SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Primary storage
The security perimeter
C2 - Controlled Access Protection
Orange Book - B2
2. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Clark-Wilson Model
Orange Book ratings
Simple Security Rule
Orange Book - B2
3. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Be protected from modification
Overt channel
Storage and timing
4. A type of memory used for High-speed writing and reading activities.
Life Cycle Assurance Requirement
B3
Cache Memory
Storage and timing
5. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Orange Book - D
Programmable Read-Only Memory (PROM)
Security Policy is clearly defined and documented
The National Computer Security Center (NCSC)
6. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Labels - Orange Book
Dedicated Security Mode
The Trusted Computing Base (TCB)
B3
7. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Operational assurance requirements
Relative Addresses
Administrative declaration
Need-to-know
8. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Its Clearance Label (Top Secret - Secret - or Confidential)
Virtual Memory
The Strong star property rule
9. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Integrity
Division B - Mandatory Protection Architecture
Models concerned with integrity
Buffer overflows
10. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Protection Rings Support
Disclosure of residual data
The Monolithic Operation system Architecture
11. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Storage and timing
Indirect addressing
Orange Book - B2
12. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
B1
First evaluation class
Files - directories and devices
A Limit Register (Memory Management)
13. The total combination of protection mechanisms within a computer system
Most commonly used approach
Relative Addresses
TCB (Trusted Computing Base)
The Tranqulity principle (The Bell-LaPadula Model)
14. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
The Common Criteria
First evaluation class
Networks and Communications
15. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Orange Book ratings
All Mandatory Access Control (MAC) systems
Covert channels
The Integrity of data within applications
16. When the contents of the address defined in the program's instruction is added to that of an index register.
Indexed addressing
The reference monitor
The TCSEC - Aka Orange Book
Its Clearance Label (Top Secret - Secret - or Confidential)
17. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Mandatory Access Control (MAC)
Multilevel Security Policies
Virtual storage
18. The Orange book requires protection against two_____________ - which are these Timing and Storage
Continuous protection - O/B
Programmable Read-Only Memory (PROM)
Types of covert channels
Compare the security labels
19. Permits a database to have two records that are identical except for Their classifications
B1 - Labeled Security rating
Polyinstantiation
Dominate the object's sensitivity label
B1
20. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Assigned labels
Examples of Layered Operating Systems
An abstract machine
The Evaluated Products List (EPL) with their corresponding rating
21. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Dedicated Security Mode
The Strong star property rule
Disclosure of residual data
B3
22. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
C2
Bell-LaPadula Model
Discretionary Security Property (ds-property)
A security kernel
23. A Policy based control. All objects and systems have a sensitivity level assigned to them
Multiprocessing
The Monolithic Operation system Architecture
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
24. The Reserved hard drive space used to to extend RAM capabilites.
Clark-Wilson
Highly secure systems (B2 - B3 and A1)
Swap Space
A1
25. Which is a straightforward approach that provides access rights to subjects for objects?
Networks and Communications
C1
The Rule is talking about writing
Access Matrix model
26. What prevents a process from accessing another process' data?
security protection mechanisms
Process isolation
Direct Addressing
The National Computer Security Center (NCSC)
27. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The Clark Wilson integrity model
Certification
Invocation Property
B1
28. Each data object must contain a classification label and each subject must have a clearance label.
Dedicated Security Mode
B1 - Labeled Security
The National Computer Security Center (NCSC)
Buffer (temporary data storage area)
29. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Administrative declaration
The Simple Security Property
Ring 0
State machine model
30. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
The *-Property rule (Star property)
C1
Trusted facility management
31. Used by Windows systems to reserve the "Swap Space"
B3
Pagefile.sys file
B3 - Rating
B1
32. According to the Orange Book - trusted facility management is not required for which security levels?
No write down
C2 - Controlled Access Protection
B1
The Rule is talking about writing
33. The Security Model Incorporates the ____________ that should be enforced in the system.
Prohibits
Trusted Network Interpretation (TNI)
Security Policy
Stored in Reak Memory
34. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Security Policy is clearly defined and documented
Integrity
*-Integrity Axiom
A1 - Rating
35. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Security Policy - Orange Book
Overt channel
Division B - Mandatory Protection
Buffer overflows
36. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Accountability - Orange Book
Government and military applications
The security perimeter
Logical addresses
37. When the RAM and secondary storage are combined the result is __________.
Totality of protection mechanisms
Virtual Memory
Isolate processes
Direct addressing
38. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The trustworthiness of an information system
Orange Book A
Complex Instruction Set Computers (CISC)
Attributable - original - accurate - contemporaneous and legible
39. The Bell-LaPadula Model is a _______________.
Orange Book - A1
Primary storage
International Standard 15408
Subject to Object Model
40. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. Based on a known address with an offset value applied.
Files - directories and devices
Relative Addresses
Security Policy - Orange Book
Pagefile.sys file
42. Data in Cache can be accessed much more quickly than Data
Storage and timing
Stored in Reak Memory
Virtual storage
Dedicated Security Mode
43. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Fail safe
Evaluated separately
System High Security Mode
Implement software or systems in a production environment
44. What does the simple integrity axiom mean in the Biba model?
No read down
Dedicated Security Mode
Orange Book - B3
Security rating B
45. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Accountability - Orange Book
Trusted Network Interpretation (TNI)
Protection Rings Support
46. The Indexed memory addresses that software uses
Logical addresses
Covert channels
Security mechanisms and evalautes their effectivenes
Evaluated separately
47. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
B2 rating
B3
Operational assurance requirements
C2
48. Execute one instruction at a time.
Scalar processors
The trustworthiness of an information system
Storage and timing
B2
49. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Multilevel Security Policies
The Rule is talking about writing
Clark-Wilson
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
50. The Biba Model adresses _____________________.
Life-cycle assurance - O/B
The Integrity of data within applications
Dedicated Security Mode
A Limit Register (Memory Management)
