SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Indexed memory addresses that software uses
Logical addresses
Totality of protection mechanisms
Multilevel Security Policies
Controlling unauthorized downgrading of information
2. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
The Strong star property rule
Implement software or systems in a production environment
Need-to-know
Orange Book - B2
3. The Policy must be explicit and well defined and enforced by the mechanisms within the system
The Thread (memory Management)
Security Policy - Orange Book
Orange Book C
B2 rating
4. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Models concerned with integrity
Simple Integrity Axiom
Identification - Orange Book
5. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Primary storage
The Clark Wilson integrity model
Fail safe
Life-cycle assurance - O/B
6. Which is a straightforward approach that provides access rights to subjects for objects?
A security domain
Life Cycle Assurance Requirement
Access Matrix model
Fail safe
7. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Dedicated Security Mode
Simple Security Rule
The Monolithic Operation system Architecture
Thrashing
8. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Firmware
The security perimeter
Higher or equal to access class
The trustworthiness of an information system
9. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Ring 1
The TCSEC - Aka Orange Book
Orange Book ratings
Its Clearance Label (Top Secret - Secret - or Confidential)
10. A set of objects that a subject is able to access
Buffer overflows
Multitasking
A Domain
Ring 3
11. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The "No read Up" rule
A Domain
Division B - Mandatory Protection Architecture
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
12. Which can be used as a covert channel?
Storage and timing
Primary storage
Execution Domain
Division D - Minimal Protection
13. Which Orange Book evaluation level is described as "Verified Design"?
Storage and timing
Mandatory access control
Relative Addresses
A1
14. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Ring 1
The Rule is talking about writing
The rule is talking about "Reading"
15. What does the simple security (ss) property mean in the Bell-LaPadula model?
The Thread (memory Management)
Controls the checks
Covert channels
No read up
16. The Reserved hard drive space used to to extend RAM capabilites.
Subject to Object Model
The Simple Security Property
Attributable - original - accurate - contemporaneous and legible
Swap Space
17. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
First evaluation class
Division D - Minimal Protection
Buffer (temporary data storage area)
Controls the checks
18. What are the components of an object's sensitivity label?
The Clark Wilson integrity model
Security Policy
Constrained
A single classification and a Compartment Set
19. Minimal Security
Types of covert channels
Trusted Products Evaluation Program (TPEP)
Certification
Orange Book - D
20. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The Rule is talking about writing
A1
The security perimeter
C1 - Discrection Security Protection is a type of environment
21. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Pagefile.sys file
Buffer overflows
Prevent secret information from being accessed
Division D - Minimal Protection
22. Contains the ending address
A Limit Register (Memory Management)
The National Computer Security Center (NCSC)
Access Matrix model
Evaluated separately
23. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
The National Computer Security Center (NCSC)
Subject to Object Model
The Simple Security Property
Programmable Read-Only Memory (PROM)
24. Discretionary protection
Orange Book C
Networks and Communications
The rule is talking about "Reading"
System High Security Mode
25. What access control technique is also known as multilevel security?
A1
B3 - Rating
Mandatory access control
The Integrity of data within applications
26. Access control labels must be associated properly with objects.
The reference monitor
Labels - Orange Book
Subject to Object Model
Complex Instruction Set Computers (CISC)
27. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Life-cycle assurance - O/B
B1
A and B
Trusted Network Interpretation (TNI)
28. What is called the formal acceptance of the adequacy of a system's overall security by management?
Orange Book - B1
Dominate the object's sensitivity label
Prevent secret information from being accessed
Accreditation
29. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Scalar processors
B3
Ring 1
Buffer (temporary data storage area)
30. The *-Property rule is refered to as ____________.
Security mechanisms and evalautes their effectivenes
The National Computer Security Center (NCSC)
Stored in Reak Memory
The "No write Down" Rule
31. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
An abstract machine
Most commonly used approach
Security Policy - Orange Book
32. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Physical security
Reduced Instruction Set Computers (RISC)
Multilevel Security Policies
Orange Book - B1
33. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Swap Space
Basic Security Theorem (used in computer science) definition
Orange Book C
The Common Criteria
34. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Prevent secret information from being accessed
Absolute addresses
The Rule is talking about writing
The Strong star property rule
35. TCSEC provides a means to evaluate ______________________.
The Simple Security Property
The trustworthiness of an information system
Multiprocessing
Access control to the objects by the subjects
36. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
The Security Kernel
The security kernel
Access Matrix model
37. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
The Simple Security Property
Invocation Property
D
38. The group that oversees the processes of evaluation within TCSEC is?
Administrative declaration
Division C - Discretionary Protection
Trusted Products Evaluation Program (TPEP)
Ring 3
39. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The security perimeter
International Standard 15408
Erasable and Programmable Read-Only Memory (EPROM)
attributability
40. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The National Computer Security Center (NCSC)
Orange Book - A1
Trusted Distribution
The rule is talking about "Reading"
41. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
A and B
Firmware
Division C - Discretionary Protection
42. Based on a known address with an offset value applied.
Relative Addresses
Ring 3
The National Computer Security Center (NCSC)
No read down
43. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Identification - Orange Book
*-Integrity Axiom
Direct Addressing
44. When the RAM and secondary storage are combined the result is __________.
Subject to Object Model
Accountability - Orange Book
Buffer overflows
Virtual Memory
45. Data in Cache can be accessed much more quickly than Data
Orange Book interpretations
Stored in Reak Memory
B3
A1
46. The C2 evaluation class of the _________________ offers controlled access protection.
Orange Book - B2
Logical addresses
A Limit Register (Memory Management)
Trusted Network Interpretation (TNI)
47. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
No read down
Multilevel Security Policies
A Thread
The *-Property rule (Star property)
48. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
B3
C1
Division D - Minimal Protection
Attributable - original - accurate - contemporaneous and legible
49. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Orange Book interpretations
Be protected from modification
Clark-Wilson Model
C1 - Discrection Security Protection is a type of environment
50. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Subject to Object Model
B2 - Structured Protection
Basic Security Theorem (used in computer science) definition
B2
