SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Should always trace to individuals responsible for observing and recording the data
The "No write Down" Rule
Attributable data
Virtual storage
Assigned labels
2. Access control labels must be associated properly with objects.
The Security Kernel
Labels - Orange Book
Totality of protection mechanisms
Direct addressing
3. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Orange Book interpretations
Its classification label (Top Secret - Secret or confidential)
The Monolithic Operation system Architecture
Highly secure systems (B2 - B3 and A1)
4. Data in Cache can be accessed much more quickly than Data
Discretionary Security Property (ds-property)
Isolate processes
Stored in Reak Memory
Indexed addressing
5. When a computer uses more than one CPU in parallel to execute instructions is known as?
Virtual storage
A lattice of Intergrity Levels
Indexed addressing
Multiprocessing
6. I/O drivers and utilities
'Dominate'
Multiprocessing
Trusted hardware - Software and Firmware
Ring 2
7. Individual subjects must be uniquely identified.
Identification - Orange Book
Files - directories and devices
Certification
Documentation - Orange Book
8. The Orange book requires protection against two_____________ - which are these Timing and Storage
Orange Book interpretations
Types of covert channels
C1 - Discrection Security Protection is a type of environment
B1
9. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
C2 - Controlled Access Protection
Constrained
attributability
Orange Book interpretations
10. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
*-Integrity Axiom
The Strong star property rule
Documentation - Orange Book
11. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Division B - Mandatory Protection
The TCSEC - Aka Orange Book
Absolute addresses
Its classification label (Top Secret - Secret or confidential)
12. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Dominate the object's sensitivity label
Integrity
Complex Instruction Set Computers (CISC)
13. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Indexed addressing
D
Dedicated Security Mode
A1 - Rating
14. When the RAM and secondary storage are combined the result is __________.
Security rating B
A security domain
Virtual Memory
Overt channel
15. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
First evaluation class
C2 - Controlled Access Protection
The rule is talking about "Reading"
A single classification and a Compartment Set
16. Based on a known address with an offset value applied.
Mandatory Access Control (MAC)
Orange Book - D
A Base Register (Memory Management)
Relative Addresses
17. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Orange Book interpretations
Multitasking
Trusted Distribution
A lattice of Intergrity Levels
18. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
State machine model
Division D - Minimal Protection
Models concerned with integrity
Government and military applications
19. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Totality of protection mechanisms
A single classification and a Compartment Set
The reference monitor
20. What access control technique is also known as multilevel security?
A and B
Mandatory access control
Certification
Cache Memory
21. Permits a database to have two records that are identical except for Their classifications
Its classification label (Top Secret - Secret or confidential)
Polyinstantiation
A1
The "No read Up" rule
22. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
B3 - Security Domains
Ring 3
The Red Book
23. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
A Base Register (Memory Management)
Orange Book - B3
Stored in Reak Memory
Types of covert channels
24. The Physical memory address that the CPU uses
Documentation - Orange Book
Absolute addresses
Simple Security Rule
Dominate the object's sensitivity label
25. Happen because input data is not checked for appropriate length at time of input
The Simple Security Property
Trusted Products Evaluation Program (TPEP)
Swap Space
Buffer overflows
26. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
System High Security Mode
A Limit Register (Memory Management)
Orange Book interpretations
The *-Property rule (Star property)
27. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Accreditation
Thrashing
C1
Be protected from modification
28. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
The Tranqulity principle (The Bell-LaPadula Model)
C1 - Discretionary Security Protection
A security kernel
The Trusted Computing Base (TCB)
29. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Division C - Discretionary Protection
Indexed addressing
Secondary Storage
30. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Need-to-know
Division B - Mandatory Protection Architecture
B3
C2 - Controlled Access Protection
31. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Execution Domain
Scalar processors
The Security Kernel
32. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Division B - Mandatory Protection
Simple Integrity Axiom
Bell-LaPadula Model
Process isolation
33. What does the simple integrity axiom mean in the Biba model?
No read down
The Tranqulity principle (The Bell-LaPadula Model)
Direct Addressing
Logical addresses
34. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Swap Space
Direct addressing
In C2 - Controlled Access Protection environment
35. Trusted facility management is an assurance requirement only for ________________.
Indexed addressing
Continuous protection - O/B
The reference monitor
Highly secure systems (B2 - B3 and A1)
36. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The Trusted Computing Base (TCB)
Primary storage
Protection Rings Support
Complex Instruction Set Computers (CISC)
37. Mandatory Protection
State machine model
Orange Book B
Orange Book - B1
A security kernel
38. The Biba Model adresses _____________________.
B1 - Labeled Security rating
The Integrity of data within applications
Orange Book - A1
The Biba Model
39. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Real storage
Pipelining
Attributable - original - accurate - contemporaneous and legible
Disclosure of residual data
40. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Evaluated separately
Labels - Orange Book
No read down
41. What is called the formal acceptance of the adequacy of a system's overall security by management?
Invocation Property
Relative Addresses
A Layered Operating System Architecure
Accreditation
42. Contains the ending address
The security perimeter
Stored in Reak Memory
A Limit Register (Memory Management)
Clark-Wilson
43. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
No read down
Covert channels
System High Security Mode
Ring 2
44. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
D
A Limit Register (Memory Management)
The *-Property rule (Star property)
45. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Direct Addressing
Virtual storage
Discretionary Security Property (ds-property)
The TCSEC - Aka Orange Book
46. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Sensitivity labels
Orange Book ratings
C2 - Controlled Access Protection
Files - directories and devices
47. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Disclosure of residual data
Security Policy is clearly defined and documented
In C2 - Controlled Access Protection environment
The Trusted Computing Base (TCB)
48. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
B3 - Security Domains
B1 - Labeled Security
The Integrity of data within applications
49. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Dedicated Security Mode
Protection Rings Support
Dedicated Security Mode
The security kernel
50. A set of objects that a subject is able to access
Mandatory Access Control (MAC)
Simple Integrity Axiom
The TCSEC - Aka Orange Book
A Domain
