Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






2. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






3. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


4. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






5. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






6. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






7. The Biba Model adresses _____________________.






8. Which describe a condition when RAM and Secondary storage are used together?






9. In access control terms - the word "dominate" refers to ___________.






10. What prevents a process from accessing another process' data?






11. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






12. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






13. The Reserved hard drive space used to to extend RAM capabilites.






14. Verification Protection






15. The Orange book requires protection against two_____________ - which are these Timing and Storage






16. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.






17. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






18. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






19. Applications and user activity






20. Which increases the performance in a computer by overlapping the steps of different instructions?






21. Mandatory access control is enfored by the use of security labels.






22. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






23. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






24. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.






25. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






26. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






27. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






28. System Architecture that separates system functionality into Hierarchical layers






29. Documentation must be provided - including test - design - and specification document - user guides and manuals






30. Remaining parts of the operating system






31. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






32. What access control technique is also known as multilevel security?






33. Subjects and Objects cannot change their security levels once they have been instantiated (created)






34. Contains the ending address






35. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






36. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.






37. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






38. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.






39. Which would be designated as objects on a MAC system?






40. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






41. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use






42. Another word for Primary storage and distinguishes physical memory from virtual memory.






43. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






44. Minimal Security






45. Discretionary protection






46. Which can be used as a covert channel?






47. Execute one instruction at a time.






48. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






49. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






50. What does the simple integrity axiom mean in the Biba model?






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests