SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The TCB is the ________________ within a computer system that work together to enforce a security policy.
B3
Totality of protection mechanisms
Sensitivity labels
C1 - Discretionary Security Protection
2. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
3. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Basic Security Theorem (used in computer science) definition
The "No write Down" Rule
The Strong star property rule
B3 - Rating
4. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
The TCSEC - Aka Orange Book
C1 - Discrection Security Protection is a type of environment
D
State machine model
5. The Bell-LaPadula model Subjects and Objects are ___________.
Enforces the rules
Assigned labels
attributability
Accountability - Orange Book
6. Simpler instructions that require fewer clock cycles to execute.
Simple Integrity Axiom
Real storage
A lattice of Intergrity Levels
Reduced Instruction Set Computers (RISC)
7. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
The Trusted Computing Base (TCB)
Real storage
B2 - Structured Protection
The trustworthiness of an information system
8. The Simple Security rule is refered to as______________.
*-Integrity Axiom
The "No read Up" rule
C2
B3 - Rating
9. When a vendor submits a product for evaluation - it submits it to the ____________.
Ring 3
The National Computer Security Center (NCSC)
B1 - Labeled Security
The security perimeter
10. Execute one instruction at a time.
Scalar processors
D
Secondary Storage
Examples of Layered Operating Systems
11. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Disclosure of residual data
Complex Instruction Set Computers (CISC)
Enforces the rules
Division C - Discretionary Protection
12. What are the components of an object's sensitivity label?
No read down
A single classification and a Compartment Set
Virtual Memory
Real storage
13. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
14. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
B3 - Security Domains
All Mandatory Access Control (MAC) systems
Fail safe
In C2 - Controlled Access Protection environment
15. A domain of trust that shares a single security policy and single management
A security domain
Orange Book - B3
C2 - Controlled Access Protection
C2
16. Documentation must be provided - including test - design - and specification document - user guides and manuals
Subject to Object Model
Assigned labels
Evaluated separately
Documentation - Orange Book
17. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Security Kernel
Trusted Distribution
The Common Criteria
Files - directories and devices
18. Data in Cache can be accessed much more quickly than Data
B3
Stored in Reak Memory
Invocation Property
A lattice of Intergrity Levels
19. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Absolute addresses
Virtual Memory
Continuous protection - O/B
Examples of Layered Operating Systems
20. TCB contains The Security Kernel and all ______________.
No read down
Implement software or systems in a production environment
security protection mechanisms
State machine model
21. The Bell-LaPadula Model is a _______________.
Subject to Object Model
A lattice of Intergrity Levels
Highly secure systems (B2 - B3 and A1)
Trusted Network Interpretation (TNI)
22. Which can be used as a covert channel?
Storage and timing
A and B
Access control to the objects by the subjects
The Thread (memory Management)
23. A type of memory used for High-speed writing and reading activities.
No read down
Security mechanisms and evalautes their effectivenes
Trusted hardware - Software and Firmware
Cache Memory
24. Mandatory access control is enfored by the use of security labels.
Swap Space
Stored in Reak Memory
Division B - Mandatory Protection
Security Policy
25. The Physical memory address that the CPU uses
C2
Absolute addresses
Isolate processes
Erasable and Programmable Read-Only Memory (EPROM)
26. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
B2
The *-Property rule (Star property)
Multilevel Security Policies
First evaluation class
27. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
B1 - Labeled Security rating
Subject to Object Model
A security kernel
Simple Security Rule
28. Verification Protection
Real storage
B3
An abstract machine
Orange Book A
29. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Trusted Distribution
Its Clearance Label (Top Secret - Secret - or Confidential)
Documentation - Orange Book
Scalar processors
30. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
The TCSEC - Aka Orange Book
attributability
The Clark Wilson integrity model
31. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
attributability
Multitasking
The "No read Up" rule
32. The Security Model Incorporates the ____________ that should be enforced in the system.
Clark-Wilson
A lattice of Intergrity Levels
Dominate the object's sensitivity label
Security Policy
33. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
Ring 1
Pipelining
Attributable data
34. The Orange book does NOT Cover ________________ - And Database management systems
Bell-LaPadula Model
The "No write Down" Rule
Execution Domain
Networks and Communications
35. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
'Dominate'
Execution Domain
Physical security
Trusted Products Evaluation Program (TPEP)
36. Minimal Security
Orange Book - D
Programmable Read-Only Memory (PROM)
Models concerned with integrity
The *-Property rule (Star property)
37. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Erasable and Programmable Read-Only Memory (EPROM)
Disclosure of residual data
*-Integrity Axiom
38. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Invocation Property
Its classification label (Top Secret - Secret or confidential)
Trusted facility management
39. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Firmware
Prohibits
The Strong star property rule
Pagefile.sys file
40. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The TCSEC - Aka Orange Book
The security perimeter
D
The Evaluated Products List (EPL) with their corresponding rating
41. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
The *-Property rule (Star property)
Access control to the objects by the subjects
Attributable - original - accurate - contemporaneous and legible
The security perimeter
42. What is called the formal acceptance of the adequacy of a system's overall security by management?
Disclosure of residual data
Accreditation
Indexed addressing
No read down
43. Mandatory Protection
Orange Book B
Trusted Network Interpretation (TNI)
Totality of protection mechanisms
Disclosure of residual data
44. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Orange Book - D
Orange Book - B3
Access control to the objects by the subjects
45. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
NOT Integrity
The rule is talking about "Reading"
Indexed addressing
Constrained
46. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
Ring 3
C1 - Discretionary Security Protection
International Standard 15408
47. Based on a known address with an offset value applied.
Security Policy
Relative Addresses
Orange Book - A1
The Red Book
48. The group that oversees the processes of evaluation within TCSEC is?
Dominate the object's sensitivity label
Orange Book - B1
Security Policy is clearly defined and documented
Trusted Products Evaluation Program (TPEP)
49. Happen because input data is not checked for appropriate length at time of input
Sensitivity labels
Trusted Distribution
Prohibits
Buffer overflows
50. I/O drivers and utilities
Operational assurance requirements
Basic Security Theorem (used in computer science) definition
Ring 2
Security Policy is clearly defined and documented
