SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the Bell-LaPadula Model the Object's Label contains ___________________.
The Evaluated Products List (EPL) with their corresponding rating
State machine model
Its classification label (Top Secret - Secret or confidential)
Reduced Instruction Set Computers (RISC)
2. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Its classification label (Top Secret - Secret or confidential)
The "No read Up" rule
The Biba Model
Direct addressing
3. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
All Mandatory Access Control (MAC) systems
The National Computer Security Center (NCSC)
Erasable and Programmable Read-Only Memory (EPROM)
Simple Integrity Axiom
4. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Clark-Wilson
Protection Rings Support
Swap Space
Absolute addresses
5. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Virtual storage
Controlling unauthorized downgrading of information
Basic Security Theorem (used in computer science) definition
Continuous protection - O/B
6. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Continuous protection - O/B
The Strong star property rule
Relative Addresses
The Simple Security Property
7. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The Trusted Computing Base (TCB)
Orange Book ratings
Totality of protection mechanisms
B2 - Structured Protection
8. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channel
Be protected from modification
Swap Space
Enforces the rules
9. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Its Clearance Label (Top Secret - Secret - or Confidential)
The security kernel
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Constrained
10. Based on a known address with an offset value applied.
The Tranqulity principle (The Bell-LaPadula Model)
Relative Addresses
C2 - Controlled Access Protection
The rule is talking about "Reading"
11. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
*-Integrity Axiom
Invocation Property
Orange Book - A1
12. Permits a database to have two records that are identical except for Their classifications
Complex Instruction Set Computers (CISC)
Orange Book - D
Trusted hardware - Software and Firmware
Polyinstantiation
13. In access control terms - the word "dominate" refers to ___________.
Division B - Mandatory Protection Architecture
The "No write Down" Rule
Access Matrix model
Higher or equal to access class
14. The Bell-LaPadula Model is a _______________.
Life-cycle assurance - O/B
Subject to Object Model
A and B
B3
15. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
Accreditation
Execution Domain
B3
16. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
The reference monitor
Security rating B
C2
A1 - Rating
17. As per FDA data should be ______________________________.
Orange Book - B1
Attributable - original - accurate - contemporaneous and legible
Storage and timing
Virtual Memory
18. When a vendor submits a product for evaluation - it submits it to the ____________.
Accountability - Orange Book
Division D - Minimal Protection
A Layered Operating System Architecure
The National Computer Security Center (NCSC)
19. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Accreditation
C1 - Discretionary Security Protection
Ring 0
Thrashing
20. What access control technique is also known as multilevel security?
Attributable data
Mandatory access control
Ring 2
Protection Rings Support
21. The Reserved hard drive space used to to extend RAM capabilites.
Identification - Orange Book
Mandatory Access Control (MAC)
Orange Book - D
Swap Space
22. Operating System Kernel
Trusted Network Interpretation (TNI)
Its Clearance Label (Top Secret - Secret - or Confidential)
Cache Memory
Ring 0
23. Applications and user activity
Scalar processors
A and B
Ring 3
Access control to the objects by the subjects
24. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Assigned labels
The Tranqulity principle (The Bell-LaPadula Model)
The National Computer Security Center (NCSC)
Be protected from modification
25. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Examples of Layered Operating Systems
Trusted Distribution
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
26. When a computer uses more than one CPU in parallel to execute instructions is known as?
B2 rating
Multiprocessing
Dedicated Security Mode
International Standard 15408
27. Remaining parts of the operating system
Ring 1
Files - directories and devices
Firmware
Government and military applications
28. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
The security perimeter
Division B - Mandatory Protection
B2 - Structured Protection
Security Policy is clearly defined and documented
29. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
The National Computer Security Center (NCSC)
Storage and timing
Orange Book interpretations
Direct addressing
30. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Direct addressing
The Tranqulity principle (The Bell-LaPadula Model)
Swap Space
Orange Book - B1
31. Verification Protection
Orange Book A
Orange Book - B2
A security domain
Division B - Mandatory Protection
32. The Physical memory address that the CPU uses
Trusted Products Evaluation Program (TPEP)
Indirect addressing
Absolute addresses
Cache Memory
33. TCSEC provides a means to evaluate ______________________.
Orange Book interpretations
The trustworthiness of an information system
Life Cycle Assurance Requirement
First evaluation class
34. In the Bell-LaPadula Model the Subject's Label contains ___________________.
B3
Its Clearance Label (Top Secret - Secret - or Confidential)
Storage and timing
Ring 3
35. The Orange book requires protection against two_____________ - which are these Timing and Storage
Basic Security Theorem (used in computer science) definition
Multitasking
Types of covert channels
Reduced Instruction Set Computers (RISC)
36. Succesfully Evaluated products are placed on?
The National Computer Security Center (NCSC)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
The Evaluated Products List (EPL) with their corresponding rating
Orange Book C
37. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The Clark Wilson integrity model
Clark-Wilson
Buffer (temporary data storage area)
The *-Property rule (Star property)
38. Which TCSEC level first addresses object reuse?
C2
The "No read Up" rule
Stored in Reak Memory
Indirect addressing
39. Which would be designated as objects on a MAC system?
Orange Book - D
Trusted Products Evaluation Program (TPEP)
Simple Integrity Axiom
Files - directories and devices
40. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Security mechanisms and evalautes their effectivenes
The Simple Security Property
Ring 0
41. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The TCSEC - Aka Orange Book
Execution Domain
The National Computer Security Center (NCSC)
The Red Book
42. What are the components of an object's sensitivity label?
Certification
Mandatory access control
Accreditation
A single classification and a Compartment Set
43. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Division C - Discretionary Protection
Orange Book C
Subject to Object Model
Simple Security Rule
44. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
The reference monitor
Access Matrix model
Controlling unauthorized downgrading of information
B3 - Rating
45. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Identification - Orange Book
Isolate processes
B3 - Security Domains
The "No read Up" rule
46. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Erasable and Programmable Read-Only Memory (EPROM)
A1
Security rating B
The Trusted Computing Base (TCB)
47. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Attributable - original - accurate - contemporaneous and legible
Buffer (temporary data storage area)
C2 - Controlled Access Protection
Access Matrix model
48. The Biba Model adresses _____________________.
The security perimeter
The security kernel
The Integrity of data within applications
Disclosure of residual data
49. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
The *-Property rule (Star property)
Attributable data
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Operational assurance requirements
50. All users have a clearance for and a formal need to know about - all data processed with the system.
Dedicated Security Mode
Absolute addresses
Trusted hardware - Software and Firmware
Sensitivity labels
