Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Execute one instruction at a time.






2. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






3. The Biba Model adresses _____________________.






4. A set of objects that a subject is able to access






5. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


6. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






7. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






8. The Policy must be explicit and well defined and enforced by the mechanisms within the system






9. What does the simple security (ss) property mean in the Bell-LaPadula model?






10. Used by Windows systems to reserve the "Swap Space"






11. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






12. What prevents a process from accessing another process' data?






13. Which describe a condition when RAM and Secondary storage are used together?






14. The Bell-LaPadula Model is a _______________.






15. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






16. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






17. A system uses the Reference Monitor to ___________________ of a subject and an object?






18. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.






19. Intended for environments that require systems to handle classified data.






20. When a computer uses more than one CPU in parallel to execute instructions is known as?






21. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






22. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






23. The total combination of protection mechanisms within a computer system






24. Minimal Security






25. What does the simple integrity axiom mean in the Biba model?






26. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






27. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






28. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






30. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






31. A subject at a given clearance may not read an object at a higher classification






32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






33. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






34. Audit data must be captured and protected to enforce accountability






35. Simpler instructions that require fewer clock cycles to execute.






36. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






37. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






38. Operating System Kernel






39. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






40. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






41. Contains an Address of where the instruction and dara reside that need to be processed.






42. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection






43. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?






44. Which is a straightforward approach that provides access rights to subjects for objects?






45. Bell-LaPadula model was proposed for enforcing access control in _____________________.






46. Contains the ending address






47. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






48. What does the Clark-Wilson security model focus on






49. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






50. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.