Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






2. Which is a straightforward approach that provides access rights to subjects for objects?






3. Data in Cache can be accessed much more quickly than Data






4. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.






5. Contains an Address of where the instruction and dara reside that need to be processed.






6. Succesfully Evaluated products are placed on?






7. Which would be designated as objects on a MAC system?






8. TCB contains The Security Kernel and all ______________.






9. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.






10. An imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?






11. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?






12. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.






13. Minimal Security






14. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.






15. A1 is also called "Verified Design" and requires formal verification of the design and specifications.






16. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






17. In ______________ the subject must have: Need to Know for ALL the information contained within the system.






18. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






19. Contains the beginning address






20. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






21. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.






22. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data






23. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






24. Audit data must be captured and protected to enforce accountability






25. Intended for environments that require systems to handle classified data.






26. What prevents a process from accessing another process' data?






27. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?






28. The *-Property rule is refered to as ____________.






29. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?






30. The Simple Security rule is refered to as______________.






31. In the Bell-LaPadula Model the Subject's Label contains ___________________.






32. The C2 evaluation class of the _________________ offers controlled access protection.






33. Which can be used as a covert channel?






34. A type of memory used for High-speed writing and reading activities.






35. What does the * (star) property mean in the Bell-LaPadula model?






36. In the Bell-LaPadula Model the Object's Label contains ___________________.






37. According to the Orange Book - trusted facility management is not required for which security levels?






38. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.






39. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)






40. Simpler instructions that require fewer clock cycles to execute.






41. The total combination of protection mechanisms within a computer system






42. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.






43. Happen because input data is not checked for appropriate length at time of input






44. The Bell-LaPadula Model is a _______________.






45. Bell-LaPadula Model - ______________: A subject that has read and write capabilities can only perform those functions at the same security level - nothing higher and nothing lower.






46. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






47. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities






48. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.






49. Discretionary protection






50. In B2 Distinct address spaces must be provided to _________ - and a covert channel analysis is conducted. B2 adds assurance by adding requirements to the design of the system