Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






2. Another word for Primary storage and distinguishes physical memory from virtual memory.






3. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






4. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






5. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.






6. When a computer uses more than one CPU in parallel to execute instructions is known as?






7. When the RAM and secondary storage are combined the result is __________.






8. What is called the formal acceptance of the adequacy of a system's overall security by management?






9. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






10. Access control labels must be associated properly with objects.






11. Subjects and Objects cannot change their security levels once they have been instantiated (created)






12. Which increases the performance in a computer by overlapping the steps of different instructions?






13. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






14. When the address location that is specified in the program instruction contains the address of the final desired location.






15. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






16. The Reserved hard drive space used to to extend RAM capabilites.






17. The TCB is the ________________ within a computer system that work together to enforce a security policy.






18. Execute one instruction at a time.






19. Can be erased - modified and upgraded.






20. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements






21. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






22. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






23. Contains an Address of where the instruction and dara reside that need to be processed.






24. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?






25. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system






26. System Architecture that separates system functionality into Hierarchical layers






27. Intended for environments that require systems to handle classified data.






28. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






29. Operating System Kernel






30. The Orange book requires protection against two_____________ - which are these Timing and Storage






31. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






32. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






33. Permits a database to have two records that are identical except for Their classifications






34. Mandatory Access requires that _____________ be attached to all objects.






35. Which is a straightforward approach that provides access rights to subjects for objects?






36. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






37. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


38. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






39. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






40. In access control terms - the word "dominate" refers to ___________.






41. Succesfully Evaluated products are placed on?






42. What does the * (star) property mean in the Bell-LaPadula model?






43. Trusted facility management is an assurance requirement only for ________________.






44. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.






45. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






46. Remaining parts of the operating system






47. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






48. Which Orange Book evaluation level is described as "Verified Design"?






49. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






50. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs