SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which in the Orange Book ratings represents the highest level of trust?
Discretionary Security Property (ds-property)
The National Computer Security Center (NCSC)
B2
The Clark Wilson integrity model
2. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Sensitivity labels
Orange Book interpretations
A lattice of Intergrity Levels
Attributable - original - accurate - contemporaneous and legible
3. Contains the ending address
Orange Book - B3
A Limit Register (Memory Management)
Its classification label (Top Secret - Secret or confidential)
A single classification and a Compartment Set
4. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
C1
Its Clearance Label (Top Secret - Secret - or Confidential)
A security domain
The Monolithic Operation system Architecture
5. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Its classification label (Top Secret - Secret or confidential)
Division B - Mandatory Protection
B3 - Rating
6. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
The Thread (memory Management)
Government and military applications
A1 - Rating
7. When a portion of primary memory is accessed by specifying the actual address of the memory location
The Common Criteria
D
Security mechanisms and evalautes their effectivenes
Direct addressing
8. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
All Mandatory Access Control (MAC) systems
The security kernel
The National Computer Security Center (NCSC)
9. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
C1 - Discrection Security Protection is a type of environment
Government and military applications
The Clark Wilson integrity model
The TCSEC - Aka Orange Book
10. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Certification
Sensitivity labels
Trusted Distribution
Government and military applications
11. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Controls the checks
Orange Book C
C1
Indexed addressing
12. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Highly secure systems (B2 - B3 and A1)
A Domain
Erasable and Programmable Read-Only Memory (EPROM)
In C2 - Controlled Access Protection environment
13. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
No read up
Highly secure systems (B2 - B3 and A1)
Access control to the objects by the subjects
Attributable data
14. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
B1 - Labeled Security rating
C2 - Controlled Access Protection
The security kernel
15. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Indirect addressing
Division B - Mandatory Protection
Absolute addresses
Firmware
16. Documentation must be provided - including test - design - and specification document - user guides and manuals
The Simple Security Property
Documentation - Orange Book
State machine model
Thrashing
17. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
The Simple Security Property
Controls the checks
A security kernel
An abstract machine
18. Which describe a condition when RAM and Secondary storage are used together?
Dedicated Security Mode
Virtual storage
The *-Property rule (Star property)
Stored in Reak Memory
19. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Life Cycle Assurance Requirement
Identification - Orange Book
Physical security
Ring 3
20. The C2 evaluation class of the _________________ offers controlled access protection.
Clark-Wilson Model
Enforces the rules
Trusted Network Interpretation (TNI)
Prohibits
21. Subjects and Objects cannot change their security levels once they have been instantiated (created)
The "No read Up" rule
Mandatory Access Control (MAC)
In C2 - Controlled Access Protection environment
The Tranqulity principle (The Bell-LaPadula Model)
22. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The rule is talking about "Reading"
Totality of protection mechanisms
The Rule is talking about writing
Programmable Read-Only Memory (PROM)
23. Succesfully Evaluated products are placed on?
Cache Memory
Administrative declaration
B3 - Rating
The Evaluated Products List (EPL) with their corresponding rating
24. Each data object must contain a classification label and each subject must have a clearance label.
Logical addresses
B1 - Labeled Security
Models concerned with integrity
Overt channel
25. When a vendor submits a product for evaluation - it submits it to the ____________.
Ring 2
The "No read Up" rule
The National Computer Security Center (NCSC)
Logical addresses
26. What access control technique is also known as multilevel security?
Higher or equal to access class
Division C - Discretionary Protection
Mandatory access control
*-Integrity Axiom
27. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Attributable data
Mandatory Access Control (MAC)
C2 - Controlled Access Protection
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
28. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Operational assurance requirements
Orange Book A
B3
The National Computer Security Center (NCSC)
29. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
B1 - Labeled Security
An abstract machine
Orange Book - B1
B3
30. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Protection Rings Support
C1 - Discrection Security Protection is a type of environment
B1 - Labeled Security
A security domain
31. Which can be used as a covert channel?
Totality of protection mechanisms
Real storage
Storage and timing
B3 - Security Domains
32. Users need to be Identified individually to provide more precise acces control and auditing functionality.
Cache Memory
Security rating B
State machine model
C2 - Controlled Access Protection
33. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Discretionary Security Property (ds-property)
Administrative declaration
Thrashing
A Thread
34. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
No read up
The National Computer Security Center (NCSC)
The Red Book
Orange Book - B2
35. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Clark-Wilson
A single classification and a Compartment Set
Cache Memory
36. Which TCSEC level first addresses object reuse?
Pagefile.sys file
Life Cycle Assurance Requirement
A Base Register (Memory Management)
C2
37. What prevents a process from accessing another process' data?
The trustworthiness of an information system
Absolute addresses
Process isolation
The Evaluated Products List (EPL) with their corresponding rating
38. The security kernel is the mechanism that _____________ of the reference monitor concept.
B2
A1 - Rating
Enforces the rules
B1
39. The group that oversees the processes of evaluation within TCSEC is?
Trusted Products Evaluation Program (TPEP)
The Biba Model
The *-Property rule (Star property)
Access Matrix model
40. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Certification
D
Dominate the object's sensitivity label
Attributable data
41. Involves sharing the processor amoung all ready processes
The security perimeter
Trusted facility management
Multitasking
Swap Space
42. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
B3
A single classification and a Compartment Set
'Dominate'
Overt channel
43. The Orange book requires protection against two_____________ - which are these Timing and Storage
C1
The Rule is talking about writing
Orange Book C
Types of covert channels
44. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
B3 - Security Domains
Integrity
The National Computer Security Center (NCSC)
Controlling unauthorized downgrading of information
45. When the address location that is specified in the program instruction contains the address of the final desired location.
B2
Ring 1
Indirect addressing
Virtual storage
46. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Prevent secret information from being accessed
All Mandatory Access Control (MAC) systems
C2 - Controlled Access Protection
C2
47. What does the simple integrity axiom mean in the Biba model?
The Common Criteria
No read down
C2
State machine model
48. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
State machine model
Its Clearance Label (Top Secret - Secret - or Confidential)
Most commonly used approach
Orange Book interpretations
49. A system uses the Reference Monitor to ___________________ of a subject and an object?
Attributable data
Compare the security labels
The Biba Model
The "No write Down" Rule
50. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The Strong star property rule
The *-Property rule (Star property)
Division B - Mandatory Protection Architecture
Indirect addressing
