SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Compare the security labels
Most commonly used approach
The Strong star property rule
2. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
'Dominate'
Constrained
Cache Memory
In C2 - Controlled Access Protection environment
3. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Accreditation
B3 - Security Domains
Its Clearance Label (Top Secret - Secret - or Confidential)
Virtual Memory
4. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
B2 - Structured Protection
Access Matrix model
Overt channel
Clark-Wilson Model
5. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
System High Security Mode
Storage and timing
The Common Criteria
6. What access control technique is also known as multilevel security?
Buffer overflows
C2 - Controlled Access Protection
C2
Mandatory access control
7. What model use an access control triples and requires that the system maintain separation of duty ?
A and B
Access Matrix model
Accountability - Orange Book
Clark-Wilson
8. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Simple Security Rule
C2 - Controlled Access Protection
The Security Kernel
D
9. A Policy based control. All objects and systems have a sensitivity level assigned to them
Dedicated Security Mode
Accountability - Orange Book
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
10. Applications and user activity
C1 - Discrection Security Protection is a type of environment
Ring 3
Assigned labels
Its classification label (Top Secret - Secret or confidential)
11. Which TCSEC level first addresses object reuse?
C2
Assigned labels
Higher or equal to access class
Orange Book - A1
12. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Buffer overflows
Orange Book - B2
Attributable data
The Tranqulity principle (The Bell-LaPadula Model)
13. A is a form of EPROM - but its data storage can be erased and modified electrically by onboard programming circuitry and signals.
Trusted Products Evaluation Program (TPEP)
Ring 0
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Attributable data
14. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Polyinstantiation
All Mandatory Access Control (MAC) systems
A Layered Operating System Architecure
Most commonly used approach
15. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Storage and timing
The National Computer Security Center (NCSC)
Ring 1
The security perimeter
16. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Division B - Mandatory Protection
Division C - Discretionary Protection
Basic Security Theorem (used in computer science) definition
Firmware
17. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Multilevel Security Policies
The "No read Up" rule
Evaluated separately
No read up
18. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Models concerned with integrity
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Access control to the objects by the subjects
Orange Book - B2
19. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Disclosure of residual data
Controlling unauthorized downgrading of information
No write down
A Domain
20. A set of objects that a subject is able to access
A Domain
C2
Prevent secret information from being accessed
Physical security
21. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Orange Book - B1
Invocation Property
Accreditation
C2
22. Individual subjects must be uniquely identified.
Orange Book - B3
Bell-LaPadula Model
C2 - Controlled Access Protection
Identification - Orange Book
23. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
'Dominate'
Need-to-know
Primary storage
Clark-Wilson Model
24. The Biba Model adresses _____________________.
Security Policy is clearly defined and documented
Trusted Products Evaluation Program (TPEP)
The Integrity of data within applications
Assigned labels
25. The assignment of a specific individual to administer the security-related functions of a system.
Covert channels
Trusted facility management
Security rating B
Integrity
26. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Prohibits
The National Computer Security Center (NCSC)
The security perimeter
28. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
The Common Criteria
Security Policy - Orange Book
Firmware
Orange Book ratings
29. Documentation must be provided - including test - design - and specification document - user guides and manuals
Swap Space
Ring 2
B3
Documentation - Orange Book
30. The security kernel is the mechanism that _____________ of the reference monitor concept.
The National Computer Security Center (NCSC)
Orange Book ratings
Orange Book - A1
Enforces the rules
31. Which can be used as a covert channel?
The "No write Down" Rule
Division B - Mandatory Protection
Life-cycle assurance - O/B
Storage and timing
32. Which is a straightforward approach that provides access rights to subjects for objects?
Access Matrix model
Invocation Property
Labels - Orange Book
A Limit Register (Memory Management)
33. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Orange Book C
Examples of Layered Operating Systems
'Dominate'
Simple Integrity Axiom
34. Discretionary protection
The Tranqulity principle (The Bell-LaPadula Model)
Relative Addresses
Physical security
Orange Book C
35. Mandatory Access requires that _____________ be attached to all objects.
Be protected from modification
No read up
Swap Space
Sensitivity labels
36. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
C1
Dedicated Security Mode
Enforces the rules
D
37. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
All Mandatory Access Control (MAC) systems
Division C - Discretionary Protection
Erasable and Programmable Read-Only Memory (EPROM)
Operational assurance requirements
38. The Indexed memory addresses that software uses
Attributable - original - accurate - contemporaneous and legible
Logical addresses
Discretionary Security Property (ds-property)
C2 - Controlled Access Protection
39. Which in the Orange Book ratings represents the highest level of trust?
Division D - Minimal Protection
The rule is talking about "Reading"
Direct addressing
B2
40. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Basic Security Theorem (used in computer science) definition
C2 - Controlled Access Protection
NOT Integrity
The Evaluated Products List (EPL) with their corresponding rating
42. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Trusted hardware - Software and Firmware
All Mandatory Access Control (MAC) systems
Dedicated Security Mode
C2 - Controlled Access Protection
43. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
Overt channel
C2 - Controlled Access Protection
The Evaluated Products List (EPL) with their corresponding rating
44. The Orange book requires protection against two_____________ - which are these Timing and Storage
A Domain
Types of covert channels
Multilevel Security Policies
Labels - Orange Book
45. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
Clark-Wilson Model
Certification
The National Computer Security Center (NCSC)
D
46. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
C2 - Controlled Access Protection
A lattice of Intergrity Levels
Implement software or systems in a production environment
Government and military applications
47. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Orange Book - B3
Orange Book A
B3
The National Computer Security Center (NCSC)
48. Succesfully Evaluated products are placed on?
The Evaluated Products List (EPL) with their corresponding rating
Indexed addressing
Networks and Communications
C2 - Controlled Access Protection
49. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
Real storage
The Red Book
*-Integrity Axiom
Models concerned with integrity
50. Permits a database to have two records that are identical except for Their classifications
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Polyinstantiation
A security kernel
*-Integrity Axiom