SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Examples of Layered Operating Systems
Files - directories and devices
The Simple Security Property
The Security Kernel
2. Which Orange Book evaluation level is described as "Verified Design"?
Examples of Layered Operating Systems
The National Computer Security Center (NCSC)
Simple Integrity Axiom
A1
3. Simpler instructions that require fewer clock cycles to execute.
*-Integrity Axiom
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
Simple Integrity Axiom
4. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Indirect addressing
The National Computer Security Center (NCSC)
Simple Integrity Axiom
Implement software or systems in a production environment
5. When the contents of the address defined in the program's instruction is added to that of an index register.
Complex Instruction Set Computers (CISC)
Discretionary Security Property (ds-property)
Be protected from modification
Indexed addressing
6. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Life-cycle assurance - O/B
The TCSEC - Aka Orange Book
security protection mechanisms
B3
7. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Bell-LaPadula Model
The reference monitor
The Tranqulity principle (The Bell-LaPadula Model)
Orange Book - B1
8. What is called the formal acceptance of the adequacy of a system's overall security by management?
Physical security
Programmable Read-Only Memory (PROM)
Virtual Memory
Accreditation
9. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Overt channel
Discretionary Security Property (ds-property)
Indexed addressing
10. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Subject to Object Model
The National Computer Security Center (NCSC)
Security Policy - Orange Book
Trusted Network Interpretation (TNI)
11. A set of objects that a subject is able to access
Accountability - Orange Book
A Domain
D
NOT Integrity
12. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Labels - Orange Book
A Thread
Overt channel
Evaluated separately
13. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
A1
A Limit Register (Memory Management)
Need-to-know
The Evaluated Products List (EPL) with their corresponding rating
14. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Its classification label (Top Secret - Secret or confidential)
Stored in Reak Memory
The security kernel
15. Which uses Protection Profiles and Security Targets?
B2 - Structured Protection
Discretionary Security Property (ds-property)
International Standard 15408
Dedicated Security Mode
16. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Protection Rings Support
Disclosure of residual data
Pagefile.sys file
17. Mandatory Access requires that _____________ be attached to all objects.
Ring 1
The Common Criteria
Sensitivity labels
Multilevel Security Policies
18. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
All Mandatory Access Control (MAC) systems
Security Policy is clearly defined and documented
Programmable Read-Only Memory (PROM)
The "No read Up" rule
19. As per FDA data should be ______________________________.
The Red Book
B3 - Security Domains
Attributable - original - accurate - contemporaneous and legible
Orange Book ratings
20. The *-Property rule is refered to as ____________.
The "No write Down" Rule
Orange Book - B2
C2
The Simple Security Property
21. Applications and user activity
Its classification label (Top Secret - Secret or confidential)
Controlling unauthorized downgrading of information
Ring 3
Stored in Reak Memory
22. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Accountability - Orange Book
Its Clearance Label (Top Secret - Secret - or Confidential)
No read down
Division C - Discretionary Protection
23. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Buffer overflows
A security kernel
A Thread
The security perimeter
24. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
25. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Isolate processes
First evaluation class
The Integrity of data within applications
26. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
NOT Integrity
Direct Addressing
Pipelining
B2
27. Involves sharing the processor amoung all ready processes
C1 - Discretionary Security Protection
Invocation Property
Multitasking
A Base Register (Memory Management)
28. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
C2 - Controlled Access Protection
Documentation - Orange Book
Prohibits
29. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
Trusted facility management
Dedicated Security Mode
security protection mechanisms
A lattice of Intergrity Levels
30. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
A Thread
The Common Criteria
Thrashing
The Red Book
31. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Programmable Read-Only Memory (PROM)
Orange Book ratings
Access control to the objects by the subjects
Ring 3
32. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Erasable and Programmable Read-Only Memory (EPROM)
Orange Book A
Continuous protection - O/B
33. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Sensitivity labels
Mandatory access control
A1 - Rating
Certification
34. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
The rule is talking about "Reading"
Buffer overflows
Orange Book - B3
State machine model
35. Contains the beginning address
State machine model
D
No read down
A Base Register (Memory Management)
36. When a computer uses more than one CPU in parallel to execute instructions is known as?
Simple Integrity Axiom
Firmware
Controlling unauthorized downgrading of information
Multiprocessing
37. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Examples of Layered Operating Systems
State machine model
Orange Book - B1
Security rating B
38. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Invocation Property
The Common Criteria
Execution Domain
The reference monitor
39. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Virtual storage
Security Policy
Security Policy - Orange Book
Swap Space
40. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Orange Book A
attributability
Logical addresses
41. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
B1
The security kernel
Dedicated Security Mode
Trusted Distribution
42. What does the Clark-Wilson security model focus on
Primary storage
C2 - Controlled Access Protection
Integrity
Ring 2
43. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Ring 0
Pagefile.sys file
The Trusted Computing Base (TCB)
The Security Kernel
44. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Firmware
The Evaluated Products List (EPL) with their corresponding rating
The rule is talking about "Reading"
C2 - Controlled Access Protection
45. When a portion of primary memory is accessed by specifying the actual address of the memory location
The *-Property rule (Star property)
Direct addressing
Constrained
B2 - Structured Protection
46. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Multitasking
Discretionary Security Property (ds-property)
C1 - Discretionary Security Protection
47. TCSEC provides a means to evaluate ______________________.
Simple Integrity Axiom
Polyinstantiation
The trustworthiness of an information system
Need-to-know
48. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Government and military applications
NOT Integrity
B2 rating
49. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Dedicated Security Mode
B3
Logical addresses
Access control to the objects by the subjects
50. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
B3 - Rating
Trusted Network Interpretation (TNI)
A and B
A Domain