SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Applications and user activity
All Mandatory Access Control (MAC) systems
Prevent secret information from being accessed
Mandatory access control
Ring 3
2. Should always trace to individuals responsible for observing and recording the data
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Evaluated separately
Attributable data
Orange Book - B1
3. Verification Protection
Buffer (temporary data storage area)
A single classification and a Compartment Set
Sensitivity labels
Orange Book A
4. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
The security kernel
Erasable and Programmable Read-Only Memory (EPROM)
Access control to the objects by the subjects
Orange Book A
5. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
*-Integrity Axiom
C2
Stored in Reak Memory
6. What model use an access control triples and requires that the system maintain separation of duty ?
Complex Instruction Set Computers (CISC)
Orange Book A
Ring 1
Clark-Wilson
7. When a vendor submits a product for evaluation - it submits it to the ____________.
NOT Integrity
The Common Criteria
Attributable data
The National Computer Security Center (NCSC)
8. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Attributable - original - accurate - contemporaneous and legible
System High Security Mode
Discretionary Security Property (ds-property)
The security perimeter
9. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
No write down
Division D - Minimal Protection
B2 - Structured Protection
Orange Book C
10. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
C2
Secondary Storage
C2 - Controlled Access Protection
Be protected from modification
11. A subject at a given clearance may not read an object at a higher classification
No read down
A Layered Operating System Architecure
The Simple Security Property
State machine model
12. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
B3
Life-cycle assurance - O/B
Assigned labels
The Thread (memory Management)
13. A type of memory used for High-speed writing and reading activities.
Fail safe
Orange Book - B2
Access Matrix model
Cache Memory
14. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
A Thread
Virtual Memory
Attributable - original - accurate - contemporaneous and legible
State machine model
15. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Need-to-know
The Red Book
attributability
Simple Security Rule
16. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
B3
Division D - Minimal Protection
Isolate processes
Complex Instruction Set Computers (CISC)
17. Execute one instruction at a time.
Ring 1
Scalar processors
Reduced Instruction Set Computers (RISC)
Covert channels
18. Contains the beginning address
A Base Register (Memory Management)
Complex Instruction Set Computers (CISC)
Division D - Minimal Protection
A security kernel
19. The Bell-LaPadula model Subjects and Objects are ___________.
Security Policy - Orange Book
Assigned labels
Swap Space
The "No read Up" rule
20. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
The rule is talking about "Reading"
Security Policy - Orange Book
A Thread
NOT Integrity
21. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
Buffer (temporary data storage area)
B3
Trusted hardware - Software and Firmware
22. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
System High Security Mode
Pipelining
Complex Instruction Set Computers (CISC)
23. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Direct Addressing
The Trusted Computing Base (TCB)
Secondary Storage
24. The Orange book does NOT Cover ________________ - And Database management systems
A security kernel
Bell-LaPadula Model
Networks and Communications
The Red Book
25. What is called the formal acceptance of the adequacy of a system's overall security by management?
Higher or equal to access class
Accreditation
Pagefile.sys file
Basic Security Theorem (used in computer science) definition
26. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Protection Rings Support
Implement software or systems in a production environment
Operational assurance requirements
A and B
27. Contains the ending address
The Red Book
Indexed addressing
Enforces the rules
A Limit Register (Memory Management)
28. Used by Windows systems to reserve the "Swap Space"
Access control to the objects by the subjects
Execution Domain
Pagefile.sys file
Secondary Storage
29. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The security perimeter
The Monolithic Operation system Architecture
Process isolation
Division C - Discretionary Protection
30. What does the * (star) property mean in the Bell-LaPadula model?
Virtual Memory
No write down
The Security Kernel
Programmable Read-Only Memory (PROM)
31. Mandatory Protection
Orange Book B
Execution Domain
B2 rating
B1 - Labeled Security
32. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
A1
Higher or equal to access class
Swap Space
33. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
Assigned labels
Orange Book interpretations
Trusted Network Interpretation (TNI)
34. The Simple Security rule is refered to as______________.
The "No read Up" rule
Examples of Layered Operating Systems
Accountability - Orange Book
Documentation - Orange Book
35. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Division B - Mandatory Protection Architecture
Dominate the object's sensitivity label
Simple Integrity Axiom
The Monolithic Operation system Architecture
36. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Primary storage
Cache Memory
Labels - Orange Book
37. Remaining parts of the operating system
Ring 1
Virtual Memory
Virtual storage
Accountability - Orange Book
38. What access control technique is also known as multilevel security?
Mandatory access control
The Tranqulity principle (The Bell-LaPadula Model)
The Common Criteria
Programmable Read-Only Memory (PROM)
39. What does the simple security (ss) property mean in the Bell-LaPadula model?
Attributable data
Totality of protection mechanisms
The National Computer Security Center (NCSC)
No read up
40. What prevents a process from accessing another process' data?
Fail safe
Ring 1
Process isolation
Reduced Instruction Set Computers (RISC)
41. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
A security domain
B2 rating
Documentation - Orange Book
C1 - Discretionary Security Protection
42. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Higher or equal to access class
In C2 - Controlled Access Protection environment
Networks and Communications
Examples of Layered Operating Systems
43. The Biba Model adresses _____________________.
Assigned labels
Primary storage
Labels - Orange Book
The Integrity of data within applications
44. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Direct addressing
Life-cycle assurance - O/B
C2 - Controlled Access Protection
No read up
45. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Constrained
C1 - Discretionary Security Protection
Execution Domain
46. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Disclosure of residual data
Simple Security Rule
Dedicated Security Mode
Division C - Discretionary Protection
47. The Physical memory address that the CPU uses
The Biba Model
Administrative declaration
A security kernel
Absolute addresses
48. Which TCSEC level first addresses object reuse?
The security perimeter
Need-to-know
Ring 3
C2
49. The C2 evaluation class of the _________________ offers controlled access protection.
The TCSEC - Aka Orange Book
Trusted Network Interpretation (TNI)
The Strong star property rule
Accreditation
50. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Examples of Layered Operating Systems
Multilevel Security Policies
C2 - Controlled Access Protection
The TCSEC - Aka Orange Book
