SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Documentation - Orange Book
Need-to-know
Orange Book - A1
The security perimeter
2. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Process isolation
Prohibits
Security Policy is clearly defined and documented
Administrative declaration
3. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Assigned labels
Access control to the objects by the subjects
Life Cycle Assurance Requirement
Trusted hardware - Software and Firmware
4. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
A Domain
Models concerned with integrity
System High Security Mode
Security rating B
5. Remaining parts of the operating system
Ring 1
Orange Book - B3
Life-cycle assurance - O/B
No write down
6. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
International Standard 15408
Direct addressing
The Thread (memory Management)
Division B - Mandatory Protection Architecture
7. The Simple Security rule is refered to as______________.
The "No read Up" rule
A security kernel
The Integrity of data within applications
B3 - Security Domains
8. Which uses Protection Profiles and Security Targets?
Direct Addressing
B1 - Labeled Security rating
International Standard 15408
System High Security Mode
9. The Orange book does NOT Cover ________________ - And Database management systems
Networks and Communications
Controlling unauthorized downgrading of information
C2
Government and military applications
10. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
The reference monitor
Documentation - Orange Book
Multitasking
11. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Dominate the object's sensitivity label
The Simple Security Property
Protection Rings Support
Ring 1
12. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Security Kernel
Covert channels
The Common Criteria
'Dominate'
13. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Integrity
Thrashing
State machine model
The TCSEC - Aka Orange Book
14. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
'Dominate'
Subject to Object Model
Buffer (temporary data storage area)
15. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Products Evaluation Program (TPEP)
Trusted Distribution
B1 - Labeled Security
Models concerned with integrity
16. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
No read down
Scalar processors
A lattice of Intergrity Levels
17. The *-Property rule is refered to as ____________.
Primary storage
All Mandatory Access Control (MAC) systems
The "No write Down" Rule
No write down
18. Individual subjects must be uniquely identified.
Real storage
Identification - Orange Book
International Standard 15408
The security kernel
19. What does the simple security (ss) property mean in the Bell-LaPadula model?
Process isolation
No read up
Sensitivity labels
No write down
20. When a computer uses more than one CPU in parallel to execute instructions is known as?
Subject to Object Model
Attributable data
Programmable Read-Only Memory (PROM)
Multiprocessing
21. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
Life Cycle Assurance Requirement
Multiprocessing
The Evaluated Products List (EPL) with their corresponding rating
The Common Criteria
22. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
The Tranqulity principle (The Bell-LaPadula Model)
Examples of Layered Operating Systems
Controlling unauthorized downgrading of information
Trusted Products Evaluation Program (TPEP)
23. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Indexed addressing
Government and military applications
Reduced Instruction Set Computers (RISC)
International Standard 15408
24. The Security Model Incorporates the ____________ that should be enforced in the system.
Orange Book - B1
Programmable Read-Only Memory (PROM)
The Tranqulity principle (The Bell-LaPadula Model)
Security Policy
25. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
attributability
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Buffer overflows
Simple Security Rule
26. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Discretionary Security Property (ds-property)
The security perimeter
Invocation Property
Need-to-know
27. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
The Security Kernel
Evaluated separately
Trusted hardware - Software and Firmware
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
28. Another word for Primary storage and distinguishes physical memory from virtual memory.
Real storage
Multilevel Security Policies
Highly secure systems (B2 - B3 and A1)
Orange Book - A1
29. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Stored in Reak Memory
The "No write Down" Rule
The Red Book
The Biba Model
30. TCB contains The Security Kernel and all ______________.
Storage and timing
security protection mechanisms
Covert channels
Need-to-know
31. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Polyinstantiation
Direct Addressing
Indirect addressing
Invocation Property
32. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Relative Addresses
attributability
Security Policy is clearly defined and documented
The Evaluated Products List (EPL) with their corresponding rating
33. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
B3
The Evaluated Products List (EPL) with their corresponding rating
Certification
34. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Swap Space
A Layered Operating System Architecure
35. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
B1
C1 - Discrection Security Protection is a type of environment
Life Cycle Assurance Requirement
Security Policy
36. Which increases the performance in a computer by overlapping the steps of different instructions?
Mandatory Access Control (MAC)
B3
Pipelining
Implement software or systems in a production environment
37. Based on a known address with an offset value applied.
Buffer overflows
A1 - Rating
Mandatory access control
Relative Addresses
38. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The "No write Down" Rule
Fail safe
The Monolithic Operation system Architecture
Process isolation
39. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
System High Security Mode
Ring 2
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
40. Which can be used as a covert channel?
Storage and timing
Networks and Communications
A security kernel
Discretionary Security Property (ds-property)
41. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Government and military applications
Security Policy - Orange Book
The rule is talking about "Reading"
42. What prevents a process from accessing another process' data?
Its classification label (Top Secret - Secret or confidential)
attributability
Process isolation
Overt channel
43. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Division D - Minimal Protection
The Red Book
The reference monitor
44. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Orange Book B
Division B - Mandatory Protection Architecture
A lattice of Intergrity Levels
*-Integrity Axiom
45. Which describe a condition when RAM and Secondary storage are used together?
Stored in Reak Memory
Secondary Storage
Virtual storage
Security Policy is clearly defined and documented
46. According to the Orange Book - trusted facility management is not required for which security levels?
B1
Basic Security Theorem (used in computer science) definition
Bell-LaPadula Model
Compare the security labels
47. What does the Clark-Wilson security model focus on
Division B - Mandatory Protection
C2 - Controlled Access Protection
Integrity
The Common Criteria
48. Discretionary protection
Orange Book C
B3
Security Policy
Implement software or systems in a production environment
49. The security kernel is the mechanism that _____________ of the reference monitor concept.
Stored in Reak Memory
Polyinstantiation
Enforces the rules
attributability
50. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.