Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






2. Audit data must be captured and protected to enforce accountability






3. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






4. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






5. TCB contains The Security Kernel and all ______________.






6. What does the simple security (ss) property mean in the Bell-LaPadula model?






7. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






8. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






9. Involves sharing the processor amoung all ready processes






10. Remaining parts of the operating system






11. Permits a database to have two records that are identical except for Their classifications






12. All users have a clearance for and a formal need to know about - all data processed with the system.






13. Mediates all access and Functions between subjects and objects.






14. Access control labels must be associated properly with objects.






15. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






16. Verification Protection






17. Used by Windows systems to reserve the "Swap Space"






18. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






19. The Bell-LaPadula model Subjects and Objects are ___________.






20. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






21. Data in Cache can be accessed much more quickly than Data






22. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






23. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






24. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






25. What access control technique is also known as multilevel security?






26. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






27. Which is an ISO standard product evaluation criteria that supersedes several different criteria






28. When the address location that is specified in the program instruction contains the address of the final desired location.






29. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


30. Which describe a condition when RAM and Secondary storage are used together?






31. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






32. Each data object must contain a classification label and each subject must have a clearance label.






33. Which would be designated as objects on a MAC system?






34. Execute one instruction at a time.






35. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






36. When the RAM and secondary storage are combined the result is __________.






37. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






38. What is called the formal acceptance of the adequacy of a system's overall security by management?






39. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






40. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






41. Should always trace to individuals responsible for observing and recording the data






42. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






43. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






44. Mandatory access control is enfored by the use of security labels.






45. What does the * (star) property mean in the Bell-LaPadula model?






46. Operating System Kernel






47. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






48. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






49. The Reserved hard drive space used to to extend RAM capabilites.






50. Based on a known address with an offset value applied.