SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
security protection mechanisms
Logical addresses
Trusted Network Interpretation (TNI)
Basic Security Theorem (used in computer science) definition
2. Which is an ISO standard product evaluation criteria that supersedes several different criteria
A and B
The Common Criteria
Relative Addresses
Trusted Network Interpretation (TNI)
3. Which Orange Book evaluation level is described as "Verified Design"?
Orange Book - B1
Totality of protection mechanisms
A1
Examples of Layered Operating Systems
4. Contains the beginning address
A Base Register (Memory Management)
The National Computer Security Center (NCSC)
Orange Book - D
The "No write Down" Rule
5. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book A
Polyinstantiation
The Strong star property rule
6. Used by Windows systems to reserve the "Swap Space"
Basic Security Theorem (used in computer science) definition
State machine model
Pagefile.sys file
Highly secure systems (B2 - B3 and A1)
7. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Security rating B
No write down
Covert channels
Continuous protection - O/B
8. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
In C2 - Controlled Access Protection environment
No write down
Constrained
The Integrity of data within applications
9. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Networks and Communications
Models concerned with integrity
Implement software or systems in a production environment
Controlling unauthorized downgrading of information
10. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
In C2 - Controlled Access Protection environment
Physical security
Protection Rings Support
Overt channel
11. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
attributability
Swap Space
Orange Book - A1
Trusted Products Evaluation Program (TPEP)
12. The Orange book requires protection against two_____________ - which are these Timing and Storage
Models concerned with integrity
Orange Book - A1
Types of covert channels
Buffer overflows
13. In access control terms - the word "dominate" refers to ___________.
State machine model
Erasable and Programmable Read-Only Memory (EPROM)
Higher or equal to access class
C1 - Discrection Security Protection is a type of environment
14. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Security rating B
Types of covert channels
C1
Division B - Mandatory Protection Architecture
15. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Prohibits
D
The Thread (memory Management)
16. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Life Cycle Assurance Requirement
Simple Integrity Axiom
The National Computer Security Center (NCSC)
17. The total combination of protection mechanisms within a computer system
All Mandatory Access Control (MAC) systems
Multilevel Security Policies
TCB (Trusted Computing Base)
The Evaluated Products List (EPL) with their corresponding rating
18. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Government and military applications
Trusted facility management
C2 - Controlled Access Protection
Trusted Network Interpretation (TNI)
19. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Ring 2
Clark-Wilson
The trustworthiness of an information system
The rule is talking about "Reading"
20. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Controlling unauthorized downgrading of information
B1 - Labeled Security
The National Computer Security Center (NCSC)
21. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Higher or equal to access class
Need-to-know
Discretionary Security Property (ds-property)
Division C - Discretionary Protection
22. Which can be used as a covert channel?
Models concerned with integrity
Identification - Orange Book
Buffer (temporary data storage area)
Storage and timing
23. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Most commonly used approach
Indirect addressing
security protection mechanisms
24. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Simple Security Property
Operational assurance requirements
Attributable data
The Strong star property rule
25. Permits a database to have two records that are identical except for Their classifications
Orange Book A
Orange Book B
Polyinstantiation
Attributable - original - accurate - contemporaneous and legible
26. A type of memory used for High-speed writing and reading activities.
Isolate processes
Cache Memory
Buffer overflows
Swap Space
27. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Security rating B
The security perimeter
Execution Domain
C2
28. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
B2 rating
Operational assurance requirements
Orange Book ratings
Highly secure systems (B2 - B3 and A1)
29. The Simple Security rule is refered to as______________.
C2 - Controlled Access Protection
Be protected from modification
The "No read Up" rule
Controlling unauthorized downgrading of information
30. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Trusted Distribution
Its classification label (Top Secret - Secret or confidential)
Security Policy is clearly defined and documented
A1 - Rating
31. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Administrative declaration
Clark-Wilson
C1 - Discretionary Security Protection
Division D - Minimal Protection
32. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Multiprocessing
Dedicated Security Mode
Documentation - Orange Book
Clark-Wilson Model
33. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
No write down
Labels - Orange Book
All Mandatory Access Control (MAC) systems
Simple Integrity Axiom
34. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Orange Book - B2
Fail safe
C2
35. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A Layered Operating System Architecure
*-Integrity Axiom
Documentation - Orange Book
The Clark Wilson integrity model
36. Contains an Address of where the instruction and dara reside that need to be processed.
Prohibits
Programmable Read-Only Memory (PROM)
C2
The Thread (memory Management)
37. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
C1 - Discrection Security Protection is a type of environment
The *-Property rule (Star property)
C1
Compare the security labels
38. According to the Orange Book - trusted facility management is not required for which security levels?
Virtual storage
Highly secure systems (B2 - B3 and A1)
A and B
B1
39. Which would be designated as objects on a MAC system?
The Integrity of data within applications
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Files - directories and devices
The Thread (memory Management)
40. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Indirect addressing
Complex Instruction Set Computers (CISC)
C2
Highly secure systems (B2 - B3 and A1)
41. The Bell-LaPadula model Subjects and Objects are ___________.
Orange Book interpretations
A Layered Operating System Architecure
Assigned labels
Ring 2
42. Simpler instructions that require fewer clock cycles to execute.
Reduced Instruction Set Computers (RISC)
The Security Kernel
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Operational assurance requirements
43. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The security perimeter
Controlling unauthorized downgrading of information
Security mechanisms and evalautes their effectivenes
Ring 2
44. A Policy based control. All objects and systems have a sensitivity level assigned to them
The National Computer Security Center (NCSC)
Mandatory Access Control (MAC)
State machine model
A Limit Register (Memory Management)
45. The Security Model Incorporates the ____________ that should be enforced in the system.
Virtual Memory
Security Policy
Trusted facility management
The Clark Wilson integrity model
46. The combination of RAM - Cache and the Processor Registers
Primary storage
Sensitivity labels
B1
A Thread
47. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
Isolate processes
A security domain
Prevent secret information from being accessed
48. Which is a straightforward approach that provides access rights to subjects for objects?
The Evaluated Products List (EPL) with their corresponding rating
C2 - Controlled Access Protection
Labels - Orange Book
Access Matrix model
49. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
The Clark Wilson integrity model
Attributable - original - accurate - contemporaneous and legible
Orange Book ratings
50. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Virtual storage
Assigned labels
A Limit Register (Memory Management)
Programmable Read-Only Memory (PROM)