SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. Contains the beginning address
A Base Register (Memory Management)
Programmable Read-Only Memory (PROM)
C1
Access Matrix model
3. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
The Red Book
Its Clearance Label (Top Secret - Secret - or Confidential)
Accreditation
4. Minimal Security
A Limit Register (Memory Management)
C2 - Controlled Access Protection
Orange Book - D
C1 - Discretionary Security Protection
5. Which is an ISO standard product evaluation criteria that supersedes several different criteria
System High Security Mode
Thrashing
Compare the security labels
The Common Criteria
6. Verification Protection
Examples of Layered Operating Systems
A security domain
The security kernel
Orange Book A
7. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
B3 - Security Domains
C1 - Discretionary Security Protection
Scalar processors
Complex Instruction Set Computers (CISC)
8. Operating System Kernel
B3 - Rating
Ring 0
A1 - Rating
Division C - Discretionary Protection
9. A type of memory used for High-speed writing and reading activities.
Cache Memory
The Integrity of data within applications
The TCSEC - Aka Orange Book
C2
10. Audit data must be captured and protected to enforce accountability
A security domain
Accountability - Orange Book
Clark-Wilson Model
Ring 0
11. Which would be designated as objects on a MAC system?
Models concerned with integrity
Files - directories and devices
Controls the checks
B1 - Labeled Security
12. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
A Layered Operating System Architecure
Continuous protection - O/B
Need-to-know
13. When the contents of the address defined in the program's instruction is added to that of an index register.
Dedicated Security Mode
A single classification and a Compartment Set
Virtual storage
Indexed addressing
14. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
The security perimeter
Certification
Life Cycle Assurance Requirement
The Thread (memory Management)
15. Which in the Orange Book ratings represents the highest level of trust?
C2
Relative Addresses
B2
Indexed addressing
16. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Division B - Mandatory Protection
A Base Register (Memory Management)
C2 - Controlled Access Protection
Stored in Reak Memory
17. What is called the formal acceptance of the adequacy of a system's overall security by management?
Logical addresses
Accreditation
The Strong star property rule
State machine model
18. Involves sharing the processor amoung all ready processes
The Rule is talking about writing
Files - directories and devices
Orange Book A
Multitasking
19. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
The Strong star property rule
Be protected from modification
Thrashing
Totality of protection mechanisms
20. What does the * (star) property mean in the Bell-LaPadula model?
C2
Access control to the objects by the subjects
No write down
A Domain
21. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
System High Security Mode
Accreditation
Implement software or systems in a production environment
Orange Book - B1
22. Remaining parts of the operating system
Ring 1
Pipelining
Trusted Distribution
Orange Book - A1
23. What access control technique is also known as multilevel security?
Direct addressing
Clark-Wilson
Administrative declaration
Mandatory access control
24. The total combination of protection mechanisms within a computer system
Integrity
The Rule is talking about writing
TCB (Trusted Computing Base)
Prohibits
25. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Swap Space
Higher or equal to access class
Controlling unauthorized downgrading of information
Attributable data
26. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
Physical security
NOT Integrity
No write down
Security Policy
27. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Enforces the rules
First evaluation class
The reference monitor
Prevent secret information from being accessed
28. TCSEC provides a means to evaluate ______________________.
Multilevel Security Policies
The trustworthiness of an information system
Orange Book - B3
Division D - Minimal Protection
29. What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?
A Thread
A security domain
Security Policy - Orange Book
D
30. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
The TCSEC - Aka Orange Book
Multilevel Security Policies
Prevent secret information from being accessed
Access Matrix model
31. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
Physical security
Polyinstantiation
Multiprocessing
32. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
All Mandatory Access Control (MAC) systems
Need-to-know
A single classification and a Compartment Set
The *-Property rule (Star property)
33. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
A security kernel
Life Cycle Assurance Requirement
Orange Book - A1
B2 rating
34. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Division B - Mandatory Protection
First evaluation class
Security mechanisms and evalautes their effectivenes
35. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle
Examples of Layered Operating Systems
Storage and timing
Complex Instruction Set Computers (CISC)
Mandatory access control
36. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Access Matrix model
Bell-LaPadula Model
A and B
The security kernel
37. Which describe a condition when RAM and Secondary storage are used together?
Virtual storage
B1
D
Security Policy
38. Bell-LaPadula model was proposed for enforcing access control in _____________________.
B2 rating
Pipelining
Controlling unauthorized downgrading of information
Government and military applications
39. Should always trace to individuals responsible for observing and recording the data
Programmable Read-Only Memory (PROM)
C1 - Discretionary Security Protection
The Security Kernel
Attributable data
40. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
C2
Simple Integrity Axiom
Invocation Property
Be protected from modification
41. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
A lattice of Intergrity Levels
Orange Book interpretations
Life Cycle Assurance Requirement
Security rating B
42. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Division B - Mandatory Protection Architecture
Fail safe
Buffer (temporary data storage area)
C2
43. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
A lattice of Intergrity Levels
A security kernel
Government and military applications
Certification
44. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
Physical security
Life-cycle assurance - O/B
Mandatory Access Control (MAC)
45. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
Scalar processors
Orange Book B
Bell-LaPadula Model
Orange Book interpretations
46. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?
Indirect addressing
The security perimeter
The National Computer Security Center (NCSC)
Physical security
47. The Bell-LaPadula Model is a _______________.
Subject to Object Model
Reduced Instruction Set Computers (RISC)
Pipelining
Buffer overflows
48. A system uses the Reference Monitor to ___________________ of a subject and an object?
Mandatory Access Control (MAC)
Multitasking
Compare the security labels
State machine model
49. The security kernel is the mechanism that _____________ of the reference monitor concept.
Enforces the rules
System High Security Mode
Bell-LaPadula Model
Prohibits
50. The C2 evaluation class of the _________________ offers controlled access protection.
Trusted Network Interpretation (TNI)
Prohibits
The rule is talking about "Reading"
Dominate the object's sensitivity label
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests