SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A Policy based control. All objects and systems have a sensitivity level assigned to them
Documentation - Orange Book
Dedicated Security Mode
Mandatory Access Control (MAC)
The "No read Up" rule
2. In access control terms - the word "dominate" refers to ___________.
B3 - Security Domains
A Thread
Evaluated separately
Higher or equal to access class
3. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
Most commonly used approach
Security Policy - Orange Book
The security perimeter
4. The Security Model Incorporates the ____________ that should be enforced in the system.
Certification
Networks and Communications
Security rating B
Security Policy
5. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
B1 - Labeled Security
Swap Space
A Thread
Attributable data
6. Should always trace to individuals responsible for observing and recording the data
Orange Book - B1
Discretionary Security Property (ds-property)
Attributable data
Security rating B
7. Which is a straightforward approach that provides access rights to subjects for objects?
C1
Access Matrix model
C2 - Controlled Access Protection
Highly secure systems (B2 - B3 and A1)
8. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Labels - Orange Book
Most commonly used approach
Access Matrix model
Logical addresses
9. The Orange book does NOT Cover ________________ - And Database management systems
Complex Instruction Set Computers (CISC)
Cache Memory
Networks and Communications
Security Policy - Orange Book
10. When a portion of primary memory is accessed by specifying the actual address of the memory location
Ring 2
Simple Integrity Axiom
Direct addressing
Reduced Instruction Set Computers (RISC)
11. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
B1 - Labeled Security
Virtual storage
Programmable Read-Only Memory (PROM)
Disclosure of residual data
12. Happen because input data is not checked for appropriate length at time of input
Orange Book A
Covert channels
A1 - Rating
Buffer overflows
13. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Virtual storage
Orange Book C
Disclosure of residual data
14. Which is an ISO standard product evaluation criteria that supersedes several different criteria
International Standard 15408
A Layered Operating System Architecure
The Common Criteria
Implement software or systems in a production environment
15. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
D
Trusted facility management
Implement software or systems in a production environment
Direct Addressing
16. The assignment of a specific individual to administer the security-related functions of a system.
A Domain
The reference monitor
Orange Book - B1
Trusted facility management
17. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
B2 rating
Certification
Isolate processes
Division C - Discretionary Protection
18. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Ring 0
B2 rating
The Integrity of data within applications
19. TCSEC provides a means to evaluate ______________________.
B2
A Layered Operating System Architecure
The trustworthiness of an information system
The Tranqulity principle (The Bell-LaPadula Model)
20. The Reserved hard drive space used to to extend RAM capabilites.
Trusted hardware - Software and Firmware
Swap Space
The Strong star property rule
Ring 2
21. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
The Monolithic Operation system Architecture
Thrashing
C1 - Discrection Security Protection is a type of environment
Orange Book interpretations
22. Individual subjects must be uniquely identified.
C2 - Controlled Access Protection
Identification - Orange Book
Attributable data
The reference monitor
23. TCB contains The Security Kernel and all ______________.
security protection mechanisms
Division C - Discretionary Protection
Networks and Communications
Access Matrix model
24. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Labels - Orange Book
Process isolation
The Monolithic Operation system Architecture
25. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
The Strong star property rule
Virtual storage
Discretionary Security Property (ds-property)
Ring 2
26. As per FDA data should be ______________________________.
A Limit Register (Memory Management)
Attributable - original - accurate - contemporaneous and legible
Overt channel
Files - directories and devices
27. Documentation must be provided - including test - design - and specification document - user guides and manuals
The Strong star property rule
C1 - Discrection Security Protection is a type of environment
Documentation - Orange Book
Ring 2
28. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
A Limit Register (Memory Management)
Trusted hardware - Software and Firmware
Evaluated separately
Direct Addressing
29. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The Simple Security Property
Real storage
A1
Security rating B
30. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
'Dominate'
The Trusted Computing Base (TCB)
A security kernel
A and B
31. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Multitasking
The National Computer Security Center (NCSC)
Be protected from modification
A Domain
32. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Ring 0
No write down
Thrashing
Orange Book ratings
33. Verification Protection
The Clark Wilson integrity model
The Integrity of data within applications
Controls the checks
Orange Book A
34. Which would be designated as objects on a MAC system?
Files - directories and devices
Virtual Memory
Need-to-know
Certification
35. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Access Matrix model
C2 - Controlled Access Protection
Dedicated Security Mode
The TCSEC - Aka Orange Book
36. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Attributable data
Relative Addresses
Files - directories and devices
37. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Logical addresses
The security kernel
Direct addressing
Controlling unauthorized downgrading of information
38. The C2 evaluation class of the _________________ offers controlled access protection.
Execution Domain
The National Computer Security Center (NCSC)
C1
Trusted Network Interpretation (TNI)
39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Higher or equal to access class
Virtual storage
The Red Book
Security mechanisms and evalautes their effectivenes
40. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The Trusted Computing Base (TCB)
Invocation Property
Overt channel
Examples of Layered Operating Systems
41. Which Orange Book evaluation level is described as "Verified Design"?
The rule is talking about "Reading"
Clark-Wilson
Scalar processors
A1
42. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
No write down
The "No write Down" Rule
Sensitivity labels
43. Bell-LaPadula model was proposed for enforcing access control in _____________________.
The Security Kernel
Government and military applications
The *-Property rule (Star property)
No read up
44. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Implement software or systems in a production environment
Life Cycle Assurance Requirement
Erasable and Programmable Read-Only Memory (EPROM)
Its Clearance Label (Top Secret - Secret - or Confidential)
45. Operating System Kernel
Ring 0
The rule is talking about "Reading"
Examples of Layered Operating Systems
Compare the security labels
46. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Prevent secret information from being accessed
C1
International Standard 15408
B2
47. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Indirect addressing
The National Computer Security Center (NCSC)
Highly secure systems (B2 - B3 and A1)
48. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
A security kernel
Labels - Orange Book
Examples of Layered Operating Systems
A Domain
49. In the Bell-LaPadula Model the Object's Label contains ___________________.
Enforces the rules
Relative Addresses
Documentation - Orange Book
Its classification label (Top Secret - Secret or confidential)
50. The Physical memory address that the CPU uses
attributability
A security domain
Absolute addresses
B3 - Rating
