Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






2. Involves sharing the processor amoung all ready processes






3. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






4. Which TCSEC level first addresses object reuse?






5. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






6. What does the Clark-Wilson security model focus on






7. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






8. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






9. The Bell-LaPadula model Subjects and Objects are ___________.






10. Users need to be Identified individually to provide more precise acces control and auditing functionality.






11. Contains the ending address






12. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






13. Operating System Kernel






14. The Biba Model adresses _____________________.






15. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






16. When a vendor submits a product for evaluation - it submits it to the ____________.






17. A Policy based control. All objects and systems have a sensitivity level assigned to them






18. Bell-LaPadula model was proposed for enforcing access control in _____________________.






19. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






20. Simpler instructions that require fewer clock cycles to execute.






21. Which can be used as a covert channel?






22. In access control terms - the word "dominate" refers to ___________.






23. Contains the beginning address






24. The Simple Security rule is refered to as______________.






25. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






26. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






27. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






28. Individual subjects must be uniquely identified.






29. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






30. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






31. The assignment of a specific individual to administer the security-related functions of a system.






32. The Indexed memory addresses that software uses






33. The subject must have Need to Know for ONLY the information they are trying to access.






34. Audit data must be captured and protected to enforce accountability






35. The Physical memory address that the CPU uses






36. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification


37. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






38. When the contents of the address defined in the program's instruction is added to that of an index register.






39. Access control labels must be associated properly with objects.






40. Happen because input data is not checked for appropriate length at time of input






41. A type of memory used for High-speed writing and reading activities.






42. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






43. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






44. Mandatory Access requires that _____________ be attached to all objects.






45. The C2 evaluation class of the _________________ offers controlled access protection.






46. Subjects and Objects cannot change their security levels once they have been instantiated (created)






47. The group that oversees the processes of evaluation within TCSEC is?






48. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






49. The combination of RAM - Cache and the Processor Registers






50. In ______________ the subject must have: Need to Know for ALL the information contained within the system.