SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Accreditation
NOT Integrity
The Monolithic Operation system Architecture
2. In the Bell-LaPadula Model the Object's Label contains ___________________.
Attributable data
Most commonly used approach
Its classification label (Top Secret - Secret or confidential)
A1
3. All users have a clearance for and a formal need to know about - all data processed with the system.
Scalar processors
Dedicated Security Mode
Multitasking
A Layered Operating System Architecure
4. Minimal Security
Orange Book - D
The Strong star property rule
Security Policy is clearly defined and documented
No read up
5. When a computer uses more than one CPU in parallel to execute instructions is known as?
C1 - Discretionary Security Protection
Basic Security Theorem (used in computer science) definition
Multiprocessing
Swap Space
6. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s
Indirect addressing
Firmware
No write down
The National Computer Security Center (NCSC)
7. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Identification - Orange Book
No read down
Division B - Mandatory Protection
The Monolithic Operation system Architecture
8. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
B3
Orange Book - B2
Execution Domain
attributability
9. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Trusted facility management
Life-cycle assurance - O/B
Documentation - Orange Book
10. Simpler instructions that require fewer clock cycles to execute.
The Strong star property rule
Division C - Discretionary Protection
Reduced Instruction Set Computers (RISC)
The Trusted Computing Base (TCB)
11. Contains the ending address
C1 - Discrection Security Protection is a type of environment
A Limit Register (Memory Management)
Erasable and Programmable Read-Only Memory (EPROM)
Administrative declaration
12. What prevents a process from accessing another process' data?
Security rating B
Documentation - Orange Book
Process isolation
Cache Memory
13. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Process isolation
Higher or equal to access class
Be protected from modification
Orange Book - B2
14. Contains an Address of where the instruction and dara reside that need to be processed.
Orange Book A
The Thread (memory Management)
Swap Space
Examples of Layered Operating Systems
15. The TCB is the ________________ within a computer system that work together to enforce a security policy.
The trustworthiness of an information system
Totality of protection mechanisms
Division B - Mandatory Protection
C1 - Discrection Security Protection is a type of environment
16. Contains the beginning address
A Base Register (Memory Management)
International Standard 15408
B3
A Domain
17. The assignment of a specific individual to administer the security-related functions of a system.
Discretionary Security Property (ds-property)
B2
Trusted facility management
The rule is talking about "Reading"
18. What are the components of an object's sensitivity label?
Identification - Orange Book
A single classification and a Compartment Set
C1 - Discrection Security Protection is a type of environment
The "No write Down" Rule
19. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
Mandatory Access Control (MAC)
Real storage
Orange Book A
D
20. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
The "No read Up" rule
Basic Security Theorem (used in computer science) definition
A Thread
Controls the checks
21. Execute one instruction at a time.
Reduced Instruction Set Computers (RISC)
Scalar processors
The Trusted Computing Base (TCB)
The Biba Model
22. Which is a straightforward approach that provides access rights to subjects for objects?
Implement software or systems in a production environment
International Standard 15408
D
Access Matrix model
23. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
The Evaluated Products List (EPL) with their corresponding rating
Multitasking
The Tranqulity principle (The Bell-LaPadula Model)
24. Discretionary protection
Documentation - Orange Book
Orange Book C
Accountability - Orange Book
A Thread
25. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
B1 - Labeled Security rating
Evaluated separately
Security rating B
A single classification and a Compartment Set
26. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Thrashing
C1 - Discretionary Security Protection
Government and military applications
The Simple Security Property
27. The C2 evaluation class of the _________________ offers controlled access protection.
Erasable and Programmable Read-Only Memory (EPROM)
Trusted Network Interpretation (TNI)
Division B - Mandatory Protection
The security kernel
28. A system uses the Reference Monitor to ___________________ of a subject and an object?
The reference monitor
Compare the security labels
Trusted Products Evaluation Program (TPEP)
Higher or equal to access class
29. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
The Thread (memory Management)
Pagefile.sys file
A1 - Rating
30. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Sensitivity labels
The Rule is talking about writing
Disclosure of residual data
Multitasking
31. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
A Limit Register (Memory Management)
Models concerned with integrity
'Dominate'
Prevent secret information from being accessed
32. Which in the Orange Book ratings represents the highest level of trust?
Networks and Communications
B2
A1 - Rating
The Simple Security Property
33. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Its classification label (Top Secret - Secret or confidential)
Orange Book - B2
Absolute addresses
B3
34. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The Evaluated Products List (EPL) with their corresponding rating
Fail safe
An abstract machine
The "No read Up" rule
35. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
Process isolation
Clark-Wilson Model
Enforces the rules
36. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Assigned labels
Bell-LaPadula Model
Most commonly used approach
B2 rating
37. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Primary storage
Pagefile.sys file
Simple Security Rule
Physical security
38. What is called the formal acceptance of the adequacy of a system's overall security by management?
Examples of Layered Operating Systems
Accountability - Orange Book
Administrative declaration
Accreditation
39. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Examples of Layered Operating Systems
Subject to Object Model
Basic Security Theorem (used in computer science) definition
The *-Property rule (Star property)
40. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
C2 - Controlled Access Protection
Orange Book A
Security Policy - Orange Book
Trusted facility management
41. What does the * (star) property mean in the Bell-LaPadula model?
Accreditation
Pipelining
Bell-LaPadula Model
No write down
42. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Models concerned with integrity
Discretionary Security Property (ds-property)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C1 - Discrection Security Protection is a type of environment
43. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
Isolate processes
The Red Book
Be protected from modification
44. The Physical memory address that the CPU uses
Absolute addresses
A Layered Operating System Architecure
The Monolithic Operation system Architecture
Ring 3
45. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
A lattice of Intergrity Levels
Life Cycle Assurance Requirement
B3 - Rating
Ring 3
46. Which is an ISO standard product evaluation criteria that supersedes several different criteria
C2
Clark-Wilson
The Common Criteria
A and B
47. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
A1 - Rating
Dedicated Security Mode
Indexed addressing
B1
48. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
Basic Security Theorem (used in computer science) definition
Subject to Object Model
The Security Kernel
49. The Orange book requires protection against two_____________ - which are these Timing and Storage
Types of covert channels
Life Cycle Assurance Requirement
Covert channels
B3 - Rating
50. When a portion of primary memory is accessed by specifying the actual address of the memory location
The Biba Model
B1 - Labeled Security rating
Direct addressing
Firmware
