SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCSEC provides a means to evaluate ______________________.
A1
The trustworthiness of an information system
C2 - Controlled Access Protection
The Thread (memory Management)
2. A subject at a given clearance may not read an object at a higher classification
The Simple Security Property
C2 - Controlled Access Protection
Division C - Discretionary Protection
Sensitivity labels
3. The Biba Model adresses _____________________.
B1 - Labeled Security
Programmable Read-Only Memory (PROM)
Process isolation
The Integrity of data within applications
4. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
The National Computer Security Center (NCSC)
Models concerned with integrity
Identification - Orange Book
No read up
5. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
A single classification and a Compartment Set
The Rule is talking about writing
The Clark Wilson integrity model
Certification
6. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
No write down
Documentation - Orange Book
B1
Life-cycle assurance - O/B
7. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Stored in Reak Memory
Trusted hardware - Software and Firmware
Multitasking
Reduced Instruction Set Computers (RISC)
8. In the Bell-LaPadula Model the Object's Label contains ___________________.
Enforces the rules
Its classification label (Top Secret - Secret or confidential)
The "No read Up" rule
Implement software or systems in a production environment
9. For a subject to have read access to an object in a Multi-Level Security Policy - it is necessary that the subject's sensitivity label must ____________________.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
10. Access control labels must be associated properly with objects.
Highly secure systems (B2 - B3 and A1)
Continuous protection - O/B
Labels - Orange Book
The Strong star property rule
11. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
C2 - Controlled Access Protection
C1
The Thread (memory Management)
12. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
The trustworthiness of an information system
The Trusted Computing Base (TCB)
Highly secure systems (B2 - B3 and A1)
No read up
13. Contains an Address of where the instruction and dara reside that need to be processed.
The Thread (memory Management)
Dedicated Security Mode
attributability
Buffer (temporary data storage area)
14. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
Trusted Distribution
Division D - Minimal Protection
Types of covert channels
C1 - Discrection Security Protection is a type of environment
15. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Division B - Mandatory Protection
B3
First evaluation class
Secondary Storage
16. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Government and military applications
Examples of Layered Operating Systems
Division B - Mandatory Protection Architecture
Security Policy - Orange Book
17. Trusted facility management is an assurance requirement only for ________________.
Examples of Layered Operating Systems
Its classification label (Top Secret - Secret or confidential)
Highly secure systems (B2 - B3 and A1)
B3 - Rating
18. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Trusted Network Interpretation (TNI)
Networks and Communications
A Domain
B3 - Rating
19. What does the simple security (ss) property mean in the Bell-LaPadula model?
Assigned labels
The *-Property rule (Star property)
No read up
Process isolation
20. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
Ring 2
Direct Addressing
Bell-LaPadula Model
Trusted hardware - Software and Firmware
21. Bell-LaPadula Model - ____________ : A subject at a given security level can NOT READ data that reside at a higher security level.
System High Security Mode
Highly secure systems (B2 - B3 and A1)
Simple Security Rule
A and B
22. Audit data must be captured and protected to enforce accountability
Accountability - Orange Book
B1 - Labeled Security rating
Real storage
Bell-LaPadula Model
23. What is called the formal acceptance of the adequacy of a system's overall security by management?
Simple Security Rule
Logical addresses
Accreditation
Sensitivity labels
24. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
In C2 - Controlled Access Protection environment
The Integrity of data within applications
C2 - Controlled Access Protection
25. Individual subjects must be uniquely identified.
Identification - Orange Book
Documentation - Orange Book
The rule is talking about "Reading"
Be protected from modification
26. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
Life-cycle assurance - O/B
B3
The Thread (memory Management)
Buffer overflows
27. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
System High Security Mode
Multiprocessing
Dominate the object's sensitivity label
Physical security
28. The Indexed memory addresses that software uses
Logical addresses
B3 - Security Domains
Access control to the objects by the subjects
The Tranqulity principle (The Bell-LaPadula Model)
29. The Simple Security rule is refered to as______________.
Execution Domain
Need-to-know
B2 rating
The "No read Up" rule
30. Execute one instruction at a time.
Multitasking
Scalar processors
A Layered Operating System Architecure
Secondary Storage
31. What does the simple integrity axiom mean in the Biba model?
No read down
The reference monitor
Disclosure of residual data
Models concerned with integrity
32. What access control technique is also known as multilevel security?
Implement software or systems in a production environment
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Covert channels
Mandatory access control
33. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Evaluated separately
A security kernel
Prevent secret information from being accessed
The Simple Security Property
34. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
Controls the checks
Buffer (temporary data storage area)
A and B
Constrained
35. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security kernel
Indexed addressing
Isolate processes
Higher or equal to access class
36. Each data object must contain a classification label and each subject must have a clearance label.
Prohibits
B1 - Labeled Security
C2 - Controlled Access Protection
Ring 1
37. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
B3 - Security Domains
The Biba Model
Direct Addressing
The National Computer Security Center (NCSC)
38. Mandatory Protection
Orange Book ratings
B1 - Labeled Security rating
Real storage
Orange Book B
39. Verification Protection
Ring 3
The Red Book
Administrative declaration
Orange Book A
40. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Continuous protection - O/B
Need-to-know
Real storage
B2 rating
41. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Execution Domain
Programmable Read-Only Memory (PROM)
B1
Fail safe
42. Which describe a condition when RAM and Secondary storage are used together?
No read up
Virtual storage
TCB (Trusted Computing Base)
Polyinstantiation
43. The total combination of protection mechanisms within a computer system
Orange Book interpretations
Implement software or systems in a production environment
A Limit Register (Memory Management)
TCB (Trusted Computing Base)
44. When the RAM and secondary storage are combined the result is __________.
Dominate the object's sensitivity label
The security kernel
Virtual Memory
Trusted Products Evaluation Program (TPEP)
45. Mandatory access control is enfored by the use of security labels.
Implement software or systems in a production environment
Need-to-know
Higher or equal to access class
Division B - Mandatory Protection
46. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?
Disclosure of residual data
Isolate processes
B1
Life-cycle assurance - O/B
47. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A and B
Networks and Communications
Storage and timing
The "No write Down" Rule
48. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
Operational assurance requirements
C1
Orange Book - B3
The Rule is talking about writing
49. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Ring 2
The Biba Model
Division D - Minimal Protection
Most commonly used approach
50. Logical access control mechanisms are used to enforce authentication and the uniquenes of each individual's identification.
C2 - Controlled Access Protection
Ring 2
Assigned labels
TCB (Trusted Computing Base)
