SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Protection Rings Support
Orange Book ratings
Ring 3
attributability
2. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Logical addresses
Simple Integrity Axiom
Ring 1
C1 - Discrection Security Protection is a type of environment
3. Minimal Security
B1 - Labeled Security
Identification - Orange Book
Orange Book - D
Need-to-know
4. Operating System Kernel
Ring 0
Orange Book C
Pipelining
Mandatory Access Control (MAC)
5. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
The Integrity of data within applications
Virtual storage
Most commonly used approach
The rule is talking about "Reading"
6. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Fail safe
Indexed addressing
A Thread
Disclosure of residual data
7. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Labels - Orange Book
The security perimeter
Basic Security Theorem (used in computer science) definition
The TCSEC - Aka Orange Book
8. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
No write down
Isolate processes
Certification
B3
9. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
C2 - Controlled Access Protection
The Red Book
Fail safe
C1
10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
D
Security Policy is clearly defined and documented
Trusted Distribution
A Base Register (Memory Management)
11. Documentation must be provided - including test - design - and specification document - user guides and manuals
The "No write Down" Rule
Isolate processes
Buffer overflows
Documentation - Orange Book
12. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
B3
A Thread
The reference monitor
Evaluated separately
13. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
A Limit Register (Memory Management)
Primary storage
Ring 0
*-Integrity Axiom
14. A set of objects that a subject is able to access
A Domain
C1 - Discrection Security Protection is a type of environment
Primary storage
Life Cycle Assurance Requirement
15. Which would be designated as objects on a MAC system?
Files - directories and devices
Prevent secret information from being accessed
Implement software or systems in a production environment
System High Security Mode
16. The Simple Security rule is refered to as______________.
Accreditation
The "No read Up" rule
Discretionary Security Property (ds-property)
Ring 1
17. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Execution Domain
The rule is talking about "Reading"
B3 - Security Domains
Simple Security Rule
18. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. Trusted facility management is an assurance requirement only for ________________.
Labels - Orange Book
Highly secure systems (B2 - B3 and A1)
Security Policy - Orange Book
NOT Integrity
20. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Dominate the object's sensitivity label
Enforces the rules
The Monolithic Operation system Architecture
The Tranqulity principle (The Bell-LaPadula Model)
21. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
Orange Book A
D
B1
22. Discretionary protection
Controlling unauthorized downgrading of information
Orange Book C
Orange Book - B1
First evaluation class
23. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Orange Book - D
Trusted hardware - Software and Firmware
Prevent secret information from being accessed
The Red Book
24. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Security Policy
Clark-Wilson
The Strong star property rule
The Tranqulity principle (The Bell-LaPadula Model)
25. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
The "No write Down" Rule
The Common Criteria
security protection mechanisms
26. Can be erased - modified and upgraded.
C2
C1 - Discrection Security Protection is a type of environment
Thrashing
Erasable and Programmable Read-Only Memory (EPROM)
27. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Physical security
Invocation Property
The security kernel
Trusted hardware - Software and Firmware
28. Should always trace to individuals responsible for observing and recording the data
Multitasking
The "No read Up" rule
Attributable data
Firmware
29. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Documentation - Orange Book
Virtual storage
Mandatory Access Control (MAC)
Prohibits
30. When a portion of primary memory is accessed by specifying the actual address of the memory location
The "No write Down" Rule
Examples of Layered Operating Systems
Direct addressing
Division B - Mandatory Protection
31. What prevents a process from accessing another process' data?
C1
Simple Integrity Axiom
Process isolation
B1 - Labeled Security
32. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
A security kernel
Administrative declaration
Absolute addresses
No read down
33. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Red Book
Ring 0
A Limit Register (Memory Management)
Security Policy - Orange Book
34. What does the simple security (ss) property mean in the Bell-LaPadula model?
The National Computer Security Center (NCSC)
Isolate processes
D
No read up
35. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
The Clark Wilson integrity model
Be protected from modification
Prevent secret information from being accessed
The *-Property rule (Star property)
36. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Security Policy
Multilevel Security Policies
No read up
37. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
A1 - Rating
The Rule is talking about writing
C2 - Controlled Access Protection
Orange Book ratings
38. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Multilevel Security Policies
D
Totality of protection mechanisms
Controls the checks
39. Involves sharing the processor amoung all ready processes
Multitasking
Access Matrix model
Models concerned with integrity
The TCSEC - Aka Orange Book
40. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Relative Addresses
Isolate processes
The *-Property rule (Star property)
Secondary Storage
41. Which increases the performance in a computer by overlapping the steps of different instructions?
Sensitivity labels
Pipelining
Attributable data
Trusted Distribution
42. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
C2 - Controlled Access Protection
Division B - Mandatory Protection Architecture
Orange Book - B1
43. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
B3 - Security Domains
A and B
The Biba Model
Labels - Orange Book
44. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Isolate processes
Process isolation
The Security Kernel
45. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Logical addresses
An abstract machine
Virtual storage
Orange Book - A1
46. The Indexed memory addresses that software uses
C2
Certification
Logical addresses
C2 - Controlled Access Protection
47. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A Base Register (Memory Management)
A lattice of Intergrity Levels
Controlling unauthorized downgrading of information
Higher or equal to access class
48. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
No write down
Division B - Mandatory Protection Architecture
The National Computer Security Center (NCSC)
B1 - Labeled Security
49. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
B1 - Labeled Security
Fail safe
B1
Orange Book - A1
50. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
No write down
Multilevel Security Policies
Networks and Communications
NOT Integrity
