Test your basic knowledge |

CISSP Security Architecture And Design

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The TCSEC - Aka Orange Book
The Monolithic Operation system Architecture
A security kernel

2. The Indexed memory addresses that software uses
Logical addresses
Division D - Minimal Protection
Ring 2
The *-Property rule (Star property)

3. The security kernel is the mechanism that _____________ of the reference monitor concept.
Orange Book A
Highly secure systems (B2 - B3 and A1)
B3 - Security Domains
Enforces the rules

4. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
In C2 - Controlled Access Protection environment
Reduced Instruction Set Computers (RISC)
Examples of Layered Operating Systems
security protection mechanisms

5. The assignment of a specific individual to administer the security-related functions of a system.
Firmware
B2 rating
Trusted Network Interpretation (TNI)
Trusted facility management

6. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Evaluated separately
C1
'Dominate'
Pagefile.sys file

7. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Dedicated Security Mode
Ring 2
The Monolithic Operation system Architecture
Thrashing

8. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Simple Security Rule
No read up
Orange Book C

9. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
System High Security Mode
Its Clearance Label (Top Secret - Secret - or Confidential)
Access control to the objects by the subjects

10. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Highly secure systems (B2 - B3 and A1)
Security Policy - Orange Book
Fail safe
Swap Space

11. TCB contains The Security Kernel and all ______________.
The security perimeter
Scalar processors
Ring 0
security protection mechanisms

12. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Disclosure of residual data
Dedicated Security Mode
Pipelining

13. System Architecture that separates system functionality into Hierarchical layers
Trusted hardware - Software and Firmware
Relative Addresses
Execution Domain
A Layered Operating System Architecure

14. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
In C2 - Controlled Access Protection environment
Examples of Layered Operating Systems
Primary storage

15. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Security Policy - Orange Book
Overt channel
The TCSEC - Aka Orange Book
No read down

16. Contains the ending address
A Limit Register (Memory Management)
The Biba Model
B1 - Labeled Security rating
B1

17. The Security Model Incorporates the ____________ that should be enforced in the system.
The security perimeter
Trusted Products Evaluation Program (TPEP)
Security Policy
Integrity

18. Each data object must contain a classification label and each subject must have a clearance label.
Accountability - Orange Book
Types of covert channels
Constrained
B1 - Labeled Security

19. The Simple Security rule is refered to as______________.
Be protected from modification
Dominate the object's sensitivity label
Isolate processes
The "No read Up" rule

20. The Bell-LaPadula model Subjects and Objects are ___________.
Division B - Mandatory Protection
Mandatory access control
Life-cycle assurance - O/B
Assigned labels

21. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
All Mandatory Access Control (MAC) systems
B3 - Rating
Direct addressing
NOT Integrity

22. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
Administrative declaration
The National Computer Security Center (NCSC)
Attributable - original - accurate - contemporaneous and legible

23. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Multitasking
Firmware
Security mechanisms and evalautes their effectivenes
C2

24. The *-Property rule is refered to as ____________.
Security mechanisms and evalautes their effectivenes
TCB (Trusted Computing Base)
The "No write Down" Rule
Real storage

25. The combination of RAM - Cache and the Processor Registers
Primary storage
No write down
Documentation - Orange Book
The Security Kernel

26. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
B3 - Security Domains
B3
The Strong star property rule
Prohibits

27. Which TCSEC level first addresses object reuse?
Overt channel
Physical security
C2
Polyinstantiation

28. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
C1
'Dominate'
Controlling unauthorized downgrading of information
Buffer (temporary data storage area)

29. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The "No read Up" rule
The Tranqulity principle (The Bell-LaPadula Model)
Accreditation
Trusted Distribution

30. What access control technique is also known as multilevel security?
B1
Mandatory access control
Pipelining
Identification - Orange Book

31. When the RAM and secondary storage are combined the result is __________.
A Domain
A lattice of Intergrity Levels
Security rating B
Virtual Memory

32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Swap Space
Security rating B
attributability
The rule is talking about "Reading"

33. Simpler instructions that require fewer clock cycles to execute.
The Monolithic Operation system Architecture
The security kernel
Reduced Instruction Set Computers (RISC)
No read down

34. Based on a known address with an offset value applied.
Bell-LaPadula Model
Relative Addresses
A lattice of Intergrity Levels
Division C - Discretionary Protection

35. Which can be used as a covert channel?
Identification - Orange Book
Relative Addresses
Storage and timing
A lattice of Intergrity Levels

36. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Relative Addresses
System High Security Mode
Covert channels
Orange Book ratings

37. What does the Clark-Wilson security model focus on
Basic Security Theorem (used in computer science) definition
Ring 1
Administrative declaration
Integrity

38. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Security mechanisms and evalautes their effectivenes
Orange Book ratings
A Domain
Government and military applications

39. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Clark-Wilson
The Clark Wilson integrity model
Administrative declaration
Swap Space

40. Remaining parts of the operating system
Ring 1
The TCSEC - Aka Orange Book
Invocation Property
Access Matrix model

41. Which uses Protection Profiles and Security Targets?
International Standard 15408
C2
The Monolithic Operation system Architecture
Programmable Read-Only Memory (PROM)

42. What is called the formal acceptance of the adequacy of a system's overall security by management?
State machine model
Security mechanisms and evalautes their effectivenes
C2 - Controlled Access Protection
Accreditation

43. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
Orange Book - A1
A Layered Operating System Architecure
B2

44. Audit data must be captured and protected to enforce accountability
The Thread (memory Management)
Accountability - Orange Book
International Standard 15408
A security kernel

45. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

46. Which is a straightforward approach that provides access rights to subjects for objects?
Implement software or systems in a production environment
Access Matrix model
All Mandatory Access Control (MAC) systems
Direct addressing

47. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Its classification label (Top Secret - Secret or confidential)
Clark-Wilson
Administrative declaration
A security kernel

48. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Programmable Read-Only Memory (PROM)
The Evaluated Products List (EPL) with their corresponding rating
A and B

49. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Orange Book interpretations
Physical security
Trusted Network Interpretation (TNI)
C2 - Controlled Access Protection

50. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
First evaluation class
The National Computer Security Center (NCSC)
Thrashing

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

CISSP Security Architecture And Design

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests