SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What prevents a process from accessing another process' data?
B1 - Labeled Security rating
Controlling unauthorized downgrading of information
Accreditation
Process isolation
2. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
Orange Book interpretations
Storage and timing
Orange Book - B3
3. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Ring 0
Accountability - Orange Book
Mandatory access control
4. The Indexed memory addresses that software uses
C2
Multilevel Security Policies
Logical addresses
Controlling unauthorized downgrading of information
5. Applications and user activity
Ring 3
Buffer overflows
A1
Pagefile.sys file
6. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Multitasking
The rule is talking about "Reading"
Dominate the object's sensitivity label
Covert channels
7. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
Its Clearance Label (Top Secret - Secret - or Confidential)
Need-to-know
Orange Book - A1
8. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Thrashing
Multitasking
Enforces the rules
Invocation Property
9. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Programmable Read-Only Memory (PROM)
Evaluated separately
The Simple Security Property
10. Contains the ending address
Division C - Discretionary Protection
A Limit Register (Memory Management)
B3 - Rating
Reduced Instruction Set Computers (RISC)
11. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Swap Space
Polyinstantiation
Primary storage
First evaluation class
12. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Prevent secret information from being accessed
Overt channel
Reduced Instruction Set Computers (RISC)
No read up
13. The Security Model Incorporates the ____________ that should be enforced in the system.
Erasable and Programmable Read-Only Memory (EPROM)
The Strong star property rule
All Mandatory Access Control (MAC) systems
Security Policy
14. A type of memory used for High-speed writing and reading activities.
Primary storage
The "No write Down" Rule
Cache Memory
Accountability - Orange Book
15. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The Tranqulity principle (The Bell-LaPadula Model)
security protection mechanisms
International Standard 15408
Protection Rings Support
16. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
State machine model
Buffer (temporary data storage area)
Discretionary Security Property (ds-property)
Stored in Reak Memory
17. Which Orange Book evaluation level is described as "Verified Design"?
Protection Rings Support
A1
Swap Space
'Dominate'
18. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Orange Book B
B1 - Labeled Security
Division B - Mandatory Protection
19. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
Covert channels
Evaluated separately
The National Computer Security Center (NCSC)
20. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
A and B
Ring 1
Security Policy
The Strong star property rule
21. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
State machine model
A Thread
Division B - Mandatory Protection Architecture
Indirect addressing
22. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Prohibits
A lattice of Intergrity Levels
Clark-Wilson
The security perimeter
23. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Its Clearance Label (Top Secret - Secret - or Confidential)
No write down
The Trusted Computing Base (TCB)
24. Based on a known address with an offset value applied.
B2 - Structured Protection
Virtual Memory
Simple Security Rule
Relative Addresses
25. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
The National Computer Security Center (NCSC)
Security mechanisms and evalautes their effectivenes
B1 - Labeled Security rating
26. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Models concerned with integrity
Security rating B
Prohibits
Pagefile.sys file
27. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
28. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Integrity
C2 - Controlled Access Protection
The National Computer Security Center (NCSC)
Orange Book interpretations
29. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Administrative declaration
*-Integrity Axiom
Access control to the objects by the subjects
The Red Book
30. Intended for environments that require systems to handle classified data.
B2 rating
Indexed addressing
B1 - Labeled Security rating
Virtual storage
31. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
Buffer overflows
C1
The "No write Down" Rule
32. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Disclosure of residual data
Security Policy is clearly defined and documented
Constrained
C2 - Controlled Access Protection
33. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
C2
Continuous protection - O/B
Dedicated Security Mode
Operational assurance requirements
34. Permits a database to have two records that are identical except for Their classifications
C2 - Controlled Access Protection
Polyinstantiation
The Integrity of data within applications
A Layered Operating System Architecure
35. Trusted facility management is an assurance requirement only for ________________.
Highly secure systems (B2 - B3 and A1)
Orange Book - B3
Operational assurance requirements
Trusted facility management
36. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Trusted hardware - Software and Firmware
Virtual storage
Ring 1
Division C - Discretionary Protection
37. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Attributable - original - accurate - contemporaneous and legible
B3 - Rating
Buffer overflows
Multilevel Security Policies
38. The security kernel is the mechanism that _____________ of the reference monitor concept.
Orange Book C
The Trusted Computing Base (TCB)
Enforces the rules
Prevent secret information from being accessed
39. Succesfully Evaluated products are placed on?
The Trusted Computing Base (TCB)
Trusted facility management
Models concerned with integrity
The Evaluated Products List (EPL) with their corresponding rating
40. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The TCSEC - Aka Orange Book
Implement software or systems in a production environment
Direct Addressing
The Biba Model
41. A domain of trust that shares a single security policy and single management
A security domain
Attributable data
Indirect addressing
Examples of Layered Operating Systems
42. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
B2 - Structured Protection
Orange Book interpretations
Buffer overflows
43. Should always trace to individuals responsible for observing and recording the data
Documentation - Orange Book
Attributable data
B3
The Simple Security Property
44. What does the Clark-Wilson security model focus on
C1 - Discrection Security Protection is a type of environment
Basic Security Theorem (used in computer science) definition
Direct Addressing
Integrity
45. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
A1 - Rating
The Strong star property rule
Examples of Layered Operating Systems
46. Contains an Address of where the instruction and dara reside that need to be processed.
Life-cycle assurance - O/B
Real storage
The Thread (memory Management)
A Thread
47. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Erasable and Programmable Read-Only Memory (EPROM)
Prohibits
Security Policy
Invocation Property
48. In the Bell-LaPadula Model the Object's Label contains ___________________.
Access control to the objects by the subjects
A single classification and a Compartment Set
A Layered Operating System Architecure
Its classification label (Top Secret - Secret or confidential)
49. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Mandatory Access Control (MAC)
Security Policy is clearly defined and documented
The National Computer Security Center (NCSC)
50. The total combination of protection mechanisms within a computer system
Virtual Memory
A Base Register (Memory Management)
The Trusted Computing Base (TCB)
TCB (Trusted Computing Base)
