SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
B3 - Rating
Access control to the objects by the subjects
Life-cycle assurance - O/B
Protection Rings Support
2. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Implement software or systems in a production environment
An abstract machine
A Thread
Totality of protection mechanisms
3. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Indirect addressing
A Domain
C2
Constrained
4. Mandatory access control is enfored by the use of security labels.
Orange Book ratings
Division B - Mandatory Protection
Buffer (temporary data storage area)
Storage and timing
5. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
B2 rating
Process isolation
A1
Most commonly used approach
6. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Controls the checks
C2 - Controlled Access Protection
7. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Physical security
B2
C2
8. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Covert channels
Certification
Attributable - original - accurate - contemporaneous and legible
Clark-Wilson
9. What does the * (star) property mean in the Bell-LaPadula model?
B1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Orange Book B
No write down
10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Division D - Minimal Protection
Multilevel Security Policies
An abstract machine
11. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Relative Addresses
Primary storage
Its Clearance Label (Top Secret - Secret - or Confidential)
12. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
The Rule is talking about writing
Absolute addresses
Orange Book ratings
Government and military applications
13. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
B2 - Structured Protection
C1
B1 - Labeled Security rating
C2 - Controlled Access Protection
14. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Clark-Wilson
Programmable Read-Only Memory (PROM)
Isolate processes
Ring 1
15. A system uses the Reference Monitor to ___________________ of a subject and an object?
Orange Book - A1
Compare the security labels
Simple Security Rule
Be protected from modification
16. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Subject to Object Model
First evaluation class
C1
17. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Virtual storage
Attributable - original - accurate - contemporaneous and legible
Access control to the objects by the subjects
Stored in Reak Memory
18. In the Bell-LaPadula Model the Object's Label contains ___________________.
Controlling unauthorized downgrading of information
Labels - Orange Book
Simple Security Rule
Its classification label (Top Secret - Secret or confidential)
19. Verification Protection
No read up
Orange Book A
An abstract machine
Its Clearance Label (Top Secret - Secret - or Confidential)
20. Based on a known address with an offset value applied.
Relative Addresses
The security kernel
Evaluated separately
International Standard 15408
21. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Access Matrix model
Administrative declaration
Attributable data
22. The Security Model Incorporates the ____________ that should be enforced in the system.
The "No write Down" Rule
The Rule is talking about writing
B3
Security Policy
23. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Security Policy
The National Computer Security Center (NCSC)
Trusted Distribution
Accountability - Orange Book
24. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Absolute addresses
Operational assurance requirements
A Base Register (Memory Management)
An abstract machine
25. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
Identification - Orange Book
B1 - Labeled Security
Clark-Wilson Model
26. Audit data must be captured and protected to enforce accountability
Physical security
Erasable and Programmable Read-Only Memory (EPROM)
Accountability - Orange Book
Enforces the rules
27. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Physical security
Programmable Read-Only Memory (PROM)
Be protected from modification
The security kernel
28. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
'Dominate'
Orange Book - B3
Controls the checks
A security domain
29. Mandatory Protection
Examples of Layered Operating Systems
Clark-Wilson Model
C1
Orange Book B
30. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The trustworthiness of an information system
The Strong star property rule
Prevent secret information from being accessed
Files - directories and devices
31. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
International Standard 15408
Evaluated separately
Simple Security Rule
32. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
The Strong star property rule
Security mechanisms and evalautes their effectivenes
Execution Domain
Security rating B
33. Execute one instruction at a time.
Ring 2
Storage and timing
Scalar processors
NOT Integrity
34. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Dedicated Security Mode
Swap Space
Clark-Wilson
35. Which TCSEC level first addresses object reuse?
C2
'Dominate'
In C2 - Controlled Access Protection environment
Thrashing
36. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Attributable data
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
A and B
37. What does the Clark-Wilson security model focus on
Ring 0
Highly secure systems (B2 - B3 and A1)
Integrity
System High Security Mode
38. Applications and user activity
Ring 3
Orange Book ratings
The Simple Security Property
The rule is talking about "Reading"
39. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Firmware
C2
Security Policy
40. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
Discretionary Security Property (ds-property)
The security perimeter
Government and military applications
41. Users need to be Identified individually to provide more precise acces control and auditing functionality.
'Dominate'
Administrative declaration
A and B
C2 - Controlled Access Protection
42. The Bell-LaPadula model Subjects and Objects are ___________.
The Common Criteria
C1 - Discrection Security Protection is a type of environment
Assigned labels
Scalar processors
43. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Security Policy
Thrashing
Continuous protection - O/B
Evaluated separately
44. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
C1 - Discrection Security Protection is a type of environment
Disclosure of residual data
Reduced Instruction Set Computers (RISC)
45. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
The Biba Model
Trusted hardware - Software and Firmware
Scalar processors
Fail safe
46. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Accreditation
Multilevel Security Policies
Polyinstantiation
Overt channel
47. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
In C2 - Controlled Access Protection environment
Stored in Reak Memory
Compare the security labels
Fail safe
48. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Bell-LaPadula Model
Storage and timing
Swap Space
49. Which increases the performance in a computer by overlapping the steps of different instructions?
Real storage
Pipelining
C2 - Controlled Access Protection
Prohibits
50. When the contents of the address defined in the program's instruction is added to that of an index register.
Attributable - original - accurate - contemporaneous and legible
Indexed addressing
Life-cycle assurance - O/B
Examples of Layered Operating Systems
