SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Assigned labels
*-Integrity Axiom
A Layered Operating System Architecure
Models concerned with integrity
2. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
Controls the checks
Thrashing
Certification
C1
3. A domain of trust that shares a single security policy and single management
A security domain
Orange Book A
Isolate processes
Reduced Instruction Set Computers (RISC)
4. Happen because input data is not checked for appropriate length at time of input
The "No read Up" rule
Buffer overflows
C2 - Controlled Access Protection
The Thread (memory Management)
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Files - directories and devices
Orange Book - D
International Standard 15408
Its Clearance Label (Top Secret - Secret - or Confidential)
6. The total combination of protection mechanisms within a computer system
Models concerned with integrity
TCB (Trusted Computing Base)
Process isolation
The trustworthiness of an information system
7. Which increases the performance in a computer by overlapping the steps of different instructions?
Ring 2
Pipelining
The "No read Up" rule
The rule is talking about "Reading"
8. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Continuous protection - O/B
B1
'Dominate'
9. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Dedicated Security Mode
A single classification and a Compartment Set
Overt channel
Trusted Distribution
10. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system
Ring 1
Isolate processes
A1
Orange Book - A1
11. The Bell-LaPadula model Subjects and Objects are ___________.
Discretionary Security Property (ds-property)
Assigned labels
B3 - Rating
Thrashing
12. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Be protected from modification
Simple Integrity Axiom
B3 - Rating
A security kernel
13. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Orange Book - B3
Cache Memory
Orange Book C
14. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
A1
Access control to the objects by the subjects
Accreditation
C2
15. The assignment of a specific individual to administer the security-related functions of a system.
Totality of protection mechanisms
Simple Security Rule
A Thread
Trusted facility management
16. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
B3 - Security Domains
Need-to-know
Trusted Network Interpretation (TNI)
17. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Access control to the objects by the subjects
The Evaluated Products List (EPL) with their corresponding rating
Security Policy
First evaluation class
18. A Policy based control. All objects and systems have a sensitivity level assigned to them
Discretionary Security Property (ds-property)
Mandatory Access Control (MAC)
Trusted Network Interpretation (TNI)
attributability
19. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
A security domain
The Trusted Computing Base (TCB)
A security kernel
All Mandatory Access Control (MAC) systems
20. Each data object must contain a classification label and each subject must have a clearance label.
B1 - Labeled Security
Controls the checks
Attributable data
Fail safe
21. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Storage and timing
Higher or equal to access class
Physical security
The Evaluated Products List (EPL) with their corresponding rating
22. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Absolute addresses
The Evaluated Products List (EPL) with their corresponding rating
C2 - Controlled Access Protection
Orange Book C
23. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Mandatory Access Control (MAC)
attributability
The "No read Up" rule
Clark-Wilson Model
24. Which TCSEC level first addresses object reuse?
Controls the checks
B1 - Labeled Security
Clark-Wilson
C2
25. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Enforces the rules
Multilevel Security Policies
C1
attributability
26. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
A Base Register (Memory Management)
Ring 0
The reference monitor
Orange Book interpretations
27. TCB contains The Security Kernel and all ______________.
The security kernel
No write down
security protection mechanisms
Security Policy
28. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Security Policy is clearly defined and documented
Orange Book - A1
B1 - Labeled Security rating
The Strong star property rule
29. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
A1
Security rating B
Models concerned with integrity
The reference monitor
30. What does the * (star) property mean in the Bell-LaPadula model?
The Strong star property rule
Attributable - original - accurate - contemporaneous and legible
No write down
'Dominate'
31. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
The Tranqulity principle (The Bell-LaPadula Model)
C1 - Discretionary Security Protection
Orange Book - D
A security domain
32. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Virtual storage
Simple Security Rule
Division B - Mandatory Protection
Overt channel
33. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
B2 rating
The Monolithic Operation system Architecture
C2 - Controlled Access Protection
Orange Book - A1
34. The subject must have Need to Know for ONLY the information they are trying to access.
No read up
Labels - Orange Book
A1
System High Security Mode
35. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
NOT Integrity
Division B - Mandatory Protection Architecture
C2 - Controlled Access Protection
Invocation Property
36. What access control technique is also known as multilevel security?
Indexed addressing
B3
Mandatory access control
Need-to-know
37. Succesfully Evaluated products are placed on?
Thrashing
B1 - Labeled Security rating
The Evaluated Products List (EPL) with their corresponding rating
A single classification and a Compartment Set
38. Should always trace to individuals responsible for observing and recording the data
A Base Register (Memory Management)
Attributable data
The Integrity of data within applications
Sensitivity labels
39. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
'Dominate'
Covert channels
Government and military applications
Discretionary Security Property (ds-property)
40. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
The Evaluated Products List (EPL) with their corresponding rating
attributability
Administrative declaration
41. The Simple Security rule is refered to as______________.
D
The trustworthiness of an information system
Buffer (temporary data storage area)
The "No read Up" rule
42. What does the simple integrity axiom mean in the Biba model?
Security rating B
C2 - Controlled Access Protection
No read down
Access Matrix model
43. Applications and user activity
C2
Ring 3
Orange Book - B2
Invocation Property
44. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C1 - Discrection Security Protection is a type of environment
Labels - Orange Book
B3
Trusted hardware - Software and Firmware
45. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Access control to the objects by the subjects
Direct Addressing
attributability
Overt channel
46. System Architecture that separates system functionality into Hierarchical layers
Access Matrix model
A Layered Operating System Architecure
Orange Book - B3
Pagefile.sys file
47. Access control labels must be associated properly with objects.
Labels - Orange Book
Buffer overflows
A Limit Register (Memory Management)
The security perimeter
48. The Orange book does NOT Cover ________________ - And Database management systems
Simple Security Rule
Cache Memory
Networks and Communications
The security perimeter
49. The Biba Model adresses _____________________.
Accountability - Orange Book
The National Computer Security Center (NCSC)
The Integrity of data within applications
Virtual Memory
50. Trusted facility management is an assurance requirement only for ________________.
The "No write Down" Rule
Division B - Mandatory Protection
Highly secure systems (B2 - B3 and A1)
security protection mechanisms
