SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
*-Integrity Axiom
All Mandatory Access Control (MAC) systems
Orange Book - D
C2 - Controlled Access Protection
2. TCSEC provides a means to evaluate ______________________.
Direct Addressing
Be protected from modification
The trustworthiness of an information system
A1
3. What does the * (star) property mean in the Bell-LaPadula model?
No write down
D
B2
B1 - Labeled Security rating
4. What prevents a process from accessing another process' data?
Discretionary Security Property (ds-property)
The Tranqulity principle (The Bell-LaPadula Model)
Highly secure systems (B2 - B3 and A1)
Process isolation
5. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
C2 - Controlled Access Protection
B3 - Security Domains
The Monolithic Operation system Architecture
7. Which TCSEC level first addresses object reuse?
Physical security
No write down
Firmware
C2
8. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The National Computer Security Center (NCSC)
No read down
Access control to the objects by the subjects
The Rule is talking about writing
9. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Subject to Object Model
Buffer overflows
The TCSEC - Aka Orange Book
10. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Models concerned with integrity
Orange Book - A1
Pagefile.sys file
Prohibits
11. According to the Orange Book - trusted facility management is not required for which security levels?
All Mandatory Access Control (MAC) systems
Buffer (temporary data storage area)
B1
Orange Book ratings
12. Mandatory Protection
Orange Book interpretations
Orange Book B
*-Integrity Axiom
B1
13. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
The Simple Security Property
Clark-Wilson
Ring 2
14. A set of objects that a subject is able to access
Prevent secret information from being accessed
Division B - Mandatory Protection Architecture
Real storage
A Domain
15. The Bell-LaPadula Model is a _______________.
Operational assurance requirements
Subject to Object Model
The Integrity of data within applications
International Standard 15408
16. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Orange Book - A1
Programmable Read-Only Memory (PROM)
Trusted Distribution
Security mechanisms and evalautes their effectivenes
17. A Policy based control. All objects and systems have a sensitivity level assigned to them
The *-Property rule (Star property)
C2 - Controlled Access Protection
Mandatory Access Control (MAC)
B2
18. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
System High Security Mode
Complex Instruction Set Computers (CISC)
Simple Integrity Axiom
Implement software or systems in a production environment
19. All users have a clearance for and a formal need to know about - all data processed with the system.
Orange Book - B2
A Base Register (Memory Management)
A Domain
Dedicated Security Mode
20. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
D
Subject to Object Model
Examples of Layered Operating Systems
Simple Security Rule
21. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
The Biba Model
Mandatory Access Control (MAC)
Enforces the rules
22. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Invocation Property
Enforces the rules
Primary storage
Process isolation
23. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Complex Instruction Set Computers (CISC)
Overt channel
Prohibits
Stored in Reak Memory
24. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A Layered Operating System Architecure
No write down
The Monolithic Operation system Architecture
25. Documentation must be provided - including test - design - and specification document - user guides and manuals
'Dominate'
Documentation - Orange Book
Indexed addressing
The reference monitor
26. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Multiprocessing
Trusted facility management
All Mandatory Access Control (MAC) systems
Labels - Orange Book
27. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Direct addressing
All Mandatory Access Control (MAC) systems
B2 - Structured Protection
A Thread
28. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Its classification label (Top Secret - Secret or confidential)
Orange Book - B2
Ring 2
Networks and Communications
29. Mandatory Access requires that _____________ be attached to all objects.
A Domain
Sensitivity labels
The Thread (memory Management)
Clark-Wilson
30. Which increases the performance in a computer by overlapping the steps of different instructions?
A Layered Operating System Architecure
Division B - Mandatory Protection
The security kernel
Pipelining
31. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Orange Book B
Bell-LaPadula Model
No read up
Physical security
32. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Pagefile.sys file
Life-cycle assurance - O/B
A and B
Assigned labels
33. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Its Clearance Label (Top Secret - Secret - or Confidential)
The Thread (memory Management)
Dedicated Security Mode
Highly secure systems (B2 - B3 and A1)
34. Mediates all access and Functions between subjects and objects.
Documentation - Orange Book
Multilevel Security Policies
The Security Kernel
Orange Book B
35. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
B2 - Structured Protection
Need-to-know
Multitasking
A security kernel
36. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
Documentation - Orange Book
Orange Book C
Reduced Instruction Set Computers (RISC)
37. When the RAM and secondary storage are combined the result is __________.
Logical addresses
Virtual Memory
Subject to Object Model
Covert channels
38. System Architecture that separates system functionality into Hierarchical layers
TCB (Trusted Computing Base)
Dedicated Security Mode
A Layered Operating System Architecure
The Rule is talking about writing
39. As per FDA data should be ______________________________.
Compare the security labels
Protection Rings Support
C1 - Discretionary Security Protection
Attributable - original - accurate - contemporaneous and legible
40. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
C2 - Controlled Access Protection
Simple Security Rule
Ring 1
Controlling unauthorized downgrading of information
41. What does the simple integrity axiom mean in the Biba model?
Relative Addresses
No read down
Swap Space
Mandatory access control
42. Audit data must be captured and protected to enforce accountability
Controls the checks
Security Policy is clearly defined and documented
No read up
Accountability - Orange Book
43. Contains the ending address
A security domain
C2 - Controlled Access Protection
Orange Book A
A Limit Register (Memory Management)
44. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Complex Instruction Set Computers (CISC)
Multitasking
attributability
The Monolithic Operation system Architecture
45. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
No read down
The security kernel
Mandatory Access Control (MAC)
46. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Pipelining
B2 rating
The Thread (memory Management)
Execution Domain
47. The Policy must be explicit and well defined and enforced by the mechanisms within the system
The Red Book
An abstract machine
C2 - Controlled Access Protection
Security Policy - Orange Book
48. Succesfully Evaluated products are placed on?
A1
The Evaluated Products List (EPL) with their corresponding rating
Networks and Communications
Ring 1
49. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
*-Integrity Axiom
Firmware
attributability
Types of covert channels
50. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
The trustworthiness of an information system
Attributable data
Division D - Minimal Protection
Documentation - Orange Book
