Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Bell-LaPadula model was proposed for enforcing access control in _____________________.






2. According to the Orange Book - trusted facility management is not required for which security levels?






3. What does the Clark-Wilson security model focus on






4. TCSEC provides a means to evaluate ______________________.






5. Users need to be Identified individually to provide more precise acces control and auditing functionality.






6. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






7. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when






8. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






9. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






10. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






11. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






12. What does the simple integrity axiom mean in the Biba model?






13. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






14. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






15. The assignment of a specific individual to administer the security-related functions of a system.






16. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






17. A system uses the Reference Monitor to ___________________ of a subject and an object?






18. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






19. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






20. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






21. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






22. What prevents a process from accessing another process' data?






23. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






24. Each data object must contain a classification label and each subject must have a clearance label.






25. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






26. Individual subjects must be uniquely identified.






27. The total combination of protection mechanisms within a computer system






28. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






29. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






30. Involves sharing the processor amoung all ready processes






31. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






32. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






33. When the RAM and secondary storage are combined the result is __________.






34. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






35. What does the simple security (ss) property mean in the Bell-LaPadula model?






36. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






37. Which is a straightforward approach that provides access rights to subjects for objects?






38. A domain of trust that shares a single security policy and single management






39. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






40. TCB contains The Security Kernel and all ______________.






41. Which in the Orange Book ratings represents the highest level of trust?






42. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






43. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






44. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






45. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






46. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






47. Permits a database to have two records that are identical except for Their classifications






48. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






50. Verification Protection