SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Cache Memory
A security kernel
Certification
System High Security Mode
2. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
In C2 - Controlled Access Protection environment
Access Matrix model
Division D - Minimal Protection
3. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Stored in Reak Memory
The TCSEC - Aka Orange Book
Erasable and Programmable Read-Only Memory (EPROM)
security protection mechanisms
4. Individual subjects must be uniquely identified.
Identification - Orange Book
The National Computer Security Center (NCSC)
Mandatory Access Control (MAC)
C1
5. Which increases the performance in a computer by overlapping the steps of different instructions?
B3
attributability
Pipelining
Orange Book - D
6. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
A1 - Rating
Accreditation
The security perimeter
The Red Book
7. Which would be designated as objects on a MAC system?
Ring 0
The Security Kernel
Files - directories and devices
The Clark Wilson integrity model
8. Applications and user activity
Ring 3
The reference monitor
Security Policy - Orange Book
C1 - Discrection Security Protection is a type of environment
9. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
The Biba Model
Clark-Wilson Model
Swap Space
Orange Book interpretations
10. What is called the formal acceptance of the adequacy of a system's overall security by management?
Administrative declaration
Evaluated separately
Process isolation
Accreditation
11. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The Security Kernel
Isolate processes
Programmable Read-Only Memory (PROM)
A Thread
12. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Orange Book - B3
Swap Space
Need-to-know
The Red Book
13. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Secondary Storage
C2
Labels - Orange Book
14. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Isolate processes
Enforces the rules
A1 - Rating
Continuous protection - O/B
15. All users have a clearance for and a formal need to know about - all data processed with the system.
Indirect addressing
Dedicated Security Mode
Trusted Products Evaluation Program (TPEP)
Ring 0
16. Discretionary protection
Trusted Products Evaluation Program (TPEP)
Attributable - original - accurate - contemporaneous and legible
Orange Book C
Trusted Network Interpretation (TNI)
17. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Assigned labels
Relative Addresses
A lattice of Intergrity Levels
Multilevel Security Policies
18. Access control labels must be associated properly with objects.
B3
Labels - Orange Book
Mandatory Access Control (MAC)
Security mechanisms and evalautes their effectivenes
19. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
A Base Register (Memory Management)
Logical addresses
Overt channel
20. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Subject to Object Model
Trusted Network Interpretation (TNI)
Protection Rings Support
21. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Attributable - original - accurate - contemporaneous and legible
Evaluated separately
Ring 1
Continuous protection - O/B
22. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Assigned labels
Virtual Memory
International Standard 15408
The Monolithic Operation system Architecture
23. Data in Cache can be accessed much more quickly than Data
Ring 1
Isolate processes
An abstract machine
Stored in Reak Memory
24. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Cache Memory
State machine model
Compare the security labels
The security perimeter
25. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
The Trusted Computing Base (TCB)
D
Ring 3
Simple Security Rule
26. The Bell-LaPadula Model is a _______________.
Files - directories and devices
Documentation - Orange Book
Subject to Object Model
B1
27. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Primary storage
attributability
B2 - Structured Protection
Operational assurance requirements
28. The Reserved hard drive space used to to extend RAM capabilites.
Its classification label (Top Secret - Secret or confidential)
The Integrity of data within applications
Swap Space
C1 - Discrection Security Protection is a type of environment
29. Which uses Protection Profiles and Security Targets?
The *-Property rule (Star property)
Constrained
International Standard 15408
A Base Register (Memory Management)
30. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Virtual storage
A Thread
The *-Property rule (Star property)
B2 - Structured Protection
31. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Orange Book - B3
Virtual storage
Models concerned with integrity
Covert channels
32. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Attributable data
Dominate the object's sensitivity label
NOT Integrity
Dedicated Security Mode
33. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
The trustworthiness of an information system
Basic Security Theorem (used in computer science) definition
Real storage
Operational assurance requirements
34. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
Orange Book - B2
Orange Book - A1
Direct addressing
35. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. Which is a straightforward approach that provides access rights to subjects for objects?
Mandatory access control
The trustworthiness of an information system
Access Matrix model
Compare the security labels
37. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Operational assurance requirements
attributability
Administrative declaration
Mandatory Access Control (MAC)
38. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Its Clearance Label (Top Secret - Secret - or Confidential)
Accreditation
First evaluation class
39. Based on a known address with an offset value applied.
Relative Addresses
Pagefile.sys file
Buffer (temporary data storage area)
Administrative declaration
40. The Biba Model adresses _____________________.
Most commonly used approach
The Integrity of data within applications
Attributable data
Trusted Network Interpretation (TNI)
41. TCB contains The Security Kernel and all ______________.
Division D - Minimal Protection
Direct addressing
security protection mechanisms
Division B - Mandatory Protection Architecture
42. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Compare the security labels
Higher or equal to access class
Indexed addressing
Prevent secret information from being accessed
43. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Certification
The Monolithic Operation system Architecture
B1 - Labeled Security rating
The security kernel
44. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Its Clearance Label (Top Secret - Secret - or Confidential)
Prohibits
Security Policy is clearly defined and documented
The Red Book
45. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Examples of Layered Operating Systems
Virtual storage
Life Cycle Assurance Requirement
The Strong star property rule
46. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Scalar processors
Government and military applications
Secondary Storage
47. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Indexed addressing
B1
Controlling unauthorized downgrading of information
Scalar processors
48. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
Trusted Distribution
Ring 3
State machine model
49. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Dominate the object's sensitivity label
Orange Book ratings
C2
A Thread
50. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Storage and timing
Primary storage
The National Computer Security Center (NCSC)
C1
