SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
In C2 - Controlled Access Protection environment
Real storage
A security domain
Clark-Wilson Model
2. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
The Evaluated Products List (EPL) with their corresponding rating
A Domain
Overt channel
The Clark Wilson integrity model
3. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Absolute addresses
The TCSEC - Aka Orange Book
The National Computer Security Center (NCSC)
4. Contains the beginning address
A Base Register (Memory Management)
The Clark Wilson integrity model
Orange Book interpretations
Logical addresses
5. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Storage and timing
A Thread
Certification
Enforces the rules
6. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Administrative declaration
Integrity
Dedicated Security Mode
7. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
In C2 - Controlled Access Protection environment
Reduced Instruction Set Computers (RISC)
Orange Book C
8. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
The Trusted Computing Base (TCB)
International Standard 15408
C2 - Controlled Access Protection
9. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Erasable and Programmable Read-Only Memory (EPROM)
Primary storage
The Rule is talking about writing
10. In the Bell-LaPadula Model the Object's Label contains ___________________.
Multitasking
Accountability - Orange Book
Its classification label (Top Secret - Secret or confidential)
The "No read Up" rule
11. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Absolute addresses
Orange Book C
Bell-LaPadula Model
Virtual storage
12. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3
B3 - Rating
Examples of Layered Operating Systems
The TCSEC - Aka Orange Book
13. Minimal Security
A lattice of Intergrity Levels
Orange Book - D
Multilevel Security Policies
C2
14. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Orange Book ratings
Security mechanisms and evalautes their effectivenes
Division B - Mandatory Protection Architecture
Primary storage
15. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Trusted facility management
Discretionary Security Property (ds-property)
C2
Examples of Layered Operating Systems
16. The Reserved hard drive space used to to extend RAM capabilites.
Storage and timing
Indirect addressing
A Layered Operating System Architecure
Swap Space
17. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
A security kernel
The reference monitor
B3
Simple Security Rule
18. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Documentation - Orange Book
Totality of protection mechanisms
attributability
The "No read Up" rule
19. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multitasking
Multiprocessing
Prevent secret information from being accessed
C2
20. Operating System Kernel
Orange Book - A1
Ring 2
C1 - Discretionary Security Protection
Ring 0
21. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
Division B - Mandatory Protection Architecture
Programmable Read-Only Memory (PROM)
Pagefile.sys file
22. Mandatory access control is enfored by the use of security labels.
Most commonly used approach
Ring 1
Division B - Mandatory Protection
B1
23. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Access control to the objects by the subjects
Isolate processes
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
24. Simpler instructions that require fewer clock cycles to execute.
Networks and Communications
Overt channel
Trusted hardware - Software and Firmware
Reduced Instruction Set Computers (RISC)
25. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Covert channels
The "No write Down" Rule
Trusted Network Interpretation (TNI)
26. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Models concerned with integrity
The "No read Up" rule
Totality of protection mechanisms
Covert channels
27. Remaining parts of the operating system
Ring 1
Primary storage
Accountability - Orange Book
Security rating B
28. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Indexed addressing
Trusted facility management
The Thread (memory Management)
29. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Security rating B
Programmable Read-Only Memory (PROM)
Operational assurance requirements
Direct Addressing
30. Which increases the performance in a computer by overlapping the steps of different instructions?
First evaluation class
The Clark Wilson integrity model
Pipelining
The Security Kernel
31. TCB contains The Security Kernel and all ______________.
security protection mechanisms
D
Fail safe
Multiprocessing
32. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Ring 2
The trustworthiness of an information system
Dedicated Security Mode
First evaluation class
33. A Policy based control. All objects and systems have a sensitivity level assigned to them
No read down
Mandatory Access Control (MAC)
Controlling unauthorized downgrading of information
An abstract machine
34. When the contents of the address defined in the program's instruction is added to that of an index register.
Multitasking
Indexed addressing
Government and military applications
Files - directories and devices
35. All users have a clearance for and a formal need to know about - all data processed with the system.
Dedicated Security Mode
Integrity
security protection mechanisms
A Limit Register (Memory Management)
36. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
No read up
Dedicated Security Mode
Dedicated Security Mode
37. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Totality of protection mechanisms
The trustworthiness of an information system
Pagefile.sys file
Operational assurance requirements
38. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Prohibits
Multilevel Security Policies
Trusted facility management
A1 - Rating
39. When the RAM and secondary storage are combined the result is __________.
Buffer overflows
Identification - Orange Book
Division B - Mandatory Protection
Virtual Memory
40. Access control labels must be associated properly with objects.
Labels - Orange Book
Security Policy is clearly defined and documented
The trustworthiness of an information system
The Common Criteria
41. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
The National Computer Security Center (NCSC)
Orange Book A
Controlling unauthorized downgrading of information
All Mandatory Access Control (MAC) systems
42. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
C2 - Controlled Access Protection
The Integrity of data within applications
Security rating B
43. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Higher or equal to access class
'Dominate'
B1 - Labeled Security
The *-Property rule (Star property)
44. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
A Domain
NOT Integrity
Its Clearance Label (Top Secret - Secret - or Confidential)
Enforces the rules
45. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Pagefile.sys file
Networks and Communications
Ring 1
46. The Bell-LaPadula model Subjects and Objects are ___________.
B3
Ring 0
Assigned labels
Accountability - Orange Book
47. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
Totality of protection mechanisms
Types of covert channels
The Clark Wilson integrity model
48. Contains the ending address
A Limit Register (Memory Management)
Multiprocessing
Swap Space
B3
49. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Be protected from modification
Execution Domain
The TCSEC - Aka Orange Book
A and B
50. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Division D - Minimal Protection
Orange Book - B1
A lattice of Intergrity Levels
The National Computer Security Center (NCSC)
