SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
security protection mechanisms
Its classification label (Top Secret - Secret or confidential)
B3 - Rating
B2 rating
2. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
TCB (Trusted Computing Base)
Overt channel
Swap Space
Assigned labels
3. Intended for environments that require systems to handle classified data.
Relative Addresses
B1 - Labeled Security rating
The National Computer Security Center (NCSC)
B3
4. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
The Security Kernel
Clark-Wilson Model
A Base Register (Memory Management)
5. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Secondary Storage
The Red Book
Thrashing
Orange Book B
6. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Real storage
The National Computer Security Center (NCSC)
The Strong star property rule
C1 - Discrection Security Protection is a type of environment
7. Which TCSEC level first addresses object reuse?
Programmable Read-Only Memory (PROM)
Orange Book - A1
Mandatory access control
C2
8. A Policy based control. All objects and systems have a sensitivity level assigned to them
B3
Mandatory Access Control (MAC)
Assigned labels
Government and military applications
9. The Orange book does NOT Cover ________________ - And Database management systems
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Types of covert channels
The Monolithic Operation system Architecture
Networks and Communications
10. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Simple Security Rule
The National Computer Security Center (NCSC)
Swap Space
11. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
Security rating B
Be protected from modification
Orange Book A
12. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Fail safe
Division D - Minimal Protection
Security Policy is clearly defined and documented
Orange Book B
13. Based on a known address with an offset value applied.
Process isolation
NOT Integrity
Relative Addresses
In C2 - Controlled Access Protection environment
14. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
B2
Its Clearance Label (Top Secret - Secret - or Confidential)
The *-Property rule (Star property)
A Limit Register (Memory Management)
15. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
The Simple Security Property
B1 - Labeled Security
Multilevel Security Policies
B3
16. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
The TCSEC - Aka Orange Book
A security kernel
Mandatory Access Control (MAC)
In C2 - Controlled Access Protection environment
17. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
The security perimeter
Orange Book ratings
The National Computer Security Center (NCSC)
The Simple Security Property
18. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Access Matrix model
Clark-Wilson Model
Absolute addresses
Assigned labels
19. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Ring 3
The security perimeter
D
B2 - Structured Protection
20. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Be protected from modification
A single classification and a Compartment Set
Swap Space
NOT Integrity
21. What prevents a process from accessing another process' data?
Polyinstantiation
Orange Book - B3
Process isolation
The Monolithic Operation system Architecture
22. The C2 evaluation class of the _________________ offers controlled access protection.
Division B - Mandatory Protection Architecture
Trusted Network Interpretation (TNI)
Primary storage
Direct addressing
23. The Biba Model adresses _____________________.
The Integrity of data within applications
Thrashing
Multiprocessing
Life-cycle assurance - O/B
24. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Reduced Instruction Set Computers (RISC)
Totality of protection mechanisms
Swap Space
25. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Disclosure of residual data
Constrained
A1 - Rating
The security kernel
26. When a computer uses more than one CPU in parallel to execute instructions is known as?
Trusted Network Interpretation (TNI)
Need-to-know
Multiprocessing
Fail safe
27. A subject at a given clearance may not read an object at a higher classification
Swap Space
The Simple Security Property
Polyinstantiation
The Rule is talking about writing
28. A set of objects that a subject is able to access
A Limit Register (Memory Management)
Indirect addressing
A Domain
Subject to Object Model
29. When a portion of primary memory is accessed by specifying the actual address of the memory location
Swap Space
Direct addressing
All Mandatory Access Control (MAC) systems
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
30. The Bell-LaPadula model Subjects and Objects are ___________.
Polyinstantiation
Reduced Instruction Set Computers (RISC)
Multilevel Security Policies
Assigned labels
31. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Indexed addressing
Orange Book - B3
Covert channels
B3
32. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
A Layered Operating System Architecure
Operational assurance requirements
Accreditation
Security Policy is clearly defined and documented
33. Used by Windows systems to reserve the "Swap Space"
B1 - Labeled Security rating
Trusted Distribution
In C2 - Controlled Access Protection environment
Pagefile.sys file
34. In the Bell-LaPadula Model the Object's Label contains ___________________.
A Limit Register (Memory Management)
Prohibits
Its classification label (Top Secret - Secret or confidential)
Multiprocessing
35. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
B2 - Structured Protection
All Mandatory Access Control (MAC) systems
Simple Security Rule
Firmware
36. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Its Clearance Label (Top Secret - Secret - or Confidential)
C1
B2 - Structured Protection
Secondary Storage
37. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Clark-Wilson
Controlling unauthorized downgrading of information
Implement software or systems in a production environment
Polyinstantiation
38. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
A1
Continuous protection - O/B
B2 rating
39. The subject must have Need to Know for ONLY the information they are trying to access.
Virtual storage
Scalar processors
Security Policy is clearly defined and documented
System High Security Mode
40. What access control technique is also known as multilevel security?
Mandatory access control
Examples of Layered Operating Systems
C1
Clark-Wilson Model
41. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Orange Book interpretations
B1
The Common Criteria
42. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Multiprocessing
TCB (Trusted Computing Base)
Isolate processes
B1 - Labeled Security rating
43. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
A1 - Rating
attributability
Sensitivity labels
44. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
attributability
Execution Domain
Process isolation
Relative Addresses
45. The security kernel is the mechanism that _____________ of the reference monitor concept.
The Common Criteria
The Biba Model
Enforces the rules
Types of covert channels
46. According to the Orange Book - trusted facility management is not required for which security levels?
Orange Book - A1
B1
Trusted Distribution
Implement software or systems in a production environment
47. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Dedicated Security Mode
Division B - Mandatory Protection Architecture
Attributable data
48. The group that oversees the processes of evaluation within TCSEC is?
The Tranqulity principle (The Bell-LaPadula Model)
Scalar processors
Trusted Products Evaluation Program (TPEP)
Multiprocessing
49. Which can be used as a covert channel?
Indirect addressing
Storage and timing
Orange Book - B2
Simple Integrity Axiom
50. Which is a straightforward approach that provides access rights to subjects for objects?
B2 rating
The Rule is talking about writing
Access Matrix model
B3
