SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Dedicated Security Mode
B3
C2 - Controlled Access Protection
Security Policy is clearly defined and documented
2. In the Bell-LaPadula Model the Object's Label contains ___________________.
The National Computer Security Center (NCSC)
C1 - Discrection Security Protection is a type of environment
Its classification label (Top Secret - Secret or confidential)
The Trusted Computing Base (TCB)
3. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
An abstract machine
Fail safe
Ring 0
4. The Orange book does NOT Cover ________________ - And Database management systems
Prohibits
Direct Addressing
Networks and Communications
An abstract machine
5. System Architecture that separates system functionality into Hierarchical layers
Compare the security labels
A Layered Operating System Architecure
C2 - Controlled Access Protection
security protection mechanisms
6. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Polyinstantiation
Totality of protection mechanisms
C1
An abstract machine
7. Used by Windows systems to reserve the "Swap Space"
A1 - Rating
The "No write Down" Rule
Attributable - original - accurate - contemporaneous and legible
Pagefile.sys file
8. Which TCSEC level first addresses object reuse?
B3 - Security Domains
Attributable - original - accurate - contemporaneous and legible
C2
Protection Rings Support
9. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
NOT Integrity
Indexed addressing
D
Orange Book - D
10. The combination of RAM - Cache and the Processor Registers
The security kernel
Sensitivity labels
Orange Book interpretations
Primary storage
11. What prevents a process from accessing another process' data?
Physical security
A Base Register (Memory Management)
Process isolation
The security perimeter
12. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Process isolation
Pipelining
Basic Security Theorem (used in computer science) definition
Invocation Property
13. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Most commonly used approach
C2 - Controlled Access Protection
Overt channel
Life Cycle Assurance Requirement
14. The assignment of a specific individual to administer the security-related functions of a system.
Compare the security labels
Direct Addressing
Trusted facility management
Disclosure of residual data
15. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Orange Book B
The Simple Security Property
Division D - Minimal Protection
The security perimeter
16. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Prohibits
C2 - Controlled Access Protection
The National Computer Security Center (NCSC)
Security Policy - Orange Book
18. Documentation must be provided - including test - design - and specification document - user guides and manuals
C2 - Controlled Access Protection
Examples of Layered Operating Systems
Documentation - Orange Book
Government and military applications
19. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
A Limit Register (Memory Management)
Virtual Memory
Cache Memory
Bell-LaPadula Model
20. I/O drivers and utilities
Ring 2
Controlling unauthorized downgrading of information
B3
The Integrity of data within applications
21. As per FDA data should be ______________________________.
The TCSEC - Aka Orange Book
Accountability - Orange Book
Attributable - original - accurate - contemporaneous and legible
Assigned labels
22. Individual subjects must be uniquely identified.
Identification - Orange Book
No write down
Ring 1
Multitasking
23. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
Orange Book - B1
Documentation - Orange Book
Process isolation
24. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
C2 - Controlled Access Protection
Dedicated Security Mode
The Strong star property rule
Types of covert channels
25. The group that oversees the processes of evaluation within TCSEC is?
Primary storage
The Clark Wilson integrity model
Documentation - Orange Book
Trusted Products Evaluation Program (TPEP)
26. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
The Common Criteria
Division D - Minimal Protection
The Integrity of data within applications
Division B - Mandatory Protection Architecture
27. The Security Model Incorporates the ____________ that should be enforced in the system.
The trustworthiness of an information system
The *-Property rule (Star property)
A1 - Rating
Security Policy
28. Can be erased - modified and upgraded.
The Evaluated Products List (EPL) with their corresponding rating
Erasable and Programmable Read-Only Memory (EPROM)
B1 - Labeled Security rating
Identification - Orange Book
29. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Types of covert channels
Erasable and Programmable Read-Only Memory (EPROM)
The trustworthiness of an information system
30. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Life Cycle Assurance Requirement
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Ring 0
31. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Models concerned with integrity
The Tranqulity principle (The Bell-LaPadula Model)
The Evaluated Products List (EPL) with their corresponding rating
Government and military applications
32. What are the components of an object's sensitivity label?
The Rule is talking about writing
Disclosure of residual data
A single classification and a Compartment Set
Relative Addresses
33. A domain of trust that shares a single security policy and single management
Higher or equal to access class
B2
Buffer (temporary data storage area)
A security domain
34. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Access Matrix model
Orange Book - B2
The security perimeter
Isolate processes
35. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Prevent secret information from being accessed
Government and military applications
Fail safe
Physical security
36. Which increases the performance in a computer by overlapping the steps of different instructions?
Isolate processes
Pipelining
Ring 0
The "No read Up" rule
37. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
A1 - Rating
The Security Kernel
C1 - Discretionary Security Protection
State machine model
38. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Indirect addressing
Protection Rings Support
A security kernel
Attributable data
39. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Identification - Orange Book
The Strong star property rule
A Base Register (Memory Management)
40. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Operational assurance requirements
The security perimeter
A1
A Domain
41. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
A single classification and a Compartment Set
Need-to-know
Most commonly used approach
The TCSEC - Aka Orange Book
42. Applications and user activity
Trusted Distribution
B2 rating
A Domain
Ring 3
43. Mediates all access and Functions between subjects and objects.
Sensitivity labels
Examples of Layered Operating Systems
Ring 1
The Security Kernel
44. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Simple Security Rule
Security mechanisms and evalautes their effectivenes
Most commonly used approach
'Dominate'
45. The subject must have Need to Know for ONLY the information they are trying to access.
Polyinstantiation
System High Security Mode
C1 - Discrection Security Protection is a type of environment
Security Policy
46. Bell-LaPadula model was proposed for enforcing access control in _____________________.
The Evaluated Products List (EPL) with their corresponding rating
All Mandatory Access Control (MAC) systems
Government and military applications
Models concerned with integrity
47. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Certification
Mandatory Access Control (MAC)
Swap Space
The Integrity of data within applications
48. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
Operational assurance requirements
C2 - Controlled Access Protection
Process isolation
49. What access control technique is also known as multilevel security?
Mandatory access control
Clark-Wilson Model
Life-cycle assurance - O/B
The National Computer Security Center (NCSC)
50. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Orange Book - B1
The Biba Model
Examples of Layered Operating Systems
Buffer (temporary data storage area)
