SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Access control to the objects by the subjects
Secondary Storage
Models concerned with integrity
B2
2. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
security protection mechanisms
D
The Red Book
The rule is talking about "Reading"
3. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Absolute addresses
Clark-Wilson Model
D
NOT Integrity
4. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Clark-Wilson
A and B
Orange Book C
Overt channel
5. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Thrashing
Swap Space
Models concerned with integrity
The Tranqulity principle (The Bell-LaPadula Model)
6. A system uses the Reference Monitor to ___________________ of a subject and an object?
Life-cycle assurance - O/B
Fail safe
Trusted hardware - Software and Firmware
Compare the security labels
7. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
C1 - Discrection Security Protection is a type of environment
security protection mechanisms
Indexed addressing
8. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
First evaluation class
Trusted hardware - Software and Firmware
The Strong star property rule
Certification
9. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Orange Book interpretations
B2 - Structured Protection
Basic Security Theorem (used in computer science) definition
Ring 0
10. Which increases the performance in a computer by overlapping the steps of different instructions?
Security mechanisms and evalautes their effectivenes
Pipelining
The reference monitor
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
11. Which TCSEC level first addresses object reuse?
Documentation - Orange Book
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Examples of Layered Operating Systems
C2
12. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Orange Book B
Pagefile.sys file
Attributable data
Direct Addressing
13. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
State machine model
A security kernel
Attributable data
A Thread
14. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Controlling unauthorized downgrading of information
Scalar processors
The Common Criteria
15. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The rule is talking about "Reading"
Simple Integrity Axiom
The "No read Up" rule
attributability
16. When a vendor submits a product for evaluation - it submits it to the ____________.
Division B - Mandatory Protection Architecture
The National Computer Security Center (NCSC)
Orange Book - B3
Orange Book interpretations
17. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Assigned labels
B2
Operational assurance requirements
18. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The "No read Up" rule
Ring 3
Covert channels
Administrative declaration
19. When a computer uses more than one CPU in parallel to execute instructions is known as?
Access Matrix model
Files - directories and devices
Multiprocessing
Most commonly used approach
20. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Pipelining
Orange Book ratings
Invocation Property
21. All users have a clearance for and a formal need to know about - all data processed with the system.
B1 - Labeled Security rating
The Simple Security Property
Dedicated Security Mode
Access control to the objects by the subjects
22. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
No read down
System High Security Mode
Division B - Mandatory Protection Architecture
23. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Highly secure systems (B2 - B3 and A1)
Reduced Instruction Set Computers (RISC)
Complex Instruction Set Computers (CISC)
Orange Book - D
24. Another word for Primary storage and distinguishes physical memory from virtual memory.
Indirect addressing
Real storage
Totality of protection mechanisms
Firmware
25. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
Identification - Orange Book
Most commonly used approach
Operational assurance requirements
26. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Life Cycle Assurance Requirement
A Layered Operating System Architecure
A security domain
27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
Administrative declaration
Logical addresses
Protection Rings Support
28. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Mandatory access control
B3 - Rating
The Thread (memory Management)
Orange Book - B3
29. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Firmware
Physical security
Life Cycle Assurance Requirement
Government and military applications
30. The Security Model Incorporates the ____________ that should be enforced in the system.
Isolate processes
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A Limit Register (Memory Management)
Security Policy
31. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Multitasking
Assigned labels
Trusted Distribution
Simple Security Rule
32. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Orange Book - B3
No read up
Security mechanisms and evalautes their effectivenes
Dedicated Security Mode
33. Mandatory Access requires that _____________ be attached to all objects.
Mandatory Access Control (MAC)
Indexed addressing
Sensitivity labels
Invocation Property
34. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Security Policy is clearly defined and documented
Highly secure systems (B2 - B3 and A1)
The reference monitor
B1 - Labeled Security
35. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Labels - Orange Book
The Security Kernel
Certification
B3 - Rating
36. Access control labels must be associated properly with objects.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A lattice of Intergrity Levels
Division B - Mandatory Protection Architecture
Labels - Orange Book
37. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Its Clearance Label (Top Secret - Secret - or Confidential)
Attributable data
The National Computer Security Center (NCSC)
Be protected from modification
38. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
The Security Kernel
Clark-Wilson Model
A Base Register (Memory Management)
39. The Indexed memory addresses that software uses
Access control to the objects by the subjects
System High Security Mode
C1
Logical addresses
40. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
In C2 - Controlled Access Protection environment
Simple Security Rule
A security domain
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
41. A domain of trust that shares a single security policy and single management
A security domain
Stored in Reak Memory
Direct Addressing
Accountability - Orange Book
42. Happen because input data is not checked for appropriate length at time of input
The Trusted Computing Base (TCB)
The security kernel
A Base Register (Memory Management)
Buffer overflows
43. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Disclosure of residual data
Prevent secret information from being accessed
Fail safe
A1 - Rating
44. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Examples of Layered Operating Systems
Primary storage
Attributable data
Security rating B
45. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
NOT Integrity
Life Cycle Assurance Requirement
The "No read Up" rule
The Clark Wilson integrity model
46. What does the simple integrity axiom mean in the Biba model?
C2 - Controlled Access Protection
Erasable and Programmable Read-Only Memory (EPROM)
No read up
No read down
47. Contains the ending address
A Thread
Orange Book - B1
A Limit Register (Memory Management)
Security Policy - Orange Book
48. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Absolute addresses
All Mandatory Access Control (MAC) systems
Labels - Orange Book
The Monolithic Operation system Architecture
49. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Ring 2
Mandatory access control
Protection Rings Support
The National Computer Security Center (NCSC)
50. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Trusted Network Interpretation (TNI)
Orange Book C
Division B - Mandatory Protection Architecture
Orange Book - B3
