SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Access control labels must be associated properly with objects.
Labels - Orange Book
Prevent secret information from being accessed
Controls the checks
A single classification and a Compartment Set
2. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Buffer (temporary data storage area)
Disclosure of residual data
The Integrity of data within applications
System High Security Mode
3. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Multiprocessing
Higher or equal to access class
Subject to Object Model
4. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
A Base Register (Memory Management)
Life-cycle assurance - O/B
The reference monitor
5. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Multitasking
B1 - Labeled Security rating
A security kernel
Storage and timing
6. A type of memory used for High-speed writing and reading activities.
Cache Memory
Life-cycle assurance - O/B
Buffer overflows
Simple Security Rule
7. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Clark-Wilson Model
Complex Instruction Set Computers (CISC)
Polyinstantiation
C1 - Discrection Security Protection is a type of environment
8. The total combination of protection mechanisms within a computer system
System High Security Mode
A single classification and a Compartment Set
B2
TCB (Trusted Computing Base)
9. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Orange Book - B2
Fail safe
All Mandatory Access Control (MAC) systems
B3 - Security Domains
10. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Indirect addressing
Multilevel Security Policies
C1
Fail safe
11. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Implement software or systems in a production environment
Primary storage
A Limit Register (Memory Management)
12. In access control terms - the word "dominate" refers to ___________.
Primary storage
The reference monitor
Higher or equal to access class
Programmable Read-Only Memory (PROM)
13. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The security kernel
The Clark Wilson integrity model
Erasable and Programmable Read-Only Memory (EPROM)
The Common Criteria
14. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The *-Property rule (Star property)
The Biba Model
Trusted facility management
Discretionary Security Property (ds-property)
15. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Accreditation
C2 - Controlled Access Protection
A and B
Buffer (temporary data storage area)
16. Succesfully Evaluated products are placed on?
Need-to-know
Pagefile.sys file
The Common Criteria
The Evaluated Products List (EPL) with their corresponding rating
17. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Networks and Communications
attributability
Absolute addresses
Ring 3
18. The Orange book requires protection against two_____________ - which are these Timing and Storage
B3 - Security Domains
A and B
The *-Property rule (Star property)
Types of covert channels
19. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Administrative declaration
The *-Property rule (Star property)
The Red Book
20. Which describe a condition when RAM and Secondary storage are used together?
Discretionary Security Property (ds-property)
In C2 - Controlled Access Protection environment
The "No write Down" Rule
Virtual storage
21. Contains an Address of where the instruction and dara reside that need to be processed.
Multiprocessing
The *-Property rule (Star property)
The Thread (memory Management)
Enforces the rules
22. Can be erased - modified and upgraded.
Absolute addresses
Accreditation
Erasable and Programmable Read-Only Memory (EPROM)
Fail safe
23. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Multiprocessing
Files - directories and devices
Controls the checks
Access Matrix model
24. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Clark-Wilson Model
Division C - Discretionary Protection
System High Security Mode
C1 - Discretionary Security Protection
25. The Orange book does NOT Cover ________________ - And Database management systems
Indirect addressing
The National Computer Security Center (NCSC)
C1
Networks and Communications
26. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Swap Space
In C2 - Controlled Access Protection environment
NOT Integrity
'Dominate'
27. Discretionary protection
Orange Book C
No read down
Compare the security labels
The "No read Up" rule
28. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
The National Computer Security Center (NCSC)
Prohibits
Thrashing
29. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Controlling unauthorized downgrading of information
C1 - Discrection Security Protection is a type of environment
Need-to-know
The security perimeter
30. TCB contains The Security Kernel and all ______________.
Virtual Memory
security protection mechanisms
Implement software or systems in a production environment
The Clark Wilson integrity model
31. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
The Biba Model
Security rating B
A and B
Orange Book ratings
32. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
The Biba Model
Virtual Memory
Virtual storage
Implement software or systems in a production environment
33. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Discretionary Security Property (ds-property)
A and B
A single classification and a Compartment Set
A Domain
34. Mandatory Access requires that _____________ be attached to all objects.
Orange Book ratings
B3
Sensitivity labels
A Thread
35. Contains the beginning address
Attributable - original - accurate - contemporaneous and legible
Orange Book ratings
A Base Register (Memory Management)
Evaluated separately
36. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Stored in Reak Memory
Totality of protection mechanisms
B1 - Labeled Security rating
37. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Be protected from modification
Operational assurance requirements
Certification
Trusted Products Evaluation Program (TPEP)
38. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
The trustworthiness of an information system
Trusted hardware - Software and Firmware
Indexed addressing
Division B - Mandatory Protection
39. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Life Cycle Assurance Requirement
Thrashing
Buffer (temporary data storage area)
Process isolation
40. Which TCSEC level first addresses object reuse?
The rule is talking about "Reading"
Documentation - Orange Book
Orange Book A
C2
41. Which Orange Book evaluation level is described as "Verified Design"?
Indexed addressing
A1
Trusted facility management
B3 - Security Domains
42. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Thrashing
The Strong star property rule
Enforces the rules
43. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
A security kernel
Multiprocessing
The security perimeter
No write down
44. Happen because input data is not checked for appropriate length at time of input
Absolute addresses
Buffer overflows
Sensitivity labels
Subject to Object Model
45. All users have a clearance for and a formal need to know about - all data processed with the system.
Execution Domain
Dedicated Security Mode
Orange Book - B2
B3
46. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Access Matrix model
Be protected from modification
TCB (Trusted Computing Base)
47. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
*-Integrity Axiom
Government and military applications
Simple Security Rule
48. What is called the formal acceptance of the adequacy of a system's overall security by management?
Orange Book interpretations
Accreditation
Integrity
Buffer overflows
49. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Overt channel
Its Clearance Label (Top Secret - Secret - or Confidential)
Sensitivity labels
B3 - Rating
50. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Virtual Memory
First evaluation class
Attributable - original - accurate - contemporaneous and legible
The Strong star property rule
