Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






2. A Policy based control. All objects and systems have a sensitivity level assigned to them






3. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






4. Applications and user activity






5. What does the * (star) property mean in the Bell-LaPadula model?






6. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






7. When a portion of primary memory is accessed by specifying the actual address of the memory location






8. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






9. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






10. Can be erased - modified and upgraded.






11. The Biba Model adresses _____________________.






12. Another word for Primary storage and distinguishes physical memory from virtual memory.






13. The total combination of protection mechanisms within a computer system






14. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






15. Minimal Security






16. Which would be designated as objects on a MAC system?






17. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






18. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






19. Audit data must be captured and protected to enforce accountability






20. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






21. Simpler instructions that require fewer clock cycles to execute.






22. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






23. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






24. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






26. Contains the beginning address






27. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






28. Intended for environments that require systems to handle classified data.






29. Based on a known address with an offset value applied.






30. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






31. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






32. Documentation must be provided - including test - design - and specification document - user guides and manuals






33. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






34. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






35. I/O drivers and utilities






36. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






37. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






38. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






39. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






40. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






41. Which describe a condition when RAM and Secondary storage are used together?






42. The Physical memory address that the CPU uses






43. A type of memory used for High-speed writing and reading activities.






44. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






45. Mandatory access control is enfored by the use of security labels.






46. A set of objects that a subject is able to access






47. TCB contains The Security Kernel and all ______________.






48. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






49. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






50. A system uses the Reference Monitor to ___________________ of a subject and an object?