Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the simple integrity axiom mean in the Biba model?






2. The Simple Security rule is refered to as______________.






3. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






4. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






5. The Physical memory address that the CPU uses






6. The security kernel is the mechanism that _____________ of the reference monitor concept.






7. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






8. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






9. Which TCSEC level first addresses object reuse?






10. A domain of trust that shares a single security policy and single management






11. Individual subjects must be uniquely identified.






12. Which can be used as a covert channel?






13. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






14. What model use an access control triples and requires that the system maintain separation of duty ?






15. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.






16. When a computer uses more than one CPU in parallel to execute instructions is known as?






17. Remaining parts of the operating system






18. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






19. The Biba Model adresses _____________________.






20. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






21. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






22. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






23. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






24. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






25. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






26. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. The C2 evaluation class of the _________________ offers controlled access protection.






28. What are the components of an object's sensitivity label?






29. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






30. System Architecture that separates system functionality into Hierarchical layers






31. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






33. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






34. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






35. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






36. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






37. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






38. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






39. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






40. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






41. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






42. What does the simple security (ss) property mean in the Bell-LaPadula model?






43. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






44. Simpler instructions that require fewer clock cycles to execute.






45. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






46. The *-Property rule is refered to as ____________.






47. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






48. When the address location that is specified in the program instruction contains the address of the final desired location.






49. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






50. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)