Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. As per FDA data should be ______________________________.






2. In the Bell-LaPadula Model the Object's Label contains ___________________.






3. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






4. The assignment of a specific individual to administer the security-related functions of a system.






5. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






6. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






7. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






8. Execute one instruction at a time.






9. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






10. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.






11. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






12. A subject at a given clearance may not read an object at a higher classification






13. Intended for environments that require systems to handle classified data.






14. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






15. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






16. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.






17. Mandatory Protection






18. Data in Cache can be accessed much more quickly than Data






19. Which TCSEC level first addresses object reuse?






20. A Policy based control. All objects and systems have a sensitivity level assigned to them






21. The Bell-LaPadula model Subjects and Objects are ___________.






22. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






23. The Physical memory address that the CPU uses






24. The Bell-LaPadula Model is a _______________.






25. When the address location that is specified in the program instruction contains the address of the final desired location.






26. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






27. What does the simple security (ss) property mean in the Bell-LaPadula model?






28. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






29. When the RAM and secondary storage are combined the result is __________.






30. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






31. Subjects and Objects cannot change their security levels once they have been instantiated (created)






32. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






33. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?






34. What are the components of an object's sensitivity label?






35. Contains an Address of where the instruction and dara reside that need to be processed.






36. The Orange book requires protection against two_____________ - which are these Timing and Storage






37. Which in the Orange Book ratings represents the highest level of trust?






38. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






39. The subject must have Need to Know for ONLY the information they are trying to access.






40. The combination of RAM - Cache and the Processor Registers






41. When the contents of the address defined in the program's instruction is added to that of an index register.






42. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






43. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.






44. Simpler instructions that require fewer clock cycles to execute.






45. The Indexed memory addresses that software uses






46. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






47. The total combination of protection mechanisms within a computer system






48. According to the Orange Book - trusted facility management is not required for which security levels?






49. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.






50. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system