SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Be protected from modification
The Tranqulity principle (The Bell-LaPadula Model)
Direct Addressing
Storage and timing
2. Which is an ISO standard product evaluation criteria that supersedes several different criteria
The Common Criteria
Reduced Instruction Set Computers (RISC)
Security Policy is clearly defined and documented
Polyinstantiation
3. Which TCSEC level first addresses object reuse?
C2
D
Orange Book - A1
Thrashing
4. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
System High Security Mode
The Tranqulity principle (The Bell-LaPadula Model)
Continuous protection - O/B
Fail safe
5. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
The *-Property rule (Star property)
Integrity
Real storage
6. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
The Simple Security Property
Continuous protection - O/B
The Rule is talking about writing
7. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
A Base Register (Memory Management)
State machine model
Controlling unauthorized downgrading of information
8. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
'Dominate'
Orange Book - D
Orange Book - A1
Networks and Communications
9. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
Mandatory access control
The rule is talking about "Reading"
Swap Space
attributability
10. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Programmable Read-Only Memory (PROM)
Administrative declaration
Continuous protection - O/B
Security Policy is clearly defined and documented
11. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
Polyinstantiation
B1 - Labeled Security
B1 - Labeled Security rating
Invocation Property
12. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
B2 - Structured Protection
The Strong star property rule
Direct Addressing
Indexed addressing
13. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Division B - Mandatory Protection
Its Clearance Label (Top Secret - Secret - or Confidential)
Its classification label (Top Secret - Secret or confidential)
The security perimeter
14. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Division D - Minimal Protection
Security mechanisms and evalautes their effectivenes
Implement software or systems in a production environment
Dedicated Security Mode
15. Which increases the performance in a computer by overlapping the steps of different instructions?
Pipelining
Assigned labels
Documentation - Orange Book
A Base Register (Memory Management)
16. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
Orange Book - B2
Security Policy is clearly defined and documented
Prohibits
Physical security
17. When a vendor submits a product for evaluation - it submits it to the ____________.
Complex Instruction Set Computers (CISC)
Orange Book - B3
The security perimeter
The National Computer Security Center (NCSC)
18. The combination of RAM - Cache and the Processor Registers
Documentation - Orange Book
Primary storage
NOT Integrity
C2
19. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
The Evaluated Products List (EPL) with their corresponding rating
Examples of Layered Operating Systems
Covert channels
20. In the Bell-LaPadula Model the Object's Label contains ___________________.
Controlling unauthorized downgrading of information
A Domain
Its classification label (Top Secret - Secret or confidential)
A and B
21. Used by Windows systems to reserve the "Swap Space"
International Standard 15408
Pagefile.sys file
The Security Kernel
B2 rating
22. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
Fail safe
Physical security
Orange Book B
C2 - Controlled Access Protection
23. Which in the Orange Book ratings represents the highest level of trust?
Multiprocessing
Trusted Distribution
B2
Secondary Storage
24. The Simple Security rule is refered to as______________.
Erasable and Programmable Read-Only Memory (EPROM)
Continuous protection - O/B
System High Security Mode
The "No read Up" rule
25. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Simple Integrity Axiom
A1
Administrative declaration
Access control to the objects by the subjects
26. Mandatory Protection
Documentation - Orange Book
Orange Book B
A1
The rule is talking about "Reading"
27. Audit data must be captured and protected to enforce accountability
Security mechanisms and evalautes their effectivenes
Accountability - Orange Book
A security domain
B3 - Security Domains
28. The Indexed memory addresses that software uses
Simple Security Rule
Higher or equal to access class
Logical addresses
*-Integrity Axiom
29. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Cache Memory
Logical addresses
Orange Book - B2
A and B
30. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Swap Space
Orange Book B
Higher or equal to access class
Controls the checks
31. What does the * (star) property mean in the Bell-LaPadula model?
Documentation - Orange Book
No write down
The Integrity of data within applications
Orange Book C
32. Which Orange Book evaluation level is described as "Discretionary Security Protection"?
B3
Scalar processors
C1
The reference monitor
33. Which Orange Book evaluation level is described as "Verified Design"?
A1
Constrained
The National Computer Security Center (NCSC)
Orange Book ratings
34. Which can be used as a covert channel?
Storage and timing
B1 - Labeled Security rating
Higher or equal to access class
Files - directories and devices
35. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
The Security Kernel
Dedicated Security Mode
Secondary Storage
A Base Register (Memory Management)
36. I/O drivers and utilities
Multiprocessing
Continuous protection - O/B
Ring 2
C2
37. The reference monitor is an access control concept - Referring to ________________ that mediates all accesses to objects by subjects based on information in an access control database.
An abstract machine
The Strong star property rule
Process isolation
Division D - Minimal Protection
38. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
Disclosure of residual data
Firmware
All Mandatory Access Control (MAC) systems
Integrity
39. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Discretionary Security Property (ds-property)
C1 - Discrection Security Protection is a type of environment
Direct Addressing
The National Computer Security Center (NCSC)
40. TCB contains The Security Kernel and all ______________.
Simple Integrity Axiom
C1 - Discrection Security Protection is a type of environment
Compare the security labels
security protection mechanisms
41. Has two individual assurace ratings. C1 and C2. The Higher the number of assurance rating the greater the protection
A Limit Register (Memory Management)
Orange Book C
A and B
Division C - Discretionary Protection
42. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Clark-Wilson Model
Simple Security Rule
Programmable Read-Only Memory (PROM)
43. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.
Trusted hardware - Software and Firmware
Cache Memory
The Strong star property rule
Multitasking
44. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
C2
Integrity
Trusted Distribution
The reference monitor
45. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Discretionary Security Property (ds-property)
Prevent secret information from being accessed
Clark-Wilson Model
Orange Book A
46. A subject at a given clearance may not read an object at a higher classification
Direct Addressing
Mandatory Access Control (MAC)
The Simple Security Property
B2 rating
47. Can be erased - modified and upgraded.
Mandatory access control
The trustworthiness of an information system
Direct Addressing
Erasable and Programmable Read-Only Memory (EPROM)
48. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Cache Memory
Orange Book - B3
Ring 0
Bell-LaPadula Model
49. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
First evaluation class
Constrained
Programmable Read-Only Memory (PROM)
The Red Book
50. Ensuring thta information does not flow from a higher security lever to a lower level in the Bell-LaPadula Model is referred to as ___________________ - which would take place through a "write down" operation. (An actual compromise occurs if and when
Controlling unauthorized downgrading of information
Firmware
Labels - Orange Book
Basic Security Theorem (used in computer science) definition
