Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.






2. The TCB is the ________________ within a computer system that work together to enforce a security policy.






3. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain






4. Mandatory access control is enfored by the use of security labels.






5. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.






6. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space






7. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






8. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






9. What does the * (star) property mean in the Bell-LaPadula model?






10. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu






11. When a computer uses more than one CPU in parallel to execute instructions is known as?






12. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






13. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m






14. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system






15. A system uses the Reference Monitor to ___________________ of a subject and an object?






16. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?






17. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object






18. In the Bell-LaPadula Model the Object's Label contains ___________________.






19. Verification Protection






20. Based on a known address with an offset value applied.






21. The C2 evaluation class of the _________________ offers controlled access protection.






22. The Security Model Incorporates the ____________ that should be enforced in the system.






23. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






24. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.






25. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.






26. Audit data must be captured and protected to enforce accountability






27. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.






28. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






29. Mandatory Protection






30. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






31. What are the components of an object's sensitivity label?






32. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.






33. Execute one instruction at a time.






34. Which is a straightforward approach that provides access rights to subjects for objects?






35. Which TCSEC level first addresses object reuse?






36. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






37. What does the Clark-Wilson security model focus on






38. Applications and user activity






39. B1 is also called "Labeled Security" and each data object must have a classification label and each subject a clearance label. On each access attempt - the classification and clearance are checked to verify that the access is permissible.






40. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.






41. Users need to be Identified individually to provide more precise acces control and auditing functionality.






42. The Bell-LaPadula model Subjects and Objects are ___________.






43. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






44. When the RAM and secondary storage are combined the result is __________.






45. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






46. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?






47. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






48. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






49. Which increases the performance in a computer by overlapping the steps of different instructions?






50. When the contents of the address defined in the program's instruction is added to that of an index register.