SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Security Model Incorporates the ____________ that should be enforced in the system.
Isolate processes
Pipelining
Security Policy
Relative Addresses
2. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
C2 - Controlled Access Protection
Invocation Property
Orange Book ratings
3. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
The Clark Wilson integrity model
A single classification and a Compartment Set
Multilevel Security Policies
Secondary Storage
4. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Relative Addresses
Division B - Mandatory Protection Architecture
Execution Domain
Firmware
5. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Assigned labels
The "No read Up" rule
Clark-Wilson
B3
6. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
The Rule is talking about writing
Polyinstantiation
Orange Book C
7. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
No read up
Orange Book - A1
Certification
Protection Rings Support
8. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
A Thread
Isolate processes
Real storage
Logical addresses
9. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
No read down
B1 - Labeled Security rating
Administrative declaration
10. A set of objects that a subject is able to access
A Domain
Simple Integrity Axiom
The security perimeter
Pagefile.sys file
11. Which increases the performance in a computer by overlapping the steps of different instructions?
A security kernel
The Biba Model
Pipelining
Secondary Storage
12. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
In C2 - Controlled Access Protection environment
Basic Security Theorem (used in computer science) definition
The reference monitor
An abstract machine
13. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Integrity
Firmware
Most commonly used approach
D
14. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The National Computer Security Center (NCSC)
security protection mechanisms
Pipelining
Administrative declaration
15. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
State machine model
Access Matrix model
Real storage
16. The *-Property rule is refered to as ____________.
The "No write Down" Rule
TCB (Trusted Computing Base)
Prevent secret information from being accessed
Trusted Network Interpretation (TNI)
17. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Compare the security labels
No read down
A1 - Rating
18. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. Should always trace to individuals responsible for observing and recording the data
Attributable data
C2 - Controlled Access Protection
Primary storage
Programmable Read-Only Memory (PROM)
20. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
The security kernel
Need-to-know
Multitasking
Security mechanisms and evalautes their effectivenes
21. What does the simple integrity axiom mean in the Biba model?
A Base Register (Memory Management)
A Thread
Documentation - Orange Book
No read down
22. When a portion of primary memory is accessed by specifying the actual address of the memory location
Documentation - Orange Book
Direct addressing
A lattice of Intergrity Levels
Trusted Distribution
23. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
C2
The Trusted Computing Base (TCB)
Types of covert channels
Direct addressing
24. The Simple Security rule is refered to as______________.
Ring 0
The *-Property rule (Star property)
The "No read Up" rule
The Common Criteria
25. Which uses Protection Profiles and Security Targets?
International Standard 15408
Division C - Discretionary Protection
Orange Book - B1
A Thread
26. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
B3 - Security Domains
Types of covert channels
Totality of protection mechanisms
27. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
D
The security perimeter
A and B
28. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Relative Addresses
Life Cycle Assurance Requirement
Mandatory Access Control (MAC)
B1
29. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Ring 2
B1
Attributable - original - accurate - contemporaneous and legible
30. The combination of RAM - Cache and the Processor Registers
Be protected from modification
Documentation - Orange Book
Erasable and Programmable Read-Only Memory (EPROM)
Primary storage
31. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
A1 - Rating
The "No write Down" Rule
Indexed addressing
The *-Property rule (Star property)
32. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Security Policy
Orange Book ratings
The National Computer Security Center (NCSC)
C1 - Discretionary Security Protection
33. Mandatory Protection
Orange Book B
'Dominate'
Labels - Orange Book
Clark-Wilson Model
34. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Multitasking
C2 - Controlled Access Protection
Thrashing
Compare the security labels
35. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Disclosure of residual data
Covert channels
Cache Memory
36. Remaining parts of the operating system
Indexed addressing
The trustworthiness of an information system
Physical security
Ring 1
37. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Security Policy
Constrained
Life-cycle assurance - O/B
38. A Policy based control. All objects and systems have a sensitivity level assigned to them
Mandatory Access Control (MAC)
Controlling unauthorized downgrading of information
The National Computer Security Center (NCSC)
Orange Book - B1
39. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Life-cycle assurance - O/B
Documentation - Orange Book
Orange Book - B2
Overt channel
40. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Orange Book - B3
Buffer overflows
The Common Criteria
C2 - Controlled Access Protection
41. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Stored in Reak Memory
Overt channel
Need-to-know
42. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
A and B
Invocation Property
Examples of Layered Operating Systems
The Biba Model
43. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
The National Computer Security Center (NCSC)
Continuous protection - O/B
Ring 3
Orange Book ratings
44. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Overt channel
The Rule is talking about writing
Programmable Read-Only Memory (PROM)
Direct Addressing
45. Contains the ending address
First evaluation class
A Limit Register (Memory Management)
Evaluated separately
Examples of Layered Operating Systems
46. Verification Protection
Trusted facility management
Buffer (temporary data storage area)
Orange Book A
Orange Book - B3
47. Discretionary protection
An abstract machine
A Thread
Evaluated separately
Orange Book C
48. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Covert channels
C1 - Discrection Security Protection is a type of environment
Access control to the objects by the subjects
B2
49. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Orange Book - A1
A Base Register (Memory Management)
The Strong star property rule
50. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
The Biba Model
Isolate processes
Models concerned with integrity
