Rating
A Limit Register (Memory Management)
The security kernel
39. As per FDA data should be ______________________________.
Protection Rings Support
Attributable - original - accurate - contemporaneous and legible
Clark-Wilson
Multitasking
40. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Process isolation
Assigned labels
The "No write Down" Rule
41. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Dedicated Security Mode
Division B - Mandatory Protection
B1
42. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
International Standard 15408
Simple Integrity Axiom
C2 - Controlled Access Protection
43. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Accreditation
Attributable - original - accurate - contemporaneous and legible
The trustworthiness of an information system
B2 - Structured Protection
44. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Trusted Distribution
Orange Book - A1
Trusted facility management
Logical addresses
45. A system uses the Reference Monitor to ___________________ of a subject and an object?
C2
security protection mechanisms
Operational assurance requirements
Compare the security labels
46. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
A Thread
C2
Covert channels
47. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Government and military applications
The Rule is talking about writing
The Tranqulity principle (The Bell-LaPadula Model)
C2 - Controlled Access Protection
48. Which in the Orange Book ratings represents the highest level of trust?
Swap Space
B2
Operational assurance requirements
Multilevel Security Policies
49. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Indirect addressing
B3
Buffer (temporary data storage area)
Life-cycle assurance - O/B
50. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
The rule is talking about "Reading"
Discretionary Security Property (ds-property)
Security mechanisms and evalautes their effectivenes
The Evaluated Products List (EPL) with their corresponding rating
