SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A set of objects that a subject is able to access
Swap Space
Orange Book ratings
TCB (Trusted Computing Base)
A Domain
2. What prevents a process from accessing another process' data?
Ring 0
Process isolation
Integrity
Security Policy is clearly defined and documented
3. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Covert channels
C2 - Controlled Access Protection
Evaluated separately
B2 rating
4. The Orange book requires protection against two_____________ - which are these Timing and Storage
Dedicated Security Mode
Constrained
The National Computer Security Center (NCSC)
Types of covert channels
5. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Storage and timing
Accreditation
Mandatory access control
B3 - Security Domains
6. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Security mechanisms and evalautes their effectivenes
Ring 2
Constrained
The security perimeter
7. Access control labels must be associated properly with objects.
Fail safe
Labels - Orange Book
Division B - Mandatory Protection Architecture
Highly secure systems (B2 - B3 and A1)
8. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Continuous protection - O/B
Fail safe
Orange Book interpretations
B2 - Structured Protection
9. Contains an Address of where the instruction and dara reside that need to be processed.
An abstract machine
The Thread (memory Management)
Division B - Mandatory Protection Architecture
The Trusted Computing Base (TCB)
10. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Indirect addressing
No write down
Prevent secret information from being accessed
The rule is talking about "Reading"
11. Which is an ISO standard product evaluation criteria that supersedes several different criteria
Real storage
C2
C1 - Discrection Security Protection is a type of environment
The Common Criteria
12. According to the Orange Book - trusted facility management is not required for which security levels?
B1
'Dominate'
Virtual Memory
Real storage
13. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
Division B - Mandatory Protection Architecture
Files - directories and devices
Isolate processes
Orange Book B
14. What does the simple integrity axiom mean in the Biba model?
*-Integrity Axiom
No read down
Primary storage
The National Computer Security Center (NCSC)
15. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Protection Rings Support
The security perimeter
Its Clearance Label (Top Secret - Secret - or Confidential)
Buffer (temporary data storage area)
16. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
Orange Book ratings
Clark-Wilson Model
The Monolithic Operation system Architecture
Continuous protection - O/B
17. In access control terms - the word "dominate" refers to ___________.
Mandatory Access Control (MAC)
Prevent secret information from being accessed
Higher or equal to access class
Pagefile.sys file
18. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Trusted facility management
Most commonly used approach
Programmable Read-Only Memory (PROM)
The security perimeter
19. What does the Clark-Wilson security model focus on
Integrity
Higher or equal to access class
Multitasking
Types of covert channels
20. Mandatory Access requires that _____________ be attached to all objects.
Trusted Network Interpretation (TNI)
Sensitivity labels
No read down
Simple Security Rule
21. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Reduced Instruction Set Computers (RISC)
C2 - Controlled Access Protection
Orange Book - B2
Disclosure of residual data
22. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Simple Security Rule
Examples of Layered Operating Systems
The Biba Model
Multiprocessing
23. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Examples of Layered Operating Systems
B1 - Labeled Security rating
A Base Register (Memory Management)
Physical security
24. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Multilevel Security Policies
attributability
B1 - Labeled Security rating
State machine model
25. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
C1
Its classification label (Top Secret - Secret or confidential)
Orange Book - B2
Trusted Products Evaluation Program (TPEP)
26. The combination of RAM - Cache and the Processor Registers
Mandatory access control
Primary storage
The reference monitor
Orange Book ratings
27. Individual subjects must be uniquely identified.
Identification - Orange Book
Stored in Reak Memory
B1
Government and military applications
28. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. The Simple Security rule is refered to as______________.
The "No read Up" rule
*-Integrity Axiom
Implement software or systems in a production environment
Indexed addressing
30. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
B2
The Common Criteria
A1 - Rating
31. Contains the ending address
Orange Book - B3
A Thread
Continuous protection - O/B
A Limit Register (Memory Management)
32. Mediates all access and Functions between subjects and objects.
The Security Kernel
B1 - Labeled Security rating
Multilevel Security Policies
Life Cycle Assurance Requirement
33. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.
Orange Book - B1
Stored in Reak Memory
Orange Book interpretations
Simple Security Rule
34. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Pagefile.sys file
Continuous protection - O/B
security protection mechanisms
Attributable - original - accurate - contemporaneous and legible
35. Which Orange Book evaluation level is described as "Verified Design"?
Sensitivity labels
A1
A Thread
Attributable data
36. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Life-cycle assurance - O/B
Controls the checks
The "No read Up" rule
C1 - Discretionary Security Protection
37. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Certification
Stored in Reak Memory
Orange Book ratings
B2 rating
38. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
D
B2 - Structured Protection
Indirect addressing
39. Can be erased - modified and upgraded.
Process isolation
Erasable and Programmable Read-Only Memory (EPROM)
TCB (Trusted Computing Base)
The Tranqulity principle (The Bell-LaPadula Model)
40. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
C1
Identification - Orange Book
Cache Memory
Constrained
41. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Primary storage
Protection Rings Support
D
Prevent secret information from being accessed
42. TCB contains The Security Kernel and all ______________.
security protection mechanisms
All Mandatory Access Control (MAC) systems
C2 - Controlled Access Protection
The Simple Security Property
43. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Complex Instruction Set Computers (CISC)
B3 - Rating
Attributable data
Its Clearance Label (Top Secret - Secret - or Confidential)
44. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
Its Clearance Label (Top Secret - Secret - or Confidential)
The Monolithic Operation system Architecture
C1 - Discretionary Security Protection
The Security Kernel
45. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Prevent secret information from being accessed
Life-cycle assurance - O/B
First evaluation class
B2 - Structured Protection
46. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
The Biba Model
Complex Instruction Set Computers (CISC)
attributability
Need-to-know
47. The total combination of protection mechanisms within a computer system
B3
TCB (Trusted Computing Base)
Scalar processors
Types of covert channels
48. Which would be designated as objects on a MAC system?
Files - directories and devices
B2 - Structured Protection
Clark-Wilson Model
In C2 - Controlled Access Protection environment
49. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Orange Book - B3
Security Policy
Attributable data
50. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Secondary Storage
C2 - Controlled Access Protection
Orange Book - B3