Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Used by Windows systems to reserve the "Swap Space"






2. A subject at a given clearance may not read an object at a higher classification






3. Execute one instruction at a time.






4. Which increases the performance in a computer by overlapping the steps of different instructions?






5. Audit data must be captured and protected to enforce accountability






6. All users have a clearance for and a formal need to know about - all data processed with the system.






7. The Bell-LaPadula Model is a _______________.






8. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






9. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






10. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






11. I/O drivers and utilities






12. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






13. Permits a database to have two records that are identical except for Their classifications






14. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






15. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






16. The security kernel is the mechanism that _____________ of the reference monitor concept.






17. A system uses the Reference Monitor to ___________________ of a subject and an object?






18. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






19. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






20. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.






21. Which describe a condition when RAM and Secondary storage are used together?






22. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






23. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






24. What model use an access control triples and requires that the system maintain separation of duty ?






25. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






26. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






27. Verification Protection






28. Operating System Kernel






29. Mandatory access control is enfored by the use of security labels.






30. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






31. Users need to be Identified individually to provide more precise acces control and auditing functionality.






32. The Policy must be explicit and well defined and enforced by the mechanisms within the system






33. The Orange book does NOT Cover ________________ - And Database management systems






34. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






35. Based on a known address with an offset value applied.






36. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






37. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






38. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






39. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






40. Each data object must contain a classification label and each subject must have a clearance label.






41. Which would be designated as objects on a MAC system?






42. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






43. In the Bell-LaPadula Model the Object's Label contains ___________________.






44. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.






45. What is called the formal acceptance of the adequacy of a system's overall security by management?






46. When a portion of primary memory is accessed by specifying the actual address of the memory location






47. The Bell-LaPadula model Subjects and Objects are ___________.






48. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






49. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


50. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities