SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Relative Addresses
Security Policy
All Mandatory Access Control (MAC) systems
Examples of Layered Operating Systems
2. Permits a database to have two records that are identical except for Their classifications
The Trusted Computing Base (TCB)
Trusted hardware - Software and Firmware
attributability
Polyinstantiation
3. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
Trusted hardware - Software and Firmware
The National Computer Security Center (NCSC)
B2
4. In the Bell-LaPadula Model the Object's Label contains ___________________.
B2 rating
The *-Property rule (Star property)
Its classification label (Top Secret - Secret or confidential)
B1
5. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Orange Book - B2
Security Policy is clearly defined and documented
Be protected from modification
A and B
6. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
A lattice of Intergrity Levels
A1 - Rating
The Monolithic Operation system Architecture
7. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
A single classification and a Compartment Set
The Rule is talking about writing
Life-cycle assurance - O/B
8. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
An abstract machine
Covert channels
B1 - Labeled Security
C1 - Discrection Security Protection is a type of environment
9. A domain of trust that shares a single security policy and single management
A security domain
Identification - Orange Book
Orange Book B
The Common Criteria
10. Mediates all access and Functions between subjects and objects.
C2
Sensitivity labels
The Security Kernel
Polyinstantiation
11. Mandatory Protection
Reduced Instruction Set Computers (RISC)
Security mechanisms and evalautes their effectivenes
Prohibits
Orange Book B
12. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
Ring 0
Logical addresses
Trusted Distribution
13. The Bell-LaPadula model Subjects and Objects are ___________.
Assigned labels
An abstract machine
Complex Instruction Set Computers (CISC)
A1
14. What does the simple security (ss) property mean in the Bell-LaPadula model?
Access control to the objects by the subjects
No read up
TCB (Trusted Computing Base)
State machine model
15. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
The National Computer Security Center (NCSC)
Identification - Orange Book
D
State machine model
16. Applications and user activity
The Security Kernel
B2 - Structured Protection
Ring 3
Enforces the rules
17. Which increases the performance in a computer by overlapping the steps of different instructions?
B3 - Security Domains
Pipelining
B3 - Rating
The Common Criteria
18. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Orange Book C
C2
The Tranqulity principle (The Bell-LaPadula Model)
First evaluation class
19. A set of objects that a subject is able to access
C2 - Controlled Access Protection
C1
A Domain
Sensitivity labels
20. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Orange Book - B3
A security domain
Security mechanisms and evalautes their effectivenes
21. Access control labels must be associated properly with objects.
Labels - Orange Book
Buffer (temporary data storage area)
Covert channels
Access Matrix model
22. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Division C - Discretionary Protection
Polyinstantiation
Types of covert channels
Administrative declaration
23. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Virtual storage
Division B - Mandatory Protection
Most commonly used approach
No write down
24. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The trustworthiness of an information system
Orange Book interpretations
Security rating B
Security Policy - Orange Book
25. The Reserved hard drive space used to to extend RAM capabilites.
Ring 3
Orange Book C
Erasable and Programmable Read-Only Memory (EPROM)
Swap Space
26. Which TCSEC level first addresses object reuse?
Erasable and Programmable Read-Only Memory (EPROM)
Controls the checks
Relative Addresses
C2
27. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
C1 - Discretionary Security Protection
A Thread
Covert channels
A Base Register (Memory Management)
28. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
The security perimeter
C2
Orange Book C
A1 - Rating
29. The group that oversees the processes of evaluation within TCSEC is?
Orange Book C
Clark-Wilson
Enforces the rules
Trusted Products Evaluation Program (TPEP)
30. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Mandatory Access Control (MAC)
All Mandatory Access Control (MAC) systems
Multitasking
Need-to-know
31. As per FDA data should be ______________________________.
Controls the checks
Attributable - original - accurate - contemporaneous and legible
Pagefile.sys file
B3 - Security Domains
32. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Accountability - Orange Book
A security kernel
Security Policy - Orange Book
33. When a computer uses more than one CPU in parallel to execute instructions is known as?
attributability
B1 - Labeled Security
Multiprocessing
Controlling unauthorized downgrading of information
34. Used by Windows systems to reserve the "Swap Space"
A security kernel
Pagefile.sys file
Discretionary Security Property (ds-property)
The Integrity of data within applications
35. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
The Trusted Computing Base (TCB)
Orange Book - B1
Life-cycle assurance - O/B
36. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Models concerned with integrity
Need-to-know
No read down
Stored in Reak Memory
37. Involves sharing the processor amoung all ready processes
B3
Multitasking
Orange Book - B3
Subject to Object Model
38. The subject must have Need to Know for ONLY the information they are trying to access.
The TCSEC - Aka Orange Book
Orange Book B
The Red Book
System High Security Mode
39. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
A Layered Operating System Architecure
C1 - Discrection Security Protection is a type of environment
Simple Integrity Axiom
B3
40. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Mandatory Access Control (MAC)
Controlling unauthorized downgrading of information
Logical addresses
41. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
First evaluation class
C1
An abstract machine
42. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Its classification label (Top Secret - Secret or confidential)
Orange Book - B3
Buffer (temporary data storage area)
B2 rating
43. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Reduced Instruction Set Computers (RISC)
Networks and Communications
Its Clearance Label (Top Secret - Secret - or Confidential)
Orange Book C
44. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
C1 - Discretionary Security Protection
Primary storage
B3
45. Audit data must be captured and protected to enforce accountability
The Evaluated Products List (EPL) with their corresponding rating
Direct addressing
Thrashing
Accountability - Orange Book
46. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Certification
The rule is talking about "Reading"
Complex Instruction Set Computers (CISC)
First evaluation class
47. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
A security domain
Division C - Discretionary Protection
C2 - Controlled Access Protection
Orange Book ratings
48. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Polyinstantiation
Prevent secret information from being accessed
The Monolithic Operation system Architecture
Dominate the object's sensitivity label
49. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Orange Book - A1
Prevent secret information from being accessed
Orange Book C
Prohibits
50. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
The Clark Wilson integrity model
Trusted Products Evaluation Program (TPEP)
Ring 3
Multitasking