SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which uses Protection Profiles and Security Targets?
Orange Book - D
C1 - Discrection Security Protection is a type of environment
International Standard 15408
TCB (Trusted Computing Base)
2. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
B2
Orange Book A
Secondary Storage
Swap Space
3. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
A Thread
Sensitivity labels
Dedicated Security Mode
Orange Book ratings
4. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
TCB (Trusted Computing Base)
A Layered Operating System Architecure
The trustworthiness of an information system
5. Happen because input data is not checked for appropriate length at time of input
Orange Book - A1
A Thread
Buffer overflows
Orange Book - D
6. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
B1 - Labeled Security rating
Dedicated Security Mode
Firmware
Storage and timing
7. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Highly secure systems (B2 - B3 and A1)
Reduced Instruction Set Computers (RISC)
Bell-LaPadula Model
Direct addressing
8. Intended for environments that require systems to handle classified data.
Accreditation
B1 - Labeled Security rating
*-Integrity Axiom
B1
9. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Evaluated separately
Storage and timing
B3
C2
10. Which describe a condition when RAM and Secondary storage are used together?
The Red Book
Virtual storage
Secondary Storage
Types of covert channels
11. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Government and military applications
The rule is talking about "Reading"
C1 - Discretionary Security Protection
C2
12. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
All Mandatory Access Control (MAC) systems
B3 - Security Domains
Security Policy - Orange Book
Labels - Orange Book
13. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Be protected from modification
Polyinstantiation
C2 - Controlled Access Protection
TCB (Trusted Computing Base)
14. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Storage and timing
Most commonly used approach
Government and military applications
Dedicated Security Mode
15. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
16. When the contents of the address defined in the program's instruction is added to that of an index register.
Logical addresses
Multitasking
The Rule is talking about writing
Indexed addressing
17. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Fail safe
Mandatory access control
The TCSEC - Aka Orange Book
Covert channels
18. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
No read up
The Tranqulity principle (The Bell-LaPadula Model)
Life Cycle Assurance Requirement
Overt channel
19. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Trusted Distribution
Multilevel Security Policies
B1
A security domain
20. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
C1
The security perimeter
Its Clearance Label (Top Secret - Secret - or Confidential)
Direct addressing
21. Which can be used as a covert channel?
Storage and timing
Multiprocessing
Orange Book B
Documentation - Orange Book
22. The combination of RAM - Cache and the Processor Registers
B1 - Labeled Security rating
Reduced Instruction Set Computers (RISC)
Primary storage
Direct Addressing
23. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Dedicated Security Mode
The TCSEC - Aka Orange Book
Logical addresses
*-Integrity Axiom
24. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Certification
Orange Book interpretations
Virtual Memory
The Strong star property rule
25. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Orange Book - B1
B3 - Rating
Orange Book - A1
The "No write Down" Rule
26. When a vendor submits a product for evaluation - it submits it to the ____________.
Files - directories and devices
The Tranqulity principle (The Bell-LaPadula Model)
System High Security Mode
The National Computer Security Center (NCSC)
27. All users have a clearance for and a formal need to know about - all data processed with the system.
A Layered Operating System Architecure
B2 - Structured Protection
Dedicated Security Mode
*-Integrity Axiom
28. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Absolute addresses
State machine model
Clark-Wilson Model
29. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Pipelining
Overt channel
Firmware
30. The Orange book requires protection against two_____________ - which are these Timing and Storage
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Life Cycle Assurance Requirement
Types of covert channels
31. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The Rule is talking about writing
The Thread (memory Management)
Continuous protection - O/B
The *-Property rule (Star property)
32. What prevents a process from accessing another process' data?
A security domain
Overt channel
In C2 - Controlled Access Protection environment
Process isolation
33. What does the Clark-Wilson security model focus on
Integrity
B2 - Structured Protection
A lattice of Intergrity Levels
Execution Domain
34. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Discretionary Security Property (ds-property)
Certification
The Tranqulity principle (The Bell-LaPadula Model)
Mandatory Access Control (MAC)
35. A system uses the Reference Monitor to ___________________ of a subject and an object?
Models concerned with integrity
The Security Kernel
Compare the security labels
Storage and timing
36. Which in the Orange Book ratings represents the highest level of trust?
The Biba Model
B2
Controls the checks
Examples of Layered Operating Systems
37. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
C2 - Controlled Access Protection
Dedicated Security Mode
Buffer overflows
Controlling unauthorized downgrading of information
38. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Multilevel Security Policies
System High Security Mode
Trusted Network Interpretation (TNI)
39. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Cache Memory
The "No read Up" rule
Be protected from modification
40. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
A and B
Trusted hardware - Software and Firmware
Direct Addressing
Security Policy is clearly defined and documented
41. The Simple Security rule is refered to as______________.
security protection mechanisms
Trusted Network Interpretation (TNI)
The "No read Up" rule
The Monolithic Operation system Architecture
42. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Division D - Minimal Protection
Sensitivity labels
Pipelining
The Biba Model
43. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Mandatory Access Control (MAC)
Division B - Mandatory Protection
Life-cycle assurance - O/B
44. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Prohibits
Orange Book - B1
A Base Register (Memory Management)
Simple Security Rule
45. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Isolate processes
The security kernel
Security Policy - Orange Book
Security mechanisms and evalautes their effectivenes
46. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
*-Integrity Axiom
B2 - Structured Protection
First evaluation class
47. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Dedicated Security Mode
C2
Execution Domain
B3
48. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Certification
Basic Security Theorem (used in computer science) definition
Protection Rings Support
49. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
The Integrity of data within applications
C1 - Discrection Security Protection is a type of environment
B2
50. When the address location that is specified in the program instruction contains the address of the final desired location.
Direct addressing
Dedicated Security Mode
Indirect addressing
Life Cycle Assurance Requirement
