SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer
50
questions in
15 minutes
.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Secondary Storage
All Mandatory Access Control (MAC) systems
C2 - Controlled Access Protection
Overt channel
2. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
Direct Addressing
Sensitivity labels
Firmware
3. Which Orange Book evaluation level is described as "Verified Design"?
Simple Integrity Axiom
A1
B2
The *-Property rule (Star property)
4. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Be protected from modification
B1 - Labeled Security
Controls the checks
Orange Book ratings
5. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Be protected from modification
Buffer overflows
Multilevel Security Policies
6. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Trusted facility management
Networks and Communications
Multiprocessing
Direct Addressing
7. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Accountability - Orange Book
Orange Book A
The TCSEC - Aka Orange Book
Government and military applications
8. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Implement software or systems in a production environment
A and B
The National Computer Security Center (NCSC)
Attributable - original - accurate - contemporaneous and legible
9. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Files - directories and devices
Simple Integrity Axiom
Virtual Memory
The security kernel
10. Should always trace to individuals responsible for observing and recording the data
Attributable data
The reference monitor
B1 - Labeled Security
Trusted Products Evaluation Program (TPEP)
11. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
12. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Orange Book interpretations
Indirect addressing
Logical addresses
attributability
13. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Discretionary Security Property (ds-property)
Protection Rings Support
Orange Book interpretations
Dedicated Security Mode
14. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Higher or equal to access class
Security rating B
Orange Book - B2
The Evaluated Products List (EPL) with their corresponding rating
15. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Life-cycle assurance - O/B
A1
C1 - Discretionary Security Protection
16. A type of memory used for High-speed writing and reading activities.
The reference monitor
Cache Memory
*-Integrity Axiom
Access Matrix model
17. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
The Monolithic Operation system Architecture
A Domain
A Thread
18. The Orange book does NOT Cover ________________ - And Database management systems
Basic Security Theorem (used in computer science) definition
C2 - Controlled Access Protection
The security kernel
Networks and Communications
19. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
C2
The National Computer Security Center (NCSC)
B2 - Structured Protection
20. TCB contains The Security Kernel and all ______________.
Erasable and Programmable Read-Only Memory (EPROM)
security protection mechanisms
Division B - Mandatory Protection Architecture
State machine model
21. Happen because input data is not checked for appropriate length at time of input
Constrained
Firmware
Buffer overflows
Real storage
22. Mandatory Protection
Orange Book B
A Thread
Invocation Property
Access control to the objects by the subjects
23. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Isolate processes
Pagefile.sys file
No read down
24. Individual subjects must be uniquely identified.
Identification - Orange Book
Bell-LaPadula Model
Dedicated Security Mode
B3
25. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Division C - Discretionary Protection
A lattice of Intergrity Levels
The Rule is talking about writing
C1 - Discrection Security Protection is a type of environment
26. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
Orange Book A
Its Clearance Label (Top Secret - Secret - or Confidential)
Polyinstantiation
27. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Ring 2
Disclosure of residual data
The Tranqulity principle (The Bell-LaPadula Model)
Relative Addresses
28. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
29. System Architecture that separates system functionality into Hierarchical layers
The TCSEC - Aka Orange Book
Covert channels
A Layered Operating System Architecure
*-Integrity Axiom
30. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
Highly secure systems (B2 - B3 and A1)
Subject to Object Model
B2 rating
31. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Multitasking
Accountability - Orange Book
B1
32. What model use an access control triples and requires that the system maintain separation of duty ?
The TCSEC - Aka Orange Book
Secondary Storage
The security perimeter
Clark-Wilson
33. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Life-cycle assurance - O/B
Examples of Layered Operating Systems
Security mechanisms and evalautes their effectivenes
Scalar processors
34. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
Prohibits
Clark-Wilson Model
Pagefile.sys file
35. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Identification - Orange Book
The "No write Down" Rule
Orange Book - B3
Discretionary Security Property (ds-property)
36. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
B1
Orange Book - B1
Orange Book - B3
The Rule is talking about writing
37. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Operational assurance requirements
Physical security
The TCSEC - Aka Orange Book
Complex Instruction Set Computers (CISC)
38. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
A and B
Constrained
The Strong star property rule
B3
39. Which TCSEC level first addresses object reuse?
All Mandatory Access Control (MAC) systems
C2
Trusted Distribution
Reduced Instruction Set Computers (RISC)
40. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Security Policy
'Dominate'
Swap Space
B2 rating
41. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
C2 - Controlled Access Protection
B3
The Monolithic Operation system Architecture
Subject to Object Model
42. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
A Layered Operating System Architecure
Indexed addressing
Swap Space
Enforces the rules
43. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Access control to the objects by the subjects
A lattice of Intergrity Levels
Trusted facility management
C2 - Controlled Access Protection
44. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
The security perimeter
Access control to the objects by the subjects
Thrashing
Orange Book B
45. Can be erased - modified and upgraded.
The security perimeter
Orange Book - B3
Erasable and Programmable Read-Only Memory (EPROM)
Sensitivity labels
46. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Implement software or systems in a production environment
State machine model
Buffer overflows
47. As per FDA data should be ______________________________.
Ring 3
Orange Book A
Dominate the object's sensitivity label
Attributable - original - accurate - contemporaneous and legible
48. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Logical addresses
The Thread (memory Management)
Basic Security Theorem (used in computer science) definition
B2 rating
49. Used by Windows systems to reserve the "Swap Space"
Absolute addresses
Swap Space
A Thread
Pagefile.sys file
50. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Access control to the objects by the subjects
Dedicated Security Mode
The TCSEC - Aka Orange Book
Relative Addresses
