SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
B2 rating
Swap Space
'Dominate'
Constrained
2. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
Reduced Instruction Set Computers (RISC)
Evaluated separately
The security perimeter
3. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A and B
A1 - Rating
Cache Memory
Erasable and Programmable Read-Only Memory (EPROM)
4. The Indexed memory addresses that software uses
A Domain
Logical addresses
Need-to-know
C2 - Controlled Access Protection
5. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Be protected from modification
The *-Property rule (Star property)
Fail safe
C1 - Discretionary Security Protection
6. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
Security Policy - Orange Book
The Red Book
Sensitivity labels
TCB (Trusted Computing Base)
7. The Simple Security rule is refered to as______________.
The "No read Up" rule
A security domain
B3
The National Computer Security Center (NCSC)
8. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
B2 rating
Life-cycle assurance - O/B
Protection Rings Support
9. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
D
Controls the checks
Fail safe
10. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Be protected from modification
Its Clearance Label (Top Secret - Secret - or Confidential)
Physical security
The Clark Wilson integrity model
11. Contains the beginning address
A Base Register (Memory Management)
C2
Orange Book - B1
Orange Book C
12. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
Secondary Storage
In C2 - Controlled Access Protection environment
TCB (Trusted Computing Base)
13. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The Trusted Computing Base (TCB)
C1
Ring 3
Prevent secret information from being accessed
14. Simpler instructions that require fewer clock cycles to execute.
Simple Security Rule
Process isolation
Reduced Instruction Set Computers (RISC)
The National Computer Security Center (NCSC)
15. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
C2
Security Policy - Orange Book
Labels - Orange Book
16. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Security Policy - Orange Book
Overt channel
Identification - Orange Book
17. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
The Strong star property rule
Life Cycle Assurance Requirement
attributability
Implement software or systems in a production environment
18. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
All Mandatory Access Control (MAC) systems
Simple Security Rule
C1
The Rule is talking about writing
19. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
State machine model
Pagefile.sys file
A Layered Operating System Architecure
Trusted Distribution
20. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
System High Security Mode
Direct Addressing
Division B - Mandatory Protection Architecture
The security perimeter
21. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
A security kernel
Simple Integrity Axiom
Dedicated Security Mode
security protection mechanisms
22. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
Disclosure of residual data
Orange Book - A1
An abstract machine
The Common Criteria
23. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Attributable - original - accurate - contemporaneous and legible
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Most commonly used approach
Multitasking
24. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
25. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Administrative declaration
B3 - Security Domains
B3
26. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Compare the security labels
B2 - Structured Protection
An abstract machine
27. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
Security Policy - Orange Book
Discretionary Security Property (ds-property)
All Mandatory Access Control (MAC) systems
28. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Bell-LaPadula Model
Prevent secret information from being accessed
B2 rating
29. A type of memory used for High-speed writing and reading activities.
Polyinstantiation
Direct addressing
Cache Memory
Examples of Layered Operating Systems
30. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Covert channels
The Trusted Computing Base (TCB)
Protection Rings Support
C1
31. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B3
Orange Book - D
Certification
Firmware
32. TCB contains The Security Kernel and all ______________.
Multitasking
Orange Book - B2
A single classification and a Compartment Set
security protection mechanisms
33. A set of objects that a subject is able to access
Controlling unauthorized downgrading of information
A Domain
Virtual storage
Accountability - Orange Book
34. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Ring 3
Controls the checks
Overt channel
C2 - Controlled Access Protection
35. Contains an Address of where the instruction and dara reside that need to be processed.
A Limit Register (Memory Management)
An abstract machine
The Thread (memory Management)
The Trusted Computing Base (TCB)
36. Discretionary protection
Trusted hardware - Software and Firmware
Orange Book B
Orange Book C
Orange Book - A1
37. Individual subjects must be uniquely identified.
The *-Property rule (Star property)
Constrained
Identification - Orange Book
Orange Book B
38. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Government and military applications
Prevent secret information from being accessed
Disclosure of residual data
39. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
B3
The Monolithic Operation system Architecture
Sensitivity labels
C1 - Discrection Security Protection is a type of environment
40. Used by Windows systems to reserve the "Swap Space"
The Clark Wilson integrity model
Prohibits
No write down
Pagefile.sys file
41. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Dominate the object's sensitivity label
The Trusted Computing Base (TCB)
Enforces the rules
42. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Real storage
The TCSEC - Aka Orange Book
'Dominate'
43. Which Orange Book evaluation level is described as "Verified Design"?
International Standard 15408
Security rating B
Multilevel Security Policies
A1
44. Remaining parts of the operating system
Highly secure systems (B2 - B3 and A1)
Ring 1
C2
Constrained
45. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Protection Rings Support
A1
First evaluation class
A Base Register (Memory Management)
46. Mediates all access and Functions between subjects and objects.
The Security Kernel
Models concerned with integrity
Direct addressing
B3 - Security Domains
47. What model use an access control triples and requires that the system maintain separation of duty ?
A Domain
Clark-Wilson
B3
Access Matrix model
48. System Architecture that separates system functionality into Hierarchical layers
B2 - Structured Protection
A Layered Operating System Architecure
Bell-LaPadula Model
Implement software or systems in a production environment
49. When the contents of the address defined in the program's instruction is added to that of an index register.
Dedicated Security Mode
Bell-LaPadula Model
Reduced Instruction Set Computers (RISC)
Indexed addressing
50. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Reduced Instruction Set Computers (RISC)
Physical security
The rule is talking about "Reading"
The *-Property rule (Star property)