SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Permits a database to have two records that are identical except for Their classifications
Orange Book - B3
'Dominate'
Polyinstantiation
attributability
2. Used by Windows systems to reserve the "Swap Space"
Pagefile.sys file
Execution Domain
The Trusted Computing Base (TCB)
Accreditation
3. Execute one instruction at a time.
Networks and Communications
A Thread
Clark-Wilson Model
Scalar processors
4. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Thrashing
Highly secure systems (B2 - B3 and A1)
Erasable and Programmable Read-Only Memory (EPROM)
5. The Indexed memory addresses that software uses
B3
Bell-LaPadula Model
Logical addresses
Evaluated separately
6. Documentation must be provided - including test - design - and specification document - user guides and manuals
Documentation - Orange Book
Ring 2
Orange Book C
Fail safe
7. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
The "No write Down" Rule
Orange Book - A1
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Secondary Storage
8. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Bell-LaPadula Model
Covert channels
Trusted Network Interpretation (TNI)
Programmable Read-Only Memory (PROM)
9. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Division B - Mandatory Protection Architecture
Buffer overflows
The rule is talking about "Reading"
Simple Security Rule
10. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Virtual storage
Assigned labels
A security kernel
Indirect addressing
11. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
The Simple Security Property
Programmable Read-Only Memory (PROM)
Bell-LaPadula Model
Absolute addresses
12. Which can be used as a covert channel?
Swap Space
Storage and timing
Accreditation
Orange Book C
13. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Evaluated separately
The TCSEC - Aka Orange Book
C2 - Controlled Access Protection
Erasable and Programmable Read-Only Memory (EPROM)
14. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
The Clark Wilson integrity model
Multilevel Security Policies
Indexed addressing
15. The Orange book does NOT Cover ________________ - And Database management systems
Enforces the rules
Networks and Communications
Access control to the objects by the subjects
Security Policy - Orange Book
16. What does the * (star) property mean in the Bell-LaPadula model?
Accreditation
A single classification and a Compartment Set
B3 - Rating
No write down
17. Simpler instructions that require fewer clock cycles to execute.
Most commonly used approach
Clark-Wilson Model
Reduced Instruction Set Computers (RISC)
Be protected from modification
18. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Discretionary Security Property (ds-property)
Logical addresses
Integrity
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
19. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
B3
Swap Space
C2
TCB (Trusted Computing Base)
20. Which would be designated as objects on a MAC system?
Attributable data
The TCSEC - Aka Orange Book
Firmware
Files - directories and devices
21. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Trusted Network Interpretation (TNI)
Evaluated separately
Documentation - Orange Book
C1 - Discrection Security Protection is a type of environment
22. What are the components of an object's sensitivity label?
The "No read Up" rule
A single classification and a Compartment Set
Multilevel Security Policies
Mandatory Access Control (MAC)
23. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Certification
Thrashing
The reference monitor
System High Security Mode
24. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Dominate the object's sensitivity label
C1 - Discrection Security Protection is a type of environment
B3 - Security Domains
The Thread (memory Management)
25. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
Indirect addressing
The Trusted Computing Base (TCB)
A Limit Register (Memory Management)
26. As per FDA data should be ______________________________.
Virtual storage
Totality of protection mechanisms
Polyinstantiation
Attributable - original - accurate - contemporaneous and legible
27. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Operational assurance requirements
The "No write Down" Rule
A and B
Government and military applications
28. Mandatory access control is enfored by the use of security labels.
Dedicated Security Mode
Invocation Property
Life-cycle assurance - O/B
Division B - Mandatory Protection
29. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Polyinstantiation
C1 - Discrection Security Protection is a type of environment
Highly secure systems (B2 - B3 and A1)
Multilevel Security Policies
30. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
B1
C1
Overt channel
31. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Evaluated separately
B3 - Rating
No read down
32. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Mandatory access control
Programmable Read-Only Memory (PROM)
Covert channels
Buffer (temporary data storage area)
33. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Virtual Memory
Indirect addressing
Controlling unauthorized downgrading of information
Physical security
34. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Isolate processes
System High Security Mode
Reduced Instruction Set Computers (RISC)
35. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Virtual Memory
Swap Space
TCB (Trusted Computing Base)
The Clark Wilson integrity model
36. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
*-Integrity Axiom
attributability
State machine model
37. The C2 evaluation class of the _________________ offers controlled access protection.
C2
Trusted Network Interpretation (TNI)
Ring 3
No read up
38. Which uses Protection Profiles and Security Targets?
A single classification and a Compartment Set
The trustworthiness of an information system
Direct addressing
International Standard 15408
39. Remaining parts of the operating system
Pagefile.sys file
The "No read Up" rule
Ring 1
security protection mechanisms
40. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Security mechanisms and evalautes their effectivenes
B3 - Rating
Indexed addressing
Virtual storage
41. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Primary storage
Attributable - original - accurate - contemporaneous and legible
Examples of Layered Operating Systems
42. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
The Biba Model
Process isolation
The reference monitor
43. Trusted facility management is an assurance requirement only for ________________.
The Clark Wilson integrity model
Controlling unauthorized downgrading of information
TCB (Trusted Computing Base)
Highly secure systems (B2 - B3 and A1)
44. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Invocation Property
Security Policy is clearly defined and documented
Dominate the object's sensitivity label
45. Contains the ending address
The security perimeter
Swap Space
Constrained
A Limit Register (Memory Management)
46. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Secondary Storage
Discretionary Security Property (ds-property)
All Mandatory Access Control (MAC) systems
Mandatory access control
47. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Ring 0
Accountability - Orange Book
C1 - Discretionary Security Protection
Invocation Property
48. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Invocation Property
Basic Security Theorem (used in computer science) definition
Trusted facility management
49. Which is a straightforward approach that provides access rights to subjects for objects?
A1 - Rating
Multilevel Security Policies
Orange Book B
Access Matrix model
50. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Ring 1
C2 - Controlled Access Protection
NOT Integrity
Execution Domain
