SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the simple security (ss) property mean in the Bell-LaPadula model?
Swap Space
No read up
The National Computer Security Center (NCSC)
B2 rating
2. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Orange Book - B3
Be protected from modification
No read up
Ring 0
3. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
Its Clearance Label (Top Secret - Secret - or Confidential)
C2 - Controlled Access Protection
Trusted facility management
4. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
B2
Access Matrix model
Virtual Memory
5. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
attributability
B1
Orange Book ratings
The Biba Model
6. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Orange Book C
C2 - Controlled Access Protection
B2 - Structured Protection
NOT Integrity
7. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Integrity
The *-Property rule (Star property)
Swap Space
C2 - Controlled Access Protection
8. Trusted facility management is an assurance requirement only for ________________.
The Thread (memory Management)
Security Policy - Orange Book
Orange Book - B1
Highly secure systems (B2 - B3 and A1)
9. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
The Clark Wilson integrity model
Process isolation
Buffer (temporary data storage area)
Be protected from modification
10. Access control labels must be associated properly with objects.
Types of covert channels
B2 rating
Labels - Orange Book
Orange Book C
11. Verification Protection
Invocation Property
A and B
Ring 2
Orange Book A
12. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
The Clark Wilson integrity model
Covert channels
Prohibits
C2
13. What does the Clark-Wilson security model focus on
The trustworthiness of an information system
Integrity
Orange Book ratings
The Tranqulity principle (The Bell-LaPadula Model)
14. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
*-Integrity Axiom
No write down
Clark-Wilson Model
B3
15. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
Security Policy
B3
Process isolation
16. The Indexed memory addresses that software uses
Logical addresses
Isolate processes
Dominate the object's sensitivity label
Documentation - Orange Book
17. Which TCSEC level first addresses object reuse?
First evaluation class
Security rating B
C2
Life-cycle assurance - O/B
18. Execute one instruction at a time.
Scalar processors
Be protected from modification
Relative Addresses
Networks and Communications
19. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
Orange Book B
The National Computer Security Center (NCSC)
Attributable - original - accurate - contemporaneous and legible
20. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Firmware
Orange Book - B1
Evaluated separately
Trusted Distribution
21. System Architecture that separates system functionality into Hierarchical layers
A Layered Operating System Architecure
Clark-Wilson
A Domain
B1 - Labeled Security rating
22. Operating System Kernel
Division B - Mandatory Protection
Ring 0
A Domain
The security perimeter
23. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
B1
B2
B2 rating
24. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Clark-Wilson Model
Orange Book A
Programmable Read-Only Memory (PROM)
C2
25. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Disclosure of residual data
Implement software or systems in a production environment
Simple Integrity Axiom
A and B
26. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
'Dominate'
Orange Book ratings
Cache Memory
Government and military applications
27. What prevents a process from accessing another process' data?
Secondary Storage
C1 - Discrection Security Protection is a type of environment
Process isolation
Pipelining
28. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Higher or equal to access class
Access control to the objects by the subjects
Dedicated Security Mode
Reduced Instruction Set Computers (RISC)
29. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. What does the simple integrity axiom mean in the Biba model?
D
Enforces the rules
The Tranqulity principle (The Bell-LaPadula Model)
No read down
31. Individual subjects must be uniquely identified.
Pagefile.sys file
Trusted hardware - Software and Firmware
Identification - Orange Book
The Security Kernel
32. The Simple Security rule is refered to as______________.
The "No read Up" rule
Controls the checks
Orange Book ratings
Division B - Mandatory Protection Architecture
33. Another word for Primary storage and distinguishes physical memory from virtual memory.
In C2 - Controlled Access Protection environment
The National Computer Security Center (NCSC)
C2 - Controlled Access Protection
Real storage
34. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
*-Integrity Axiom
Orange Book - B3
Need-to-know
35. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
A and B
Trusted Products Evaluation Program (TPEP)
Virtual Memory
36. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Division C - Discretionary Protection
First evaluation class
C1 - Discrection Security Protection is a type of environment
37. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Operational assurance requirements
Types of covert channels
Orange Book - B2
Erasable and Programmable Read-Only Memory (EPROM)
38. The combination of RAM - Cache and the Processor Registers
Bell-LaPadula Model
A Thread
Primary storage
Ring 2
39. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Pipelining
Clark-Wilson Model
A security kernel
Orange Book ratings
40. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Controlling unauthorized downgrading of information
Access Matrix model
The "No read Up" rule
Trusted Distribution
41. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Cache Memory
The Security Kernel
Basic Security Theorem (used in computer science) definition
Be protected from modification
42. The assignment of a specific individual to administer the security-related functions of a system.
Dedicated Security Mode
Cache Memory
Trusted facility management
Discretionary Security Property (ds-property)
43. The subject must have Need to Know for ONLY the information they are trying to access.
Accountability - Orange Book
NOT Integrity
System High Security Mode
First evaluation class
44. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Compare the security labels
The "No write Down" Rule
Simple Security Rule
Dominate the object's sensitivity label
45. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
The security perimeter
Virtual Memory
Overt channel
46. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
The National Computer Security Center (NCSC)
Continuous protection - O/B
NOT Integrity
B1
47. The Security Model Incorporates the ____________ that should be enforced in the system.
Simple Integrity Axiom
B1 - Labeled Security
Labels - Orange Book
Security Policy
48. Applications and user activity
Ring 2
Ring 3
C1
System High Security Mode
49. Discretionary protection
Orange Book C
The Monolithic Operation system Architecture
The Thread (memory Management)
Files - directories and devices
50. Which would be designated as objects on a MAC system?
The security perimeter
Absolute addresses
Operational assurance requirements
Files - directories and devices
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests