SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
attributability
B3 - Security Domains
B3 - Rating
The "No write Down" Rule
2. In ______________ the subject must have: Need to Know for ALL the information contained within the system.
Disclosure of residual data
Orange Book - B1
Dedicated Security Mode
Trusted Distribution
3. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
C1 - Discretionary Security Protection
Orange Book - D
An abstract machine
Integrity
4. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
Indirect addressing
TCB (Trusted Computing Base)
A security kernel
Need-to-know
5. In the Bell-LaPadula Model the Subject's Label contains ___________________.
Virtual Memory
The *-Property rule (Star property)
Its Clearance Label (Top Secret - Secret - or Confidential)
Be protected from modification
6. When the RAM and secondary storage are combined the result is __________.
Virtual Memory
Documentation - Orange Book
Erasable and Programmable Read-Only Memory (EPROM)
The Simple Security Property
7. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Controls the checks
Security mechanisms and evalautes their effectivenes
B1
State machine model
8. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Dedicated Security Mode
Security rating B
The Evaluated Products List (EPL) with their corresponding rating
Simple Integrity Axiom
9. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Scalar processors
B3
The Tranqulity principle (The Bell-LaPadula Model)
Labels - Orange Book
10. When a vendor submits a product for evaluation - it submits it to the ____________.
Bell-LaPadula Model
The National Computer Security Center (NCSC)
Totality of protection mechanisms
Government and military applications
11. A set of objects that a subject is able to access
The security kernel
Accreditation
A Domain
Fail safe
12. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.
Execution Domain
Buffer (temporary data storage area)
Security mechanisms and evalautes their effectivenes
In C2 - Controlled Access Protection environment
13. Permits a database to have two records that are identical except for Their classifications
Prevent secret information from being accessed
Polyinstantiation
First evaluation class
No read up
14. Bell-LaPadula model was proposed for enforcing access control in _____________________.
A1
Buffer overflows
Government and military applications
The Security Kernel
15. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
B1 - Labeled Security
Orange Book ratings
Examples of Layered Operating Systems
Orange Book B
16. What model use an access control triples and requires that the system maintain separation of duty ?
A Thread
Clark-Wilson
NOT Integrity
Storage and timing
17. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
Government and military applications
C2
Life-cycle assurance - O/B
Swap Space
18. When the address location that is specified in the program instruction contains the address of the final desired location.
Networks and Communications
Basic Security Theorem (used in computer science) definition
Indirect addressing
Secondary Storage
19. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Enforces the rules
The Rule is talking about writing
B2 - Structured Protection
C2
20. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
The rule is talking about "Reading"
The Monolithic Operation system Architecture
Attributable data
21. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Involves sharing the processor amoung all ready processes
Virtual Memory
Multitasking
Storage and timing
C2 - Controlled Access Protection
23. Which can be used as a covert channel?
Access Matrix model
Virtual storage
Storage and timing
Operational assurance requirements
24. The subject must have Need to Know for ONLY the information they are trying to access.
System High Security Mode
Orange Book A
International Standard 15408
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
25. Which TCSEC level first addresses object reuse?
C2
Reduced Instruction Set Computers (RISC)
Invocation Property
The Security Kernel
26. Discretionary protection
Division D - Minimal Protection
Execution Domain
The "No read Up" rule
Orange Book C
27. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
The Rule is talking about writing
Orange Book ratings
Overt channel
Security mechanisms and evalautes their effectivenes
28. The assignment of a specific individual to administer the security-related functions of a system.
Ring 3
Virtual Memory
Trusted facility management
Labels - Orange Book
29. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1
Continuous protection - O/B
C1 - Discretionary Security Protection
B2
30. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
B2 rating
Operational assurance requirements
Multitasking
Direct Addressing
31. Execute one instruction at a time.
Scalar processors
C1 - Discrection Security Protection is a type of environment
Process isolation
Sensitivity labels
32. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
B1 - Labeled Security rating
Certification
The Monolithic Operation system Architecture
Multitasking
33. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
B3
Division B - Mandatory Protection
Pipelining
Multilevel Security Policies
34. Intended for environments that require systems to handle classified data.
Networks and Communications
A Layered Operating System Architecure
The Rule is talking about writing
B1 - Labeled Security rating
35. Each data object must contain a classification label and each subject must have a clearance label.
Trusted Products Evaluation Program (TPEP)
Attributable - original - accurate - contemporaneous and legible
B1 - Labeled Security
No read down
36. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The Trusted Computing Base (TCB)
Buffer overflows
Bell-LaPadula Model
Trusted hardware - Software and Firmware
37. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Cache Memory
Need-to-know
Controlling unauthorized downgrading of information
The Security Kernel
38. Which increases the performance in a computer by overlapping the steps of different instructions?
Prevent secret information from being accessed
Orange Book C
Pipelining
Accountability - Orange Book
39. Minimal Security
Buffer (temporary data storage area)
Multiprocessing
Orange Book - D
Its Clearance Label (Top Secret - Secret - or Confidential)
40. Access control labels must be associated properly with objects.
Types of covert channels
Labels - Orange Book
Identification - Orange Book
Protection Rings Support
41. The Security Model Incorporates the ____________ that should be enforced in the system.
Security Policy
Dominate the object's sensitivity label
The Trusted Computing Base (TCB)
In C2 - Controlled Access Protection environment
42. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Orange Book - B2
Accreditation
Integrity
43. Operating System Kernel
The Simple Security Property
Orange Book - B1
Ring 0
Simple Integrity Axiom
44. I/O drivers and utilities
B2 rating
Ring 2
Certification
B3 - Rating
45. The total combination of protection mechanisms within a computer system
Types of covert channels
B2 - Structured Protection
TCB (Trusted Computing Base)
A1 - Rating
46. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
NOT Integrity
Ring 1
Covert channels
47. Contains the beginning address
C2
A Base Register (Memory Management)
Clark-Wilson
First evaluation class
48. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Security Policy is clearly defined and documented
Complex Instruction Set Computers (CISC)
Fail safe
C2
49. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
B3
The Simple Security Property
Compare the security labels
50. According to the Orange Book - trusted facility management is not required for which security levels?
Evaluated separately
B1
Access Matrix model
Orange Book B
