Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.






2. Applications and user activity






3. A Policy based control. All objects and systems have a sensitivity level assigned to them






4. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






5. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






6. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.






7. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






8. Individual subjects must be uniquely identified.






9. Should always trace to individuals responsible for observing and recording the data






10. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






11. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)






12. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






13. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.






14. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when






15. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






16. The Biba Model adresses _____________________.






17. Used by Windows systems to reserve the "Swap Space"






18. What does the Clark-Wilson security model focus on






19. According to the Orange Book - trusted facility management is not required for which security levels?






20. TCSEC provides a means to evaluate ______________________.






21. An abstract machine which must mediate all access to subjects to objects - be protected from modification - be verifiable as correct - and is always invoked






22. As per FDA data should be ______________________________.






23. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






24. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.






25. The subject must have Need to Know for ONLY the information they are trying to access.






26. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. The TCB is the ________________ within a computer system that work together to enforce a security policy.






28. What access control technique is also known as multilevel security?






29. The combination of RAM - Cache and the Processor Registers






30. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






31. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?






32. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






33. When the contents of the address defined in the program's instruction is added to that of an index register.






34. A type of memory used for High-speed writing and reading activities.






35. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma






36. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.






37. Based on a known address with an offset value applied.






38. The Orange book does NOT Cover ________________ - And Database management systems






39. A set of objects that a subject is able to access






40. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs






41. Succesfully Evaluated products are placed on?






42. Which computer design approaches is based on the fact that in earlier technologies - the instruction fetch was the longest part of the cycle






43. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.






44. The Orange book requires protection against two_____________ - which are these Timing and Storage






45. Contains the beginning address






46. Subjects and Objects cannot change their security levels once they have been instantiated (created)






47. The Physical memory address that the CPU uses






48. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






49. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






50. Which increases the performance in a computer by overlapping the steps of different instructions?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests