SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
Secondary Storage
B2 - Structured Protection
Simple Security Rule
Multitasking
2. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
B3
Accountability - Orange Book
The "No write Down" Rule
3. All users have a clearance for and a formal need to know about - all data processed with the system.
Security Policy is clearly defined and documented
Certification
C1 - Discrection Security Protection is a type of environment
Dedicated Security Mode
4. What model use an access control triples and requires that the system maintain separation of duty ?
Sensitivity labels
Highly secure systems (B2 - B3 and A1)
Clark-Wilson
The Integrity of data within applications
5. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
B3 - Rating
B3
NOT Integrity
A Domain
6. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Virtual Memory
Firmware
B2
7. The group that oversees the processes of evaluation within TCSEC is?
Its Clearance Label (Top Secret - Secret - or Confidential)
Ring 0
Trusted Products Evaluation Program (TPEP)
Buffer overflows
8. The Simple Security rule is refered to as______________.
The "No read Up" rule
TCB (Trusted Computing Base)
Ring 0
Trusted Distribution
9. When the RAM and secondary storage are combined the result is __________.
Isolate processes
Examples of Layered Operating Systems
Life Cycle Assurance Requirement
Virtual Memory
10. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
C2 - Controlled Access Protection
Orange Book - B3
Dedicated Security Mode
The Strong star property rule
11. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Programmable Read-Only Memory (PROM)
Orange Book - B1
NOT Integrity
C2 - Controlled Access Protection
12. Remaining parts of the operating system
The Common Criteria
The rule is talking about "Reading"
Ring 1
Its Clearance Label (Top Secret - Secret - or Confidential)
13. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Highly secure systems (B2 - B3 and A1)
Documentation - Orange Book
Orange Book C
14. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Orange Book B
First evaluation class
Disclosure of residual data
Be protected from modification
15. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Isolate processes
The *-Property rule (Star property)
Life Cycle Assurance Requirement
Buffer (temporary data storage area)
16. Intended for environments that require systems to handle classified data.
B1 - Labeled Security rating
C2 - Controlled Access Protection
Storage and timing
Examples of Layered Operating Systems
17. Which can be used as a covert channel?
Storage and timing
Logical addresses
Complex Instruction Set Computers (CISC)
Orange Book - D
18. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Orange Book - A1
Reduced Instruction Set Computers (RISC)
*-Integrity Axiom
Orange Book C
20. A type of memory used for High-speed writing and reading activities.
Cache Memory
A security kernel
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Controlling unauthorized downgrading of information
21. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Orange Book ratings
Highly secure systems (B2 - B3 and A1)
Assigned labels
The Strong star property rule
22. Should always trace to individuals responsible for observing and recording the data
Attributable data
Continuous protection - O/B
'Dominate'
The Evaluated Products List (EPL) with their corresponding rating
23. The combination of RAM - Cache and the Processor Registers
The Clark Wilson integrity model
Primary storage
Clark-Wilson Model
C2 - Controlled Access Protection
24. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Direct addressing
Evaluated separately
Continuous protection - O/B
Security Policy - Orange Book
25. Which would be designated as objects on a MAC system?
Files - directories and devices
Division B - Mandatory Protection Architecture
Trusted Network Interpretation (TNI)
Basic Security Theorem (used in computer science) definition
26. The Indexed memory addresses that software uses
B1 - Labeled Security rating
Logical addresses
Enforces the rules
B1
27. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Orange Book - B3
A Base Register (Memory Management)
Access Matrix model
28. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Isolate processes
Access Matrix model
Bell-LaPadula Model
29. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Programmable Read-Only Memory (PROM)
Trusted Distribution
The security kernel
Clark-Wilson Model
30. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Division D - Minimal Protection
Prohibits
A Base Register (Memory Management)
Trusted Distribution
31. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Multiprocessing
C2
Security rating B
32. The Reserved hard drive space used to to extend RAM capabilites.
C1
Trusted hardware - Software and Firmware
The Red Book
Swap Space
33. Mandatory Protection
Virtual storage
A Domain
Clark-Wilson
Orange Book B
34. The Biba Model is not concerned with security levels and confidentiality. It uses _________________.
A lattice of Intergrity Levels
Prevent secret information from being accessed
The trustworthiness of an information system
Totality of protection mechanisms
35. Contains an Address of where the instruction and dara reside that need to be processed.
Indexed addressing
The Integrity of data within applications
The Thread (memory Management)
The National Computer Security Center (NCSC)
36. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
Physical security
Dedicated Security Mode
Overt channel
37. A subject at a given clearance may not read an object at a higher classification
Cache Memory
The Simple Security Property
B3
Bell-LaPadula Model
38. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
The "No write Down" Rule
B3 - Security Domains
Access control to the objects by the subjects
Trusted Distribution
39. What does the simple integrity axiom mean in the Biba model?
No read down
No write down
A security kernel
Thrashing
40. Documentation must be provided - including test - design - and specification document - user guides and manuals
B3
B2 - Structured Protection
Indexed addressing
Documentation - Orange Book
41. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
Clark-Wilson Model
Orange Book B
B2
The Trusted Computing Base (TCB)
42. In the Bell-LaPadula Model the Subject's Label contains ___________________.
The TCSEC - Aka Orange Book
Government and military applications
Its Clearance Label (Top Secret - Secret - or Confidential)
Operational assurance requirements
43. A system uses the Reference Monitor to ___________________ of a subject and an object?
Compare the security labels
Indirect addressing
B3 - Rating
Direct addressing
44. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Orange Book - B1
Invocation Property
Indirect addressing
The Integrity of data within applications
45. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
Logical addresses
Simple Integrity Axiom
C1
46. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
C1 - Discretionary Security Protection
Administrative declaration
Discretionary Security Property (ds-property)
47. A Policy based control. All objects and systems have a sensitivity level assigned to them
NOT Integrity
A Layered Operating System Architecure
Mandatory Access Control (MAC)
Mandatory access control
48. Applications and user activity
Cache Memory
The "No write Down" Rule
Ring 3
Attributable - original - accurate - contemporaneous and legible
49. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Clark-Wilson
First evaluation class
B3 - Rating
50. The Orange book requires protection against two_____________ - which are these Timing and Storage
Orange Book ratings
Virtual Memory
Types of covert channels
Sensitivity labels
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests