SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When the RAM and secondary storage are combined the result is __________.
Logical addresses
Virtual Memory
Attributable data
The National Computer Security Center (NCSC)
2. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book - B3
Overt channel
The National Computer Security Center (NCSC)
Orange Book ratings
3. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Files - directories and devices
C2 - Controlled Access Protection
The Clark Wilson integrity model
The *-Property rule (Star property)
4. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Controlling unauthorized downgrading of information
Access Matrix model
B2 rating
5. What does the * (star) property mean in the Bell-LaPadula model?
B1 - Labeled Security rating
Primary storage
No write down
Virtual Memory
6. What are the components of an object's sensitivity label?
The trustworthiness of an information system
A single classification and a Compartment Set
Programmable Read-Only Memory (PROM)
C1
7. The Bell-LaPadula Model is a _______________.
Life Cycle Assurance Requirement
Subject to Object Model
The Strong star property rule
Direct Addressing
8. A type of memory used for High-speed writing and reading activities.
Accreditation
A Layered Operating System Architecure
Prevent secret information from being accessed
Cache Memory
9. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Constrained
An abstract machine
Covert channels
NOT Integrity
10. Minimal Security
Life Cycle Assurance Requirement
Orange Book - D
B1 - Labeled Security
In C2 - Controlled Access Protection environment
11. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Erasable and Programmable Read-Only Memory (EPROM)
Security Policy is clearly defined and documented
Ring 0
Pipelining
12. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
A single classification and a Compartment Set
The "No write Down" Rule
Controls the checks
13. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Discretionary Security Property (ds-property)
B3 - Security Domains
The Red Book
14. Which increases the performance in a computer by overlapping the steps of different instructions?
Orange Book interpretations
Covert channels
Swap Space
Pipelining
15. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
C2 - Controlled Access Protection
The Biba Model
Controlling unauthorized downgrading of information
Simple Integrity Axiom
16. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Firmware
Direct addressing
A Domain
17. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The TCSEC - Aka Orange Book
Orange Book - B1
The Common Criteria
Swap Space
18. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Multiprocessing
The reference monitor
Storage and timing
Orange Book - B3
19. A set of objects that a subject is able to access
C2 - Controlled Access Protection
Security Policy is clearly defined and documented
Logical addresses
A Domain
20. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
B3
B2
In C2 - Controlled Access Protection environment
Implement software or systems in a production environment
21. In the Bell-LaPadula Model the Object's Label contains ___________________.
C2
The Red Book
Need-to-know
Its classification label (Top Secret - Secret or confidential)
22. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Certification
Pipelining
Simple Integrity Axiom
C1 - Discretionary Security Protection
23. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
The TCSEC - Aka Orange Book
Scalar processors
Security rating B
First evaluation class
24. A Policy based control. All objects and systems have a sensitivity level assigned to them
Security rating B
Mandatory Access Control (MAC)
Direct Addressing
C2 - Controlled Access Protection
25. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
A1 - Rating
Clark-Wilson
attributability
Buffer (temporary data storage area)
26. The *-Property rule is refered to as ____________.
No write down
The "No write Down" Rule
'Dominate'
Swap Space
27. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
The reference monitor
Orange Book ratings
Pipelining
Networks and Communications
28. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Reduced Instruction Set Computers (RISC)
Need-to-know
Protection Rings Support
Swap Space
29. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Orange Book C
Trusted Network Interpretation (TNI)
Security mechanisms and evalautes their effectivenes
30. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Be protected from modification
Swap Space
Orange Book - B3
B2 rating
31. The security kernel is the mechanism that _____________ of the reference monitor concept.
A Domain
Sensitivity labels
Enforces the rules
Certification
32. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Mandatory access control
D
Ring 2
The Tranqulity principle (The Bell-LaPadula Model)
33. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Accreditation
C2 - Controlled Access Protection
Overt channel
Prevent secret information from being accessed
34. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Mandatory Access Control (MAC)
Isolate processes
Certification
NOT Integrity
35. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Examples of Layered Operating Systems
Indirect addressing
Higher or equal to access class
36. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
The National Computer Security Center (NCSC)
Continuous protection - O/B
Simple Integrity Axiom
37. Which TCSEC level first addresses object reuse?
C2
Discretionary Security Property (ds-property)
Simple Integrity Axiom
Orange Book interpretations
38. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
C2
Mandatory access control
Integrity
39. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Attributable - original - accurate - contemporaneous and legible
Attributable data
B2 - Structured Protection
40. When the contents of the address defined in the program's instruction is added to that of an index register.
Administrative declaration
Security Policy - Orange Book
Attributable - original - accurate - contemporaneous and legible
Indexed addressing
41. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Security Policy - Orange Book
Direct Addressing
Division D - Minimal Protection
42. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Highly secure systems (B2 - B3 and A1)
The Red Book
The security perimeter
43. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Division B - Mandatory Protection
The Red Book
An abstract machine
Buffer overflows
44. Contains the ending address
B3
A Limit Register (Memory Management)
Ring 1
No write down
45. Each data object must contain a classification label and each subject must have a clearance label.
A Thread
Firmware
Operational assurance requirements
B1 - Labeled Security
46. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Access Matrix model
Orange Book - B3
The Trusted Computing Base (TCB)
B1
47. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Be protected from modification
C1
The Common Criteria
Execution Domain
48. Contains the beginning address
Mandatory access control
NOT Integrity
A Base Register (Memory Management)
Constrained
49. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
The "No read Up" rule
B2
Multiprocessing
50. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Basic Security Theorem (used in computer science) definition
The "No read Up" rule
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Labels - Orange Book
