SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which can be used as a covert channel?
Storage and timing
C1 - Discrection Security Protection is a type of environment
Secondary Storage
Compare the security labels
2. The Physical memory address that the CPU uses
Orange Book - B3
Absolute addresses
Administrative declaration
Complex Instruction Set Computers (CISC)
3. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Scalar processors
The Red Book
The Clark Wilson integrity model
Orange Book - B2
4. Which describe a condition when RAM and Secondary storage are used together?
A Base Register (Memory Management)
Virtual storage
Direct Addressing
B1 - Labeled Security rating
5. A system uses the Reference Monitor to ___________________ of a subject and an object?
Totality of protection mechanisms
C2 - Controlled Access Protection
Virtual storage
Compare the security labels
6. What access control technique is also known as multilevel security?
Types of covert channels
B3 - Security Domains
Disclosure of residual data
Mandatory access control
7. The Indexed memory addresses that software uses
Orange Book B
Indirect addressing
Logical addresses
State machine model
8. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Continuous protection - O/B
Integrity
Security Policy - Orange Book
9. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Subject to Object Model
Polyinstantiation
The security kernel
10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
The *-Property rule (Star property)
Totality of protection mechanisms
The Evaluated Products List (EPL) with their corresponding rating
11. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
B2
Dedicated Security Mode
Polyinstantiation
12. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
B2
Its Clearance Label (Top Secret - Secret - or Confidential)
Discretionary Security Property (ds-property)
13. Minimal Security
Mandatory access control
B3 - Rating
The Rule is talking about writing
Orange Book - D
14. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Constrained
The National Computer Security Center (NCSC)
Overt channel
A Domain
15. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Reduced Instruction Set Computers (RISC)
Swap Space
The Tranqulity principle (The Bell-LaPadula Model)
A and B
16. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
attributability
Logical addresses
A Domain
Prevent secret information from being accessed
17. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
B1
The Red Book
The Trusted Computing Base (TCB)
Division B - Mandatory Protection Architecture
18. When a computer uses more than one CPU in parallel to execute instructions is known as?
The security kernel
security protection mechanisms
Multiprocessing
Controls the checks
19. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
C2 - Controlled Access Protection
State machine model
Most commonly used approach
Division D - Minimal Protection
20. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Process isolation
Ring 3
C2 - Controlled Access Protection
C1 - Discrection Security Protection is a type of environment
21. Mediates all access and Functions between subjects and objects.
The security perimeter
C2
The "No read Up" rule
The Security Kernel
22. Based on a known address with an offset value applied.
Mandatory access control
Relative Addresses
Operational assurance requirements
The security perimeter
23. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C1
B1
Labels - Orange Book
Protection Rings Support
24. When the RAM and secondary storage are combined the result is __________.
Implement software or systems in a production environment
Basic Security Theorem (used in computer science) definition
A lattice of Intergrity Levels
Virtual Memory
25. The Orange book requires protection against two_____________ - which are these Timing and Storage
Discretionary Security Property (ds-property)
Primary storage
Types of covert channels
Examples of Layered Operating Systems
26. As per FDA data should be ______________________________.
Attributable - original - accurate - contemporaneous and legible
security protection mechanisms
TCB (Trusted Computing Base)
Ring 1
27. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
Administrative declaration
Complex Instruction Set Computers (CISC)
Invocation Property
28. Involves sharing the processor amoung all ready processes
Mandatory Access Control (MAC)
Multitasking
Integrity
Most commonly used approach
29. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
The Thread (memory Management)
B2
The *-Property rule (Star property)
30. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
'Dominate'
Controls the checks
The Tranqulity principle (The Bell-LaPadula Model)
Access control to the objects by the subjects
31. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Protection Rings Support
Attributable - original - accurate - contemporaneous and legible
Life-cycle assurance - O/B
Continuous protection - O/B
32. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Fail safe
The Rule is talking about writing
Thrashing
Trusted Distribution
33. Operating System Kernel
The *-Property rule (Star property)
Programmable Read-Only Memory (PROM)
Primary storage
Ring 0
34. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Types of covert channels
Models concerned with integrity
Totality of protection mechanisms
Trusted facility management
35. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Higher or equal to access class
A single classification and a Compartment Set
A Domain
36. What is called the formal acceptance of the adequacy of a system's overall security by management?
State machine model
'Dominate'
Accreditation
Logical addresses
37. Intended for environments that require systems to handle classified data.
Most commonly used approach
A security kernel
B1 - Labeled Security rating
Discretionary Security Property (ds-property)
38. Can be erased - modified and upgraded.
Erasable and Programmable Read-Only Memory (EPROM)
No write down
A Limit Register (Memory Management)
Fail safe
39. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Execution Domain
B1 - Labeled Security
Storage and timing
Evaluated separately
40. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
Its classification label (Top Secret - Secret or confidential)
Totality of protection mechanisms
The TCSEC - Aka Orange Book
Models concerned with integrity
41. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
In C2 - Controlled Access Protection environment
Swap Space
Orange Book C
No read down
42. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
A Domain
Trusted Distribution
State machine model
Operational assurance requirements
43. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
A lattice of Intergrity Levels
Thrashing
Trusted Products Evaluation Program (TPEP)
44. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
A Base Register (Memory Management)
Dedicated Security Mode
Attributable - original - accurate - contemporaneous and legible
Complex Instruction Set Computers (CISC)
45. Which Orange Book evaluation level is described as "Verified Design"?
A1
Multilevel Security Policies
Prevent secret information from being accessed
Storage and timing
46. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
B1 - Labeled Security
Primary storage
The "No write Down" Rule
An abstract machine
47. Applications and user activity
Ring 3
Prohibits
System High Security Mode
Storage and timing
48. I/O drivers and utilities
A security domain
Security Policy
C1 - Discrection Security Protection is a type of environment
Ring 2
49. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Multilevel Security Policies
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
All Mandatory Access Control (MAC) systems
Clark-Wilson Model
50. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Orange Book - B2
Highly secure systems (B2 - B3 and A1)
In C2 - Controlled Access Protection environment
