SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contains the ending address
A Layered Operating System Architecure
C2 - Controlled Access Protection
Orange Book ratings
A Limit Register (Memory Management)
2. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Disclosure of residual data
Orange Book A
Need-to-know
Physical security
3. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Evaluated separately
Models concerned with integrity
Clark-Wilson
4. When the contents of the address defined in the program's instruction is added to that of an index register.
C1
Indexed addressing
State machine model
The National Computer Security Center (NCSC)
5. Which uses Protection Profiles and Security Targets?
The TCSEC - Aka Orange Book
Orange Book - B1
Dedicated Security Mode
International Standard 15408
6. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Multiprocessing
Trusted hardware - Software and Firmware
Security rating B
The Common Criteria
7. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Government and military applications
Security mechanisms and evalautes their effectivenes
The Strong star property rule
Direct Addressing
8. When the address location that is specified in the program instruction contains the address of the final desired location.
Indirect addressing
Attributable - original - accurate - contemporaneous and legible
Swap Space
Government and military applications
9. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Controls the checks
B1
Models concerned with integrity
10. The Indexed memory addresses that software uses
Life Cycle Assurance Requirement
B2 rating
Logical addresses
Its Clearance Label (Top Secret - Secret - or Confidential)
11. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
C2 - Controlled Access Protection
Controlling unauthorized downgrading of information
Evaluated separately
No write down
12. What prevents a process from accessing another process' data?
Process isolation
Orange Book ratings
Sensitivity labels
Continuous protection - O/B
13. The Physical memory address that the CPU uses
Absolute addresses
C2
Ring 1
Virtual storage
14. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Covert channels
The security kernel
Implement software or systems in a production environment
Constrained
15. Mandatory Protection
The Evaluated Products List (EPL) with their corresponding rating
Orange Book B
Covert channels
Ring 3
16. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
attributability
Clark-Wilson Model
Invocation Property
17. Bell-LaPadula model was proposed for enforcing access control in _____________________.
System High Security Mode
Government and military applications
Orange Book C
Sensitivity labels
18. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book - B2
Highly secure systems (B2 - B3 and A1)
Orange Book ratings
Polyinstantiation
19. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Security rating B
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Clark-Wilson Model
Simple Security Rule
20. In access control terms - the word "dominate" refers to ___________.
In C2 - Controlled Access Protection environment
Security rating B
Higher or equal to access class
Isolate processes
21. A set of objects that a subject is able to access
Higher or equal to access class
A Domain
Scalar processors
The National Computer Security Center (NCSC)
22. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
No write down
Dedicated Security Mode
The Clark Wilson integrity model
D
23. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
State machine model
The Red Book
Orange Book - B3
24. Which can be used as a covert channel?
The Strong star property rule
Security rating B
Storage and timing
TCB (Trusted Computing Base)
25. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Indirect addressing
Orange Book - A1
The Simple Security Property
A and B
26. The group that oversees the processes of evaluation within TCSEC is?
Most commonly used approach
State machine model
Trusted Products Evaluation Program (TPEP)
Operational assurance requirements
27. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division D - Minimal Protection
Division B - Mandatory Protection Architecture
Prohibits
Pipelining
28. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Security Policy is clearly defined and documented
C2
Continuous protection - O/B
Need-to-know
29. The subject must have Need to Know for ONLY the information they are trying to access.
Division B - Mandatory Protection Architecture
Orange Book interpretations
Attributable data
System High Security Mode
30. Should always trace to individuals responsible for observing and recording the data
Real storage
Multitasking
C1
Attributable data
31. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
Mandatory Access Control (MAC)
Secondary Storage
Access control to the objects by the subjects
32. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Multilevel Security Policies
Mandatory Access Control (MAC)
Enforces the rules
Discretionary Security Property (ds-property)
33. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
The National Computer Security Center (NCSC)
Complex Instruction Set Computers (CISC)
Direct addressing
Overt channel
34. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Isolate processes
Access Matrix model
attributability
Orange Book C
35. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
The Tranqulity principle (The Bell-LaPadula Model)
Bell-LaPadula Model
Trusted Network Interpretation (TNI)
C1 - Discrection Security Protection is a type of environment
36. Individual subjects must be uniquely identified.
B1 - Labeled Security rating
Identification - Orange Book
Multilevel Security Policies
The *-Property rule (Star property)
37. Audit data must be captured and protected to enforce accountability
Thrashing
Types of covert channels
Accountability - Orange Book
Ring 1
38. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
First evaluation class
The security kernel
Files - directories and devices
Pipelining
39. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
The Common Criteria
Execution Domain
Compare the security labels
40. The security kernel is the mechanism that _____________ of the reference monitor concept.
The Strong star property rule
Isolate processes
Enforces the rules
Direct Addressing
41. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
The Monolithic Operation system Architecture
Multilevel Security Policies
Prevent secret information from being accessed
B3
42. The Bell-LaPadula model Subjects and Objects are ___________.
*-Integrity Axiom
Implement software or systems in a production environment
Assigned labels
C2 - Controlled Access Protection
43. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
A Limit Register (Memory Management)
B2 rating
Its Clearance Label (Top Secret - Secret - or Confidential)
44. When the RAM and secondary storage are combined the result is __________.
Execution Domain
Integrity
Virtual Memory
The Trusted Computing Base (TCB)
45. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Execution Domain
Orange Book A
Trusted Distribution
C2
46. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Security Policy is clearly defined and documented
Highly secure systems (B2 - B3 and A1)
The National Computer Security Center (NCSC)
47. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Invocation Property
B1
B3 - Security Domains
Ring 0
48. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
The National Computer Security Center (NCSC)
Labels - Orange Book
Totality of protection mechanisms
49. Mediates all access and Functions between subjects and objects.
The Security Kernel
Orange Book - B3
The National Computer Security Center (NCSC)
Security Policy - Orange Book
50. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
A Layered Operating System Architecure
Security Policy is clearly defined and documented
Division B - Mandatory Protection Architecture
Prevent secret information from being accessed
