SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Higher or equal to access class
Government and military applications
Security Policy is clearly defined and documented
The Tranqulity principle (The Bell-LaPadula Model)
2. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
A Domain
Firmware
Security Policy - Orange Book
Orange Book - B3
3. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Orange Book interpretations
C2 - Controlled Access Protection
Division C - Discretionary Protection
Division B - Mandatory Protection
4. Mediates all access and Functions between subjects and objects.
Access control to the objects by the subjects
C2
The Security Kernel
The Integrity of data within applications
5. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
TCB (Trusted Computing Base)
Models concerned with integrity
Real storage
Thrashing
6. A system uses the Reference Monitor to ___________________ of a subject and an object?
B3
Its classification label (Top Secret - Secret or confidential)
Compare the security labels
The Red Book
7. The Bell-LaPadula Model is a _______________.
In C2 - Controlled Access Protection environment
Subject to Object Model
The Tranqulity principle (The Bell-LaPadula Model)
Indirect addressing
8. Happen because input data is not checked for appropriate length at time of input
Process isolation
Buffer overflows
B3 - Rating
Highly secure systems (B2 - B3 and A1)
9. What does the simple integrity axiom mean in the Biba model?
The Tranqulity principle (The Bell-LaPadula Model)
The Strong star property rule
Need-to-know
No read down
10. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Invocation Property
security protection mechanisms
Orange Book - B3
Protection Rings Support
11. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
A1 - Rating
C2 - Controlled Access Protection
Orange Book - B3
Protection Rings Support
12. The Simple Security rule is refered to as______________.
Bell-LaPadula Model
Sensitivity labels
The "No read Up" rule
A1 - Rating
13. Which in the Orange Book ratings represents the highest level of trust?
Relative Addresses
The security perimeter
Swap Space
B2
14. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Identification - Orange Book
C1
Constrained
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
15. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
Documentation - Orange Book
Prohibits
Pagefile.sys file
Multitasking
16. In the Bell-LaPadula Model the Object's Label contains ___________________.
Its classification label (Top Secret - Secret or confidential)
Security mechanisms and evalautes their effectivenes
The "No read Up" rule
Trusted Products Evaluation Program (TPEP)
17. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
C1 - Discretionary Security Protection
Security Policy
Sensitivity labels
Fail safe
18. When a vendor submits a product for evaluation - it submits it to the ____________.
*-Integrity Axiom
The TCSEC - Aka Orange Book
Ring 3
The National Computer Security Center (NCSC)
19. Should always trace to individuals responsible for observing and recording the data
A and B
Orange Book A
Attributable data
A Thread
20. The combination of RAM - Cache and the Processor Registers
Primary storage
Higher or equal to access class
Ring 1
Trusted facility management
21. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Buffer (temporary data storage area)
Integrity
The trustworthiness of an information system
The "No read Up" rule
22. Access control labels must be associated properly with objects.
Trusted Products Evaluation Program (TPEP)
B1 - Labeled Security
Erasable and Programmable Read-Only Memory (EPROM)
Labels - Orange Book
23. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Indirect addressing
C2 - Controlled Access Protection
Orange Book ratings
Life Cycle Assurance Requirement
24. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Clark-Wilson Model
Simple Security Rule
Orange Book - B1
Security rating B
25. When a computer uses more than one CPU in parallel to execute instructions is known as?
Identification - Orange Book
Multiprocessing
Access control to the objects by the subjects
Administrative declaration
26. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Accreditation
Overt channel
*-Integrity Axiom
Programmable Read-Only Memory (PROM)
27. Used by Windows systems to reserve the "Swap Space"
Subject to Object Model
Pagefile.sys file
Programmable Read-Only Memory (PROM)
Orange Book - A1
28. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
The reference monitor
Enforces the rules
Controls the checks
29. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
Buffer overflows
Simple Integrity Axiom
Assigned labels
The Rule is talking about writing
30. A Policy based control. All objects and systems have a sensitivity level assigned to them
Swap Space
Orange Book ratings
Mandatory Access Control (MAC)
Cache Memory
31. What does the Clark-Wilson security model focus on
Integrity
Models concerned with integrity
B1 - Labeled Security rating
Evaluated separately
32. The group that oversees the processes of evaluation within TCSEC is?
NOT Integrity
B1
The Rule is talking about writing
Trusted Products Evaluation Program (TPEP)
33. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Sensitivity labels
A Base Register (Memory Management)
Swap Space
No write down
34. Can be erased - modified and upgraded.
Highly secure systems (B2 - B3 and A1)
Thrashing
Erasable and Programmable Read-Only Memory (EPROM)
Ring 0
35. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Security Policy - Orange Book
Security rating B
Swap Space
B2
36. Users need to be Identified individually to provide more precise acces control and auditing functionality.
C2 - Controlled Access Protection
Secondary Storage
Identification - Orange Book
Orange Book ratings
37. When the address location that is specified in the program instruction contains the address of the final desired location.
Security rating B
The Red Book
Bell-LaPadula Model
Indirect addressing
38. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
Overt channel
Trusted facility management
Swap Space
39. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
B2 rating
A1
B1 - Labeled Security rating
A Domain
40. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Firmware
Mandatory access control
Swap Space
Orange Book - B2
41. The security kernel is the mechanism that _____________ of the reference monitor concept.
Buffer overflows
Labels - Orange Book
Enforces the rules
The rule is talking about "Reading"
42. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Accreditation
Mandatory Access Control (MAC)
Basic Security Theorem (used in computer science) definition
The Tranqulity principle (The Bell-LaPadula Model)
43. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Division B - Mandatory Protection Architecture
Orange Book B
Basic Security Theorem (used in computer science) definition
The rule is talking about "Reading"
44. A set of objects that a subject is able to access
A Domain
Primary storage
Buffer overflows
Sensitivity labels
45. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Invocation Property
Certification
The National Computer Security Center (NCSC)
*-Integrity Axiom
46. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
Operational assurance requirements
Virtual Memory
Direct addressing
47. Another word for Primary storage and distinguishes physical memory from virtual memory.
B3 - Security Domains
Real storage
Isolate processes
Networks and Communications
48. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
The *-Property rule (Star property)
Identification - Orange Book
Orange Book - B3
49. As per FDA data should be ______________________________.
Relative Addresses
Accountability - Orange Book
Attributable - original - accurate - contemporaneous and legible
Orange Book - B3
50. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
Security Policy - Orange Book
C2
System High Security Mode
NOT Integrity
