SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
B1
Orange Book ratings
Controlling unauthorized downgrading of information
Fail safe
2. What does the simple integrity axiom mean in the Biba model?
Polyinstantiation
The Simple Security Property
No read down
Assigned labels
3. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Direct addressing
Division D - Minimal Protection
The security kernel
The "No write Down" Rule
4. The Indexed memory addresses that software uses
A and B
The Security Kernel
Firmware
Logical addresses
5. As per FDA data should be ______________________________.
Enforces the rules
B1 - Labeled Security rating
Attributable - original - accurate - contemporaneous and legible
Fail safe
6. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Trusted hardware - Software and Firmware
A1 - Rating
Simple Security Rule
7. Which is a straightforward approach that provides access rights to subjects for objects?
B1 - Labeled Security
Access Matrix model
Absolute addresses
The Clark Wilson integrity model
8. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Trusted Network Interpretation (TNI)
Security Policy is clearly defined and documented
NOT Integrity
Accountability - Orange Book
9. When the contents of the address defined in the program's instruction is added to that of an index register.
Disclosure of residual data
Dominate the object's sensitivity label
The Thread (memory Management)
Indexed addressing
10. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
A1
Administrative declaration
Fail safe
The TCSEC - Aka Orange Book
11. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Need-to-know
Orange Book interpretations
The rule is talking about "Reading"
12. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Fail safe
B1
Bell-LaPadula Model
Totality of protection mechanisms
13. A Policy based control. All objects and systems have a sensitivity level assigned to them
Mandatory Access Control (MAC)
security protection mechanisms
A Layered Operating System Architecure
Totality of protection mechanisms
14. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
B3 - Security Domains
B1 - Labeled Security
Simple Security Rule
The Security Kernel
15. What are the components of an object's sensitivity label?
Security Policy - Orange Book
The security perimeter
A single classification and a Compartment Set
Types of covert channels
16. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
B2 rating
Continuous protection - O/B
Controlling unauthorized downgrading of information
A1
17. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Discretionary Security Property (ds-property)
Security Policy is clearly defined and documented
Erasable and Programmable Read-Only Memory (EPROM)
18. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Virtual storage
Prevent secret information from being accessed
Division D - Minimal Protection
attributability
19. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Orange Book C
International Standard 15408
Division C - Discretionary Protection
Controls the checks
20. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
B3
The Rule is talking about writing
B2 rating
The Tranqulity principle (The Bell-LaPadula Model)
21. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked
Prohibits
The reference monitor
The Tranqulity principle (The Bell-LaPadula Model)
Mandatory access control
22. Documentation must be provided - including test - design - and specification document - user guides and manuals
B1 - Labeled Security rating
The trustworthiness of an information system
Documentation - Orange Book
C2 - Controlled Access Protection
23. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Need-to-know
C1 - Discretionary Security Protection
attributability
24. Which Orange Book evaluation level is described as "Verified Design"?
Operational assurance requirements
The *-Property rule (Star property)
Orange Book ratings
A1
25. A system uses the Reference Monitor to ___________________ of a subject and an object?
Firmware
Attributable data
Trusted Distribution
Compare the security labels
26. When the address location that is specified in the program instruction contains the address of the final desired location.
B1 - Labeled Security rating
The Common Criteria
Implement software or systems in a production environment
Indirect addressing
27. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Multiprocessing
C1 - Discretionary Security Protection
Totality of protection mechanisms
attributability
28. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
C1 - Discretionary Security Protection
The Evaluated Products List (EPL) with their corresponding rating
Firmware
A security domain
29. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Execution Domain
Basic Security Theorem (used in computer science) definition
The Clark Wilson integrity model
Isolate processes
30. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
No write down
A and B
Identification - Orange Book
Orange Book ratings
31. Individual subjects must be uniquely identified.
Clark-Wilson Model
Identification - Orange Book
Dedicated Security Mode
Ring 2
32. When a computer uses more than one CPU in parallel to execute instructions is known as?
Relative Addresses
Ring 1
Accreditation
Multiprocessing
33. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Buffer (temporary data storage area)
B3 - Rating
Life Cycle Assurance Requirement
Swap Space
34. Discretionary protection
Orange Book C
Assigned labels
Storage and timing
A1
35. The Bell-LaPadula Model is a _______________.
Reduced Instruction Set Computers (RISC)
Security Policy
Subject to Object Model
Swap Space
36. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Its Clearance Label (Top Secret - Secret - or Confidential)
B3
B3 - Security Domains
Division B - Mandatory Protection
37. Happen because input data is not checked for appropriate length at time of input
A1 - Rating
Buffer overflows
The Common Criteria
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
38. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
B2 rating
All Mandatory Access Control (MAC) systems
Integrity
39. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
The Evaluated Products List (EPL) with their corresponding rating
Orange Book - A1
NOT Integrity
Operational assurance requirements
40. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
Division B - Mandatory Protection
Clark-Wilson Model
Ring 1
41. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Clark-Wilson
The security kernel
Programmable Read-Only Memory (PROM)
The security perimeter
42. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
The Clark Wilson integrity model
Stored in Reak Memory
Highly secure systems (B2 - B3 and A1)
43. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
The Trusted Computing Base (TCB)
The Red Book
Evaluated separately
A lattice of Intergrity Levels
44. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Division C - Discretionary Protection
The rule is talking about "Reading"
No write down
B3
45. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
In C2 - Controlled Access Protection environment
Security Policy - Orange Book
Fail safe
Division B - Mandatory Protection Architecture
46. The Simple Security rule is refered to as______________.
Orange Book - B2
The "No read Up" rule
Trusted Products Evaluation Program (TPEP)
Division B - Mandatory Protection Architecture
47. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Mandatory access control
C1 - Discrection Security Protection is a type of environment
An abstract machine
Government and military applications
48. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
*-Integrity Axiom
No write down
B3 - Security Domains
Swap Space
49. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
The Common Criteria
Multitasking
Documentation - Orange Book
50. Execute one instruction at a time.
An abstract machine
Multitasking
C1 - Discretionary Security Protection
Scalar processors