SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. Involves sharing the processor amoung all ready processes
Models concerned with integrity
Ring 2
Multitasking
Security rating B
3. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
The Rule is talking about writing
Bell-LaPadula Model
Implement software or systems in a production environment
4. Another word for Primary storage and distinguishes physical memory from virtual memory.
Primary storage
Continuous protection - O/B
Clark-Wilson Model
Real storage
5. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
A and B
The Biba Model
Bell-LaPadula Model
B2 - Structured Protection
6. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
A and B
'Dominate'
Trusted Products Evaluation Program (TPEP)
B3 - Security Domains
7. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
B3
Ring 2
Orange Book ratings
Invocation Property
8. Each data object must contain a classification label and each subject must have a clearance label.
C2
C2 - Controlled Access Protection
B1 - Labeled Security
Indexed addressing
9. As per FDA data should be ______________________________.
Security Policy is clearly defined and documented
Need-to-know
Attributable - original - accurate - contemporaneous and legible
Implement software or systems in a production environment
10. Based on a known address with an offset value applied.
Evaluated separately
C2
Relative Addresses
The TCSEC - Aka Orange Book
11. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The rule is talking about "Reading"
The Tranqulity principle (The Bell-LaPadula Model)
A Domain
C2
12. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Implement software or systems in a production environment
Prohibits
Orange Book A
Buffer (temporary data storage area)
13. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
NOT Integrity
Real storage
Controls the checks
Certification
14. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
C2 - Controlled Access Protection
Programmable Read-Only Memory (PROM)
The Rule is talking about writing
15. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Isolate processes
A Layered Operating System Architecure
Division D - Minimal Protection
16. When a portion of primary memory is accessed by specifying the actual address of the memory location
Assigned labels
Direct addressing
Trusted Products Evaluation Program (TPEP)
Be protected from modification
17. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
The security perimeter
A security domain
Orange Book interpretations
18. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Absolute addresses
Access control to the objects by the subjects
The "No read Up" rule
Disclosure of residual data
19. In access control terms - the word "dominate" refers to ___________.
B2 rating
Life-cycle assurance - O/B
Higher or equal to access class
The Integrity of data within applications
20. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Assigned labels
Division B - Mandatory Protection Architecture
The National Computer Security Center (NCSC)
Higher or equal to access class
21. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Real storage
A and B
Orange Book C
Secondary Storage
22. Verification Protection
Controlling unauthorized downgrading of information
Orange Book interpretations
Administrative declaration
Orange Book A
23. I/O drivers and utilities
B3
Orange Book - D
Secondary Storage
Ring 2
24. Execute one instruction at a time.
Government and military applications
International Standard 15408
Evaluated separately
Scalar processors
25. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Process isolation
Dedicated Security Mode
B2 - Structured Protection
A1
26. Individual subjects must be uniquely identified.
A Limit Register (Memory Management)
Identification - Orange Book
A Thread
Operational assurance requirements
27. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Physical security
A Limit Register (Memory Management)
Discretionary Security Property (ds-property)
28. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
Security Policy - Orange Book
Enforces the rules
A and B
The Monolithic Operation system Architecture
29. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Assigned labels
C1
Certification
B2
30. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Orange Book B
Evaluated separately
Access Matrix model
Constrained
31. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Its Clearance Label (Top Secret - Secret - or Confidential)
Buffer (temporary data storage area)
First evaluation class
Division D - Minimal Protection
32. What is called the formal acceptance of the adequacy of a system's overall security by management?
Trusted Distribution
Accreditation
Files - directories and devices
Labels - Orange Book
33. What does the simple integrity axiom mean in the Biba model?
Access control to the objects by the subjects
The "No read Up" rule
No read down
C1 - Discretionary Security Protection
34. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
B2 - Structured Protection
attributability
The Red Book
D
35. Which would be designated as objects on a MAC system?
Files - directories and devices
Models concerned with integrity
Ring 0
The Rule is talking about writing
36. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Disclosure of residual data
D
C2
Trusted Network Interpretation (TNI)
37. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Reduced Instruction Set Computers (RISC)
Indexed addressing
B3
A Layered Operating System Architecure
38. Subjects and Objects cannot change their security levels once they have been instantiated (created)
*-Integrity Axiom
Relative Addresses
Security Policy
The Tranqulity principle (The Bell-LaPadula Model)
39. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
The *-Property rule (Star property)
C2 - Controlled Access Protection
The Monolithic Operation system Architecture
Certification
40. Which in the Orange Book ratings represents the highest level of trust?
International Standard 15408
Orange Book - B1
B2
Direct addressing
41. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Buffer (temporary data storage area)
Reduced Instruction Set Computers (RISC)
Life-cycle assurance - O/B
Controls the checks
42. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
The reference monitor
Overt channel
Physical security
Division D - Minimal Protection
43. Can be erased - modified and upgraded.
Orange Book interpretations
Erasable and Programmable Read-Only Memory (EPROM)
A single classification and a Compartment Set
Discretionary Security Property (ds-property)
44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Covert channels
Process isolation
Simple Security Rule
Clark-Wilson Model
45. What access control technique is also known as multilevel security?
Buffer overflows
Orange Book B
Mandatory access control
Examples of Layered Operating Systems
46. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
A1
Multilevel Security Policies
Sensitivity labels
Life Cycle Assurance Requirement
47. The *-Property rule is refered to as ____________.
The National Computer Security Center (NCSC)
The *-Property rule (Star property)
Administrative declaration
The "No write Down" Rule
48. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
The Trusted Computing Base (TCB)
Real storage
B1
49. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Prohibits
Isolate processes
Security Policy - Orange Book
Fail safe
50. Bell-LaPadula model was proposed for enforcing access control in _____________________.
The Monolithic Operation system Architecture
Government and military applications
The security kernel
The security perimeter
