Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






2. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






3. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






4. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






5. Applications and user activity






6. Trusted facility management is an assurance requirement only for ________________.






7. The subject must have Need to Know for ONLY the information they are trying to access.






8. A set of objects that a subject is able to access






9. Execute one instruction at a time.






10. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






11. In the Bell-LaPadula Model the Subject's Label contains ___________________.






12. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






13. Mandatory Protection






14. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






15. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






16. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






17. Operating System Kernel






18. Based on a known address with an offset value applied.






19. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






20. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






21. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






22. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






23. The C2 evaluation class of the _________________ offers controlled access protection.






24. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






25. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






26. The Indexed memory addresses that software uses






27. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






28. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






29. When a vendor submits a product for evaluation - it submits it to the ____________.






30. Contains an Address of where the instruction and dara reside that need to be processed.






31. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






32. What access control technique is also known as multilevel security?






33. All users have a clearance for and a formal need to know about - all data processed with the system.






34. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






35. The Bell-LaPadula model Subjects and Objects are ___________.






36. Subjects and Objects cannot change their security levels once they have been instantiated (created)






37. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






38. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






39. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






40. The Orange book requires protection against two_____________ - which are these Timing and Storage






41. The Bell-LaPadula Model is a _______________.






42. Data in Cache can be accessed much more quickly than Data






43. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






44. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






45. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






46. Users need to be Identified individually to provide more precise acces control and auditing functionality.






47. The assignment of a specific individual to administer the security-related functions of a system.






48. Which TCSEC level first addresses object reuse?






49. As per FDA data should be ______________________________.






50. Mandatory access control is enfored by the use of security labels.