SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Should always trace to individuals responsible for observing and recording the data
The *-Property rule (Star property)
Attributable data
A Limit Register (Memory Management)
Trusted Distribution
2. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
C2 - Controlled Access Protection
The Tranqulity principle (The Bell-LaPadula Model)
The security perimeter
Indexed addressing
3. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
No read down
*-Integrity Axiom
Multitasking
Evaluated separately
4. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C2
A single classification and a Compartment Set
C1 - Discrection Security Protection is a type of environment
Pipelining
5. A domain of trust that shares a single security policy and single management
Virtual Memory
Documentation - Orange Book
A security domain
Controls the checks
6. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Life Cycle Assurance Requirement
A and B
The "No write Down" Rule
The *-Property rule (Star property)
7. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
The rule is talking about "Reading"
Life-cycle assurance - O/B
Identification - Orange Book
Access Matrix model
8. What prevents a process from accessing another process' data?
Mandatory Access Control (MAC)
Swap Space
Process isolation
attributability
9. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Stored in Reak Memory
Firmware
B2
The Evaluated Products List (EPL) with their corresponding rating
10. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Orange Book ratings
Clark-Wilson Model
Division B - Mandatory Protection
C1
11. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
C1 - Discretionary Security Protection
Orange Book C
Prevent secret information from being accessed
Security Policy
12. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Firmware
A Domain
Controls the checks
13. Each data object must contain a classification label and each subject must have a clearance label.
No read up
Multilevel Security Policies
No write down
B1 - Labeled Security
14. Used by Windows systems to reserve the "Swap Space"
Sensitivity labels
B1
Pagefile.sys file
Orange Book - B3
15. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
The Monolithic Operation system Architecture
The "No read Up" rule
B3
16. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
security protection mechanisms
A and B
B3 - Rating
Security Policy
17. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Virtual storage
Mandatory Access Control (MAC)
B2 - Structured Protection
Division B - Mandatory Protection
18. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
A security domain
Trusted Distribution
Orange Book - B3
Continuous protection - O/B
19. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
The Monolithic Operation system Architecture
Ring 1
Storage and timing
20. Which is a straightforward approach that provides access rights to subjects for objects?
Overt channel
Access Matrix model
Trusted Network Interpretation (TNI)
Complex Instruction Set Computers (CISC)
21. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Simple Security Rule
Division B - Mandatory Protection Architecture
International Standard 15408
Indexed addressing
22. When a vendor submits a product for evaluation - it submits it to the ____________.
Mandatory access control
The National Computer Security Center (NCSC)
Trusted facility management
Indexed addressing
23. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Strong star property rule
Complex Instruction Set Computers (CISC)
The Rule is talking about writing
Access control to the objects by the subjects
24. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
The security kernel
Assigned labels
The Monolithic Operation system Architecture
25. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
attributability
Reduced Instruction Set Computers (RISC)
Orange Book - B2
Pipelining
26. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Disclosure of residual data
Life Cycle Assurance Requirement
Cache Memory
27. What model use an access control triples and requires that the system maintain separation of duty ?
Ring 1
Trusted Network Interpretation (TNI)
The *-Property rule (Star property)
Clark-Wilson
28. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
B3 - Rating
Ring 1
Constrained
security protection mechanisms
29. What does the Clark-Wilson security model focus on
Continuous protection - O/B
The Monolithic Operation system Architecture
Integrity
Polyinstantiation
30. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
Models concerned with integrity
'Dominate'
The Strong star property rule
31. The Physical memory address that the CPU uses
Multitasking
Pagefile.sys file
Dedicated Security Mode
Absolute addresses
32. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Examples of Layered Operating Systems
C2 - Controlled Access Protection
Execution Domain
Division D - Minimal Protection
33. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Higher or equal to access class
A Limit Register (Memory Management)
The rule is talking about "Reading"
Security Policy - Orange Book
34. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Buffer (temporary data storage area)
Dedicated Security Mode
B2 rating
The rule is talking about "Reading"
35. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
A single classification and a Compartment Set
The Clark Wilson integrity model
The "No read Up" rule
B2
36. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Process isolation
B2 rating
Orange Book ratings
The TCSEC - Aka Orange Book
37. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Orange Book interpretations
Integrity
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
38. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Implement software or systems in a production environment
Mandatory access control
Clark-Wilson Model
39. Which Orange Book evaluation level is described as "Verified Design"?
Networks and Communications
B3 - Rating
A1
B1 - Labeled Security rating
40. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. Mandatory Access requires that _____________ be attached to all objects.
The Strong star property rule
Totality of protection mechanisms
C1 - Discretionary Security Protection
Sensitivity labels
42. The Indexed memory addresses that software uses
D
Orange Book - D
Orange Book - B2
Logical addresses
43. What does the simple integrity axiom mean in the Biba model?
Pipelining
No read up
Government and military applications
No read down
44. The Orange book does NOT Cover ________________ - And Database management systems
B2
Networks and Communications
Execution Domain
Continuous protection - O/B
45. In access control terms - the word "dominate" refers to ___________.
Simple Integrity Axiom
Disclosure of residual data
Process isolation
Higher or equal to access class
46. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
47. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
B3 - Security Domains
The Red Book
48. Documentation must be provided - including test - design - and specification document - user guides and manuals
The Security Kernel
Implement software or systems in a production environment
Documentation - Orange Book
Networks and Communications
49. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
Multiprocessing
Trusted Network Interpretation (TNI)
The *-Property rule (Star property)
50. The Bell-LaPadula model Subjects and Objects are ___________.
The TCSEC - Aka Orange Book
Orange Book - A1
A Limit Register (Memory Management)
Assigned labels
