SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
The Tranqulity principle (The Bell-LaPadula Model)
Most commonly used approach
The Common Criteria
2. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
No read up
Indexed addressing
Trusted hardware - Software and Firmware
An abstract machine
3. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
Execution Domain
B1
Trusted facility management
4. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Erasable and Programmable Read-Only Memory (EPROM)
B2 - Structured Protection
The security perimeter
5. Discretionary protection
Enforces the rules
Attributable data
Orange Book C
Sensitivity labels
6. All users have a clearance for and a formal need to know about - all data processed with the system.
Ring 0
Its Clearance Label (Top Secret - Secret - or Confidential)
Enforces the rules
Dedicated Security Mode
7. The combination of RAM - Cache and the Processor Registers
The security kernel
security protection mechanisms
Primary storage
Integrity
8. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
No read up
Prohibits
B3 - Security Domains
9. A set of objects that a subject is able to access
A Domain
D
Programmable Read-Only Memory (PROM)
Overt channel
10. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
NOT Integrity
The National Computer Security Center (NCSC)
Examples of Layered Operating Systems
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
11. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The trustworthiness of an information system
The National Computer Security Center (NCSC)
security protection mechanisms
Orange Book - D
12. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Security rating B
Indirect addressing
Controlling unauthorized downgrading of information
Subject to Object Model
13. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The "No read Up" rule
attributability
The Monolithic Operation system Architecture
C2
14. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
In C2 - Controlled Access Protection environment
Fail safe
B1
15. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
TCB (Trusted Computing Base)
Security rating B
Virtual Memory
16. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
A Base Register (Memory Management)
Life Cycle Assurance Requirement
Trusted Products Evaluation Program (TPEP)
17. When the address location that is specified in the program instruction contains the address of the final desired location.
A Thread
Indirect addressing
Orange Book A
A Base Register (Memory Management)
18. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
The "No read Up" rule
Polyinstantiation
Orange Book - A1
Security Policy - Orange Book
19. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Stored in Reak Memory
Models concerned with integrity
Files - directories and devices
Dedicated Security Mode
20. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Totality of protection mechanisms
Firmware
Invocation Property
A1 - Rating
21. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Orange Book ratings
Prevent secret information from being accessed
B1
22. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Trusted facility management
Evaluated separately
Buffer overflows
The National Computer Security Center (NCSC)
23. Audit data must be captured and protected to enforce accountability
Trusted facility management
Ring 2
Accountability - Orange Book
Overt channel
24. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Controlling unauthorized downgrading of information
C1 - Discrection Security Protection is a type of environment
Trusted Products Evaluation Program (TPEP)
The *-Property rule (Star property)
25. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Orange Book C
The Thread (memory Management)
Disclosure of residual data
Trusted facility management
26. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
NOT Integrity
C1 - Discrection Security Protection is a type of environment
Clark-Wilson Model
27. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
A1
Security Policy - Orange Book
C2 - Controlled Access Protection
Simple Integrity Axiom
28. The Reserved hard drive space used to to extend RAM capabilites.
Simple Security Rule
All Mandatory Access Control (MAC) systems
Swap Space
Compare the security labels
29. Should always trace to individuals responsible for observing and recording the data
Orange Book ratings
Attributable data
Buffer (temporary data storage area)
Higher or equal to access class
30. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Ring 0
A security kernel
A Base Register (Memory Management)
31. What prevents a process from accessing another process' data?
Division B - Mandatory Protection Architecture
C1
System High Security Mode
Process isolation
32. Mandatory Access requires that _____________ be attached to all objects.
'Dominate'
Sensitivity labels
Orange Book - A1
Government and military applications
33. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Evaluated separately
Life Cycle Assurance Requirement
Security Policy - Orange Book
C2 - Controlled Access Protection
34. What does the simple security (ss) property mean in the Bell-LaPadula model?
Pagefile.sys file
Its classification label (Top Secret - Secret or confidential)
Direct Addressing
No read up
35. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Complex Instruction Set Computers (CISC)
Controls the checks
The security kernel
Secondary Storage
36. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. In the Bell-LaPadula Model the Subject's Label contains ___________________.
International Standard 15408
Cache Memory
Its Clearance Label (Top Secret - Secret - or Confidential)
B3 - Rating
38. The Policy must be explicit and well defined and enforced by the mechanisms within the system
C1
An abstract machine
The Thread (memory Management)
Security Policy - Orange Book
39. Contains the ending address
Physical security
A Limit Register (Memory Management)
The reference monitor
Covert channels
40. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Orange Book - B1
NOT Integrity
Totality of protection mechanisms
Orange Book ratings
41. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The Security Kernel
Administrative declaration
C2 - Controlled Access Protection
B1
42. Which in the Orange Book ratings represents the highest level of trust?
B2
Security Policy
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Accreditation
43. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
security protection mechanisms
Thrashing
Simple Integrity Axiom
Networks and Communications
44. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
B2
Dedicated Security Mode
Physical security
B3 - Rating
45. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Access Matrix model
State machine model
Life Cycle Assurance Requirement
Security rating B
46. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Access control to the objects by the subjects
Pagefile.sys file
B3
The rule is talking about "Reading"
47. The Orange book does NOT Cover ________________ - And Database management systems
B1
Clark-Wilson
The Simple Security Property
Networks and Communications
48. Which Orange Book evaluation level is described as "Verified Design"?
The Monolithic Operation system Architecture
Dominate the object's sensitivity label
Virtual storage
A1
49. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Attributable - original - accurate - contemporaneous and legible
Trusted hardware - Software and Firmware
Process isolation
First evaluation class
50. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Certification
The Clark Wilson integrity model
Orange Book A
Multitasking
