SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which TCSEC level first addresses object reuse?
Physical security
A1 - Rating
C2
Division C - Discretionary Protection
2. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Orange Book - D
Sensitivity labels
Assigned labels
The Common Criteria
3. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Programmable Read-Only Memory (PROM)
First evaluation class
The Rule is talking about writing
Mandatory access control
4. Intended for environments that require systems to handle classified data.
Storage and timing
Trusted hardware - Software and Firmware
The Security Kernel
B1 - Labeled Security rating
5. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
The National Computer Security Center (NCSC)
Pagefile.sys file
The Monolithic Operation system Architecture
6. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Basic Security Theorem (used in computer science) definition
Fail safe
Mandatory Access Control (MAC)
Security rating B
7. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
No write down
Mandatory Access Control (MAC)
Buffer (temporary data storage area)
Division C - Discretionary Protection
8. Succesfully Evaluated products are placed on?
Trusted facility management
Orange Book interpretations
The Evaluated Products List (EPL) with their corresponding rating
Networks and Communications
9. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Its Clearance Label (Top Secret - Secret - or Confidential)
The Trusted Computing Base (TCB)
attributability
10. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Clark-Wilson Model
A Thread
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
11. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Buffer (temporary data storage area)
Dedicated Security Mode
Secondary Storage
Orange Book - D
13. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Secondary Storage
A Thread
Orange Book - B3
The National Computer Security Center (NCSC)
14. Which can be used as a covert channel?
Protection Rings Support
Storage and timing
C2
Controls the checks
15. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Assigned labels
C2 - Controlled Access Protection
Files - directories and devices
The rule is talking about "Reading"
16. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Integrity
A1 - Rating
All Mandatory Access Control (MAC) systems
A Thread
17. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A1 - Rating
A security kernel
The TCSEC - Aka Orange Book
Logical addresses
18. What does the simple security (ss) property mean in the Bell-LaPadula model?
Mandatory access control
Trusted facility management
No read up
Simple Security Rule
19. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Dominate the object's sensitivity label
The Evaluated Products List (EPL) with their corresponding rating
A security domain
Security rating B
20. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Its classification label (Top Secret - Secret or confidential)
Direct Addressing
Prohibits
B3 - Rating
21. Mandatory access control is enfored by the use of security labels.
The Red Book
Swap Space
B1
Division B - Mandatory Protection
22. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Totality of protection mechanisms
B2 rating
attributability
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
23. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
The Biba Model
B3
No write down
24. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B1 - Labeled Security rating
The Simple Security Property
Ring 2
B2 - Structured Protection
25. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A1
Isolate processes
A Thread
*-Integrity Axiom
26. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
A single classification and a Compartment Set
B1
Storage and timing
27. Should always trace to individuals responsible for observing and recording the data
Attributable data
Covert channels
A1 - Rating
Life Cycle Assurance Requirement
28. The Reserved hard drive space used to to extend RAM capabilites.
A Layered Operating System Architecure
Buffer overflows
Swap Space
System High Security Mode
29. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Trusted Products Evaluation Program (TPEP)
Covert channels
Dominate the object's sensitivity label
Totality of protection mechanisms
30. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Orange Book B
A Base Register (Memory Management)
A and B
Assigned labels
31. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
A Layered Operating System Architecure
The National Computer Security Center (NCSC)
Constrained
attributability
32. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Protection Rings Support
B1
The *-Property rule (Star property)
33. The Policy must be explicit and well defined and enforced by the mechanisms within the system
B1 - Labeled Security
Labels - Orange Book
Security Policy - Orange Book
The security perimeter
34. The Orange book does NOT Cover ________________ - And Database management systems
Life Cycle Assurance Requirement
Prevent secret information from being accessed
Buffer (temporary data storage area)
Networks and Communications
35. Execute one instruction at a time.
Scalar processors
Swap Space
Government and military applications
Dominate the object's sensitivity label
36. Which uses Protection Profiles and Security Targets?
Most commonly used approach
International Standard 15408
The "No read Up" rule
The security perimeter
37. The *-Property rule is refered to as ____________.
Identification - Orange Book
The "No write Down" Rule
Protection Rings Support
C1 - Discrection Security Protection is a type of environment
38. Another word for Primary storage and distinguishes physical memory from virtual memory.
B2 rating
Real storage
No read up
C2
39. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
No read up
Primary storage
System High Security Mode
40. A subject at a given clearance may not read an object at a higher classification
International Standard 15408
The security perimeter
The Simple Security Property
Need-to-know
41. TCB contains The Security Kernel and all ______________.
Clark-Wilson Model
Clark-Wilson
The National Computer Security Center (NCSC)
security protection mechanisms
42. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
B1 - Labeled Security rating
Controls the checks
Programmable Read-Only Memory (PROM)
C1
43. Verification Protection
A Limit Register (Memory Management)
C2
Orange Book A
Cache Memory
44. Contains the beginning address
Networks and Communications
C1 - Discretionary Security Protection
The "No write Down" Rule
A Base Register (Memory Management)
45. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
A1
The *-Property rule (Star property)
Multitasking
46. The group that oversees the processes of evaluation within TCSEC is?
Direct addressing
Orange Book - D
Security Policy is clearly defined and documented
Trusted Products Evaluation Program (TPEP)
47. The total combination of protection mechanisms within a computer system
Buffer (temporary data storage area)
Integrity
TCB (Trusted Computing Base)
Storage and timing
48. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Storage and timing
Subject to Object Model
Ring 3
49. Used by Windows systems to reserve the "Swap Space"
Virtual storage
Multitasking
Pagefile.sys file
The security perimeter
50. Which Orange Book evaluation level is described as "Verified Design"?
The Rule is talking about writing
The Common Criteria
A1
Division C - Discretionary Protection
