SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Execute one instruction at a time.
Orange Book - D
Scalar processors
Orange Book - A1
Orange Book - B3
2. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
The Monolithic Operation system Architecture
Firmware
Government and military applications
Trusted Network Interpretation (TNI)
3. The Biba Model adresses _____________________.
Simple Security Rule
A Base Register (Memory Management)
Bell-LaPadula Model
The Integrity of data within applications
4. A set of objects that a subject is able to access
B3 - Security Domains
A Domain
The Tranqulity principle (The Bell-LaPadula Model)
Types of covert channels
5. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
Simple Integrity Axiom
Attributable - original - accurate - contemporaneous and legible
The Tranqulity principle (The Bell-LaPadula Model)
Mandatory Access Control (MAC)
7. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Disclosure of residual data
In C2 - Controlled Access Protection environment
The trustworthiness of an information system
Simple Integrity Axiom
8. The Policy must be explicit and well defined and enforced by the mechanisms within the system
System High Security Mode
Orange Book interpretations
A Layered Operating System Architecure
Security Policy - Orange Book
9. What does the simple security (ss) property mean in the Bell-LaPadula model?
Process isolation
No write down
Polyinstantiation
No read up
10. Used by Windows systems to reserve the "Swap Space"
Clark-Wilson
Pagefile.sys file
Multilevel Security Policies
The *-Property rule (Star property)
11. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Programmable Read-Only Memory (PROM)
Complex Instruction Set Computers (CISC)
Secondary Storage
A and B
12. What prevents a process from accessing another process' data?
Process isolation
NOT Integrity
A and B
The Common Criteria
13. Which describe a condition when RAM and Secondary storage are used together?
Pipelining
Life Cycle Assurance Requirement
Virtual storage
All Mandatory Access Control (MAC) systems
14. The Bell-LaPadula Model is a _______________.
Subject to Object Model
C1
International Standard 15408
Programmable Read-Only Memory (PROM)
15. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
System High Security Mode
Trusted facility management
Certification
The security perimeter
16. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
C2
D
*-Integrity Axiom
Ring 1
17. A system uses the Reference Monitor to ___________________ of a subject and an object?
Ring 1
The Common Criteria
Compare the security labels
The Monolithic Operation system Architecture
18. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Division D - Minimal Protection
Virtual Memory
Orange Book - D
The security kernel
19. Intended for environments that require systems to handle classified data.
B3 - Rating
Primary storage
No read down
B1 - Labeled Security rating
20. When a computer uses more than one CPU in parallel to execute instructions is known as?
Multiprocessing
Security Policy - Orange Book
B2
Access Matrix model
21. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
C1
A Limit Register (Memory Management)
The *-Property rule (Star property)
Fail safe
22. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Networks and Communications
Division D - Minimal Protection
Protection Rings Support
Continuous protection - O/B
23. The total combination of protection mechanisms within a computer system
TCB (Trusted Computing Base)
No read down
The Evaluated Products List (EPL) with their corresponding rating
Basic Security Theorem (used in computer science) definition
24. Minimal Security
Orange Book interpretations
Accountability - Orange Book
System High Security Mode
Orange Book - D
25. What does the simple integrity axiom mean in the Biba model?
Simple Integrity Axiom
Indirect addressing
No read down
Simple Security Rule
26. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
The Thread (memory Management)
B2 - Structured Protection
Real storage
Buffer overflows
27. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
Need-to-know
C2 - Controlled Access Protection
C1 - Discretionary Security Protection
Mandatory access control
28. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Orange Book A
The Biba Model
Administrative declaration
Operational assurance requirements
30. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
NOT Integrity
Mandatory access control
Trusted hardware - Software and Firmware
No read up
31. A subject at a given clearance may not read an object at a higher classification
Be protected from modification
Operational assurance requirements
Absolute addresses
The Simple Security Property
32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Indirect addressing
attributability
B2
The Biba Model
33. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Constrained
A Limit Register (Memory Management)
B2
Execution Domain
34. Audit data must be captured and protected to enforce accountability
Dedicated Security Mode
Clark-Wilson Model
A1 - Rating
Accountability - Orange Book
35. Simpler instructions that require fewer clock cycles to execute.
Trusted Network Interpretation (TNI)
Multilevel Security Policies
The Common Criteria
Reduced Instruction Set Computers (RISC)
36. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Invocation Property
A security kernel
Indirect addressing
A1 - Rating
37. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Complex Instruction Set Computers (CISC)
State machine model
The National Computer Security Center (NCSC)
Attributable - original - accurate - contemporaneous and legible
38. Operating System Kernel
Trusted facility management
B2
C2
Ring 0
39. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Swap Space
Simple Security Rule
A Thread
The Clark Wilson integrity model
40. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
B3 - Security Domains
Higher or equal to access class
Programmable Read-Only Memory (PROM)
Controls the checks
41. Contains an Address of where the instruction and dara reside that need to be processed.
Prohibits
The Thread (memory Management)
Protection Rings Support
Orange Book - B3
42. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
Process isolation
Division C - Discretionary Protection
Models concerned with integrity
Evaluated separately
43. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
A1 - Rating
Administrative declaration
Operational assurance requirements
Bell-LaPadula Model
44. Which is a straightforward approach that provides access rights to subjects for objects?
Accountability - Orange Book
Most commonly used approach
No read down
Access Matrix model
45. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
The Red Book
Life-cycle assurance - O/B
The rule is talking about "Reading"
46. Contains the ending address
A Limit Register (Memory Management)
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
C2
B1 - Labeled Security
47. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
B3 - Security Domains
B3
Controls the checks
C1 - Discrection Security Protection is a type of environment
48. What does the Clark-Wilson security model focus on
Integrity
C2 - Controlled Access Protection
Isolate processes
The "No read Up" rule
49. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Ring 2
C2
Orange Book - B2
Identification - Orange Book
50. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Physical security
A Thread
Execution Domain
