SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
B2 - Structured Protection
Swap Space
Subject to Object Model
B3
2. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
The reference monitor
Examples of Layered Operating Systems
Most commonly used approach
3. What model use an access control triples and requires that the system maintain separation of duty ?
Clark-Wilson
The Rule is talking about writing
A security domain
B3 - Security Domains
4. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
C1 - Discretionary Security Protection
Attributable - original - accurate - contemporaneous and legible
Physical security
Division C - Discretionary Protection
5. Should always trace to individuals responsible for observing and recording the data
Virtual storage
Attributable data
B1 - Labeled Security rating
A lattice of Intergrity Levels
6. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
D
Division B - Mandatory Protection
Process isolation
The security kernel
7. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Certification
Dominate the object's sensitivity label
The Trusted Computing Base (TCB)
Simple Integrity Axiom
8. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Polyinstantiation
A Limit Register (Memory Management)
Access Matrix model
9. Data in Cache can be accessed much more quickly than Data
Bell-LaPadula Model
Orange Book interpretations
The *-Property rule (Star property)
Stored in Reak Memory
10. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
No read down
Division C - Discretionary Protection
The Red Book
A1 - Rating
11. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Implement software or systems in a production environment
In C2 - Controlled Access Protection environment
Primary storage
Controls the checks
12. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Models concerned with integrity
B3 - Rating
Integrity
Virtual Memory
13. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
The Evaluated Products List (EPL) with their corresponding rating
Real storage
Life Cycle Assurance Requirement
Types of covert channels
14. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
A Base Register (Memory Management)
The *-Property rule (Star property)
Indexed addressing
15. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
B2 rating
C2
The rule is talking about "Reading"
16. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Integrity
C2 - Controlled Access Protection
The Clark Wilson integrity model
17. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Buffer overflows
Labels - Orange Book
Highly secure systems (B2 - B3 and A1)
18. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
The rule is talking about "Reading"
Orange Book - B1
C1
19. Involves sharing the processor amoung all ready processes
B2
The Trusted Computing Base (TCB)
Multitasking
A security kernel
20. Which is an ISO standard product evaluation criteria that supersedes several different criteria
In C2 - Controlled Access Protection environment
security protection mechanisms
No read down
The Common Criteria
21. Which can be used as a covert channel?
Orange Book C
Storage and timing
Prohibits
The Integrity of data within applications
22. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Orange Book - B3
C1
Swap Space
The Biba Model
23. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Ring 0
C2 - Controlled Access Protection
The Rule is talking about writing
Sensitivity labels
24. A type of memory used for High-speed writing and reading activities.
Implement software or systems in a production environment
Cache Memory
Prohibits
Buffer overflows
25. What does the * (star) property mean in the Bell-LaPadula model?
Compare the security labels
Accountability - Orange Book
No write down
The "No read Up" rule
26. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Scalar processors
Life-cycle assurance - O/B
Division B - Mandatory Protection Architecture
The trustworthiness of an information system
28. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Dedicated Security Mode
A1
C1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
29. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Multilevel Security Policies
Execution Domain
Overt channel
Ring 0
30. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Ring 0
Continuous protection - O/B
Discretionary Security Property (ds-property)
Security rating B
31. Contains the beginning address
An abstract machine
Erasable and Programmable Read-Only Memory (EPROM)
B1
A Base Register (Memory Management)
32. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Isolate processes
Its classification label (Top Secret - Secret or confidential)
Security rating B
Most commonly used approach
33. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Constrained
Physical security
Reduced Instruction Set Computers (RISC)
The National Computer Security Center (NCSC)
34. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Swap Space
The Tranqulity principle (The Bell-LaPadula Model)
C1
Types of covert channels
35. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
security protection mechanisms
Labels - Orange Book
Dominate the object's sensitivity label
36. What does the Clark-Wilson security model focus on
Integrity
Government and military applications
Highly secure systems (B2 - B3 and A1)
A Thread
37. Which describe a condition when RAM and Secondary storage are used together?
Secondary Storage
Virtual storage
Types of covert channels
The Security Kernel
38. Contains the ending address
Mandatory access control
A Limit Register (Memory Management)
Identification - Orange Book
Absolute addresses
39. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Indexed addressing
B3
40. Used by Windows systems to reserve the "Swap Space"
The Monolithic Operation system Architecture
B1 - Labeled Security
Primary storage
Pagefile.sys file
41. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Invocation Property
Access Matrix model
First evaluation class
Simple Integrity Axiom
42. Execute one instruction at a time.
Division B - Mandatory Protection Architecture
Scalar processors
Labels - Orange Book
TCB (Trusted Computing Base)
43. Can be erased - modified and upgraded.
Access control to the objects by the subjects
The Common Criteria
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book B
44. Minimal Security
The "No write Down" Rule
Orange Book - D
Multitasking
Trusted Products Evaluation Program (TPEP)
45. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Dedicated Security Mode
B2 - Structured Protection
Indirect addressing
Buffer (temporary data storage area)
46. Access control labels must be associated properly with objects.
Labels - Orange Book
Security mechanisms and evalautes their effectivenes
C2 - Controlled Access Protection
Ring 0
47. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Most commonly used approach
No read down
A and B
Simple Security Rule
48. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Process isolation
Overt channel
State machine model
Orange Book B
49. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
State machine model
Complex Instruction Set Computers (CISC)
B3 - Security Domains
Division B - Mandatory Protection Architecture
50. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
B3 - Rating
Pipelining
The TCSEC - Aka Orange Book