SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What are the components of an object's sensitivity label?
A single classification and a Compartment Set
Thrashing
Accreditation
Higher or equal to access class
2. Which increases the performance in a computer by overlapping the steps of different instructions?
Operational assurance requirements
Security Policy is clearly defined and documented
No read down
Pipelining
3. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
The *-Property rule (Star property)
B2 - Structured Protection
Dominate the object's sensitivity label
A security kernel
4. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
The Clark Wilson integrity model
Security Policy
Evaluated separately
Orange Book B
5. Which Orange Book evaluation level is described as "Verified Design"?
Integrity
A1
The "No read Up" rule
Sensitivity labels
6. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multiprocessing
Multilevel Security Policies
Stored in Reak Memory
Operational assurance requirements
7. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
*-Integrity Axiom
The Biba Model
The Security Kernel
Prevent secret information from being accessed
8. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Erasable and Programmable Read-Only Memory (EPROM)
Clark-Wilson
Enforces the rules
Thrashing
9. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Prohibits
A security kernel
Totality of protection mechanisms
System High Security Mode
10. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Certification
No write down
The Trusted Computing Base (TCB)
Buffer (temporary data storage area)
11. TCSEC provides a means to evaluate ______________________.
Attributable data
A single classification and a Compartment Set
The trustworthiness of an information system
A security kernel
12. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Higher or equal to access class
Integrity
B3
C1 - Discrection Security Protection is a type of environment
13. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Models concerned with integrity
Buffer (temporary data storage area)
Multitasking
Discretionary Security Property (ds-property)
14. Each data object must contain a classification label and each subject must have a clearance label.
Its classification label (Top Secret - Secret or confidential)
B1 - Labeled Security
C2 - Controlled Access Protection
NOT Integrity
15. Access control labels must be associated properly with objects.
Basic Security Theorem (used in computer science) definition
Labels - Orange Book
Orange Book C
Swap Space
16. The *-Property rule is refered to as ____________.
The "No write Down" Rule
A Base Register (Memory Management)
Attributable - original - accurate - contemporaneous and legible
The Rule is talking about writing
17. A system uses the Reference Monitor to ___________________ of a subject and an object?
Accountability - Orange Book
An abstract machine
Compare the security labels
The Clark Wilson integrity model
18. Mandatory access control is enfored by the use of security labels.
Mandatory access control
No read up
Division B - Mandatory Protection
Networks and Communications
19. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Overt channel
Security rating B
Relative Addresses
C2
20. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B2
Life-cycle assurance - O/B
Complex Instruction Set Computers (CISC)
B3
21. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
C2 - Controlled Access Protection
Multiprocessing
B3 - Rating
The rule is talking about "Reading"
22. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Trusted Network Interpretation (TNI)
Orange Book ratings
B3 - Security Domains
Disclosure of residual data
23. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
An abstract machine
Division B - Mandatory Protection Architecture
A security kernel
In C2 - Controlled Access Protection environment
24. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
A Domain
Files - directories and devices
The reference monitor
Assigned labels
25. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A Layered Operating System Architecure
Thrashing
*-Integrity Axiom
Continuous protection - O/B
26. A domain of trust that shares a single security policy and single management
C2
Accountability - Orange Book
A security domain
Controlling unauthorized downgrading of information
27. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Orange Book - B3
Assigned labels
Simple Security Rule
Division C - Discretionary Protection
28. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Erasable and Programmable Read-Only Memory (EPROM)
Covert channels
Controlling unauthorized downgrading of information
Security Policy - Orange Book
29. Trusted facility management is an assurance requirement only for ________________.
Prevent secret information from being accessed
Indexed addressing
A Thread
Highly secure systems (B2 - B3 and A1)
30. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Indirect addressing
Multiprocessing
B2 rating
Multitasking
31. A type of memory used for High-speed writing and reading activities.
Prevent secret information from being accessed
The *-Property rule (Star property)
Cache Memory
Documentation - Orange Book
32. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
The Simple Security Property
Life-cycle assurance - O/B
B3
Prohibits
33. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Orange Book - B2
Subject to Object Model
Constrained
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
34. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Life Cycle Assurance Requirement
Discretionary Security Property (ds-property)
B1 - Labeled Security
The Biba Model
35. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
B3
Invocation Property
B2
36. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
A1 - Rating
Identification - Orange Book
The Strong star property rule
The rule is talking about "Reading"
37. Operating System Kernel
C2 - Controlled Access Protection
A security domain
Cache Memory
Ring 0
38. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Attributable - original - accurate - contemporaneous and legible
Division C - Discretionary Protection
The security kernel
Security mechanisms and evalautes their effectivenes
39. The Orange book does NOT Cover ________________ - And Database management systems
A and B
Networks and Communications
Simple Integrity Axiom
State machine model
40. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
D
The Security Kernel
The security perimeter
Its Clearance Label (Top Secret - Secret - or Confidential)
41. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Ring 2
TCB (Trusted Computing Base)
Highly secure systems (B2 - B3 and A1)
Physical security
42. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Dedicated Security Mode
The Monolithic Operation system Architecture
B3 - Security Domains
A and B
43. When the contents of the address defined in the program's instruction is added to that of an index register.
Totality of protection mechanisms
Multilevel Security Policies
Indexed addressing
Compare the security labels
44. What prevents a process from accessing another process' data?
Integrity
Trusted Network Interpretation (TNI)
Process isolation
Certification
45. Data in Cache can be accessed much more quickly than Data
Stored in Reak Memory
Security Policy - Orange Book
Administrative declaration
Implement software or systems in a production environment
46. Which is an ISO standard product evaluation criteria that supersedes several different criteria
attributability
The Common Criteria
Programmable Read-Only Memory (PROM)
A security domain
47. Which can be used as a covert channel?
Prevent secret information from being accessed
Trusted facility management
Storage and timing
The Red Book
48. In the Bell-LaPadula Model the Object's Label contains ___________________.
In C2 - Controlled Access Protection environment
Orange Book ratings
D
Its classification label (Top Secret - Secret or confidential)
49. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
A security domain
Files - directories and devices
Thrashing
Prevent secret information from being accessed
50. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
Polyinstantiation
The *-Property rule (Star property)
The National Computer Security Center (NCSC)
