Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Based on a known address with an offset value applied.






2. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






3. Execute one instruction at a time.






4. Which describe a condition when RAM and Secondary storage are used together?






5. When the contents of the address defined in the program's instruction is added to that of an index register.






6. What is called the formal acceptance of the adequacy of a system's overall security by management?






7. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.






8. Succesfully Evaluated products are placed on?






9. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.






10. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






11. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






12. Data in Cache can be accessed much more quickly than Data






13. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






14. Which increases the performance in a computer by overlapping the steps of different instructions?






15. Operating System Kernel






16. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)






17. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






18. As per FDA data should be ______________________________.






19. Which would be designated as objects on a MAC system?






20. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






21. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






22. Discretionary protection






23. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






24. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






25. The C2 evaluation class of the _________________ offers controlled access protection.






26. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






27. Users need to be Identified individually to provide more precise acces control and auditing functionality.






28. Should always trace to individuals responsible for observing and recording the data






29. Used by Windows systems to reserve the "Swap Space"






30. According to the Orange Book - trusted facility management is not required for which security levels?






31. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






32. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






33. Each data object must contain a classification label and each subject must have a clearance label.






34. When a vendor submits a product for evaluation - it submits it to the ____________.






35. Mandatory access control is enfored by the use of security labels.






36. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






37. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






38. Mandatory Access requires that _____________ be attached to all objects.






39. Which addresses a portion of the primary memory by specifying the actual address of the memory location?






40. The subject must have Need to Know for ONLY the information they are trying to access.






41. When a portion of primary memory is accessed by specifying the actual address of the memory location






42. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






43. In access control terms - the word "dominate" refers to ___________.






44. What model use an access control triples and requires that the system maintain separation of duty ?






45. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






46. Intended for environments that require systems to handle classified data.






47. Permits a database to have two records that are identical except for Their classifications






48. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.






49. I/O drivers and utilities






50. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.