Test your basic knowledge |

CISSP Security Architecture And Design

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.






2. Should always trace to individuals responsible for observing and recording the data






3. The Orange book requires protection against two_____________ - which are these Timing and Storage






4. Individual subjects must be uniquely identified.






5. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.






6. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.






7. A set of objects that a subject is able to access






8. If an operating system permits executable objects to be used sequentially by multiple users without a refresh of the objects - what security problem is most likely to exist?






9. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.






10. What is called the formal acceptance of the adequacy of a system's overall security by management?






11. What prevents a process from accessing another process' data?






12. Buffer overflows occurs when a program or process tries to store more data in a _____________ than it was intended to hold.






13. Applications and user activity






14. The C2 evaluation class of the _________________ offers controlled access protection.






15. The group that oversees the processes of evaluation within TCSEC is?






16. Trusted facility management is an assurance requirement only for ________________.






17. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards






18. What does the simple integrity axiom mean in the Biba model?






19. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.






20. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise






21. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)






22. Subjects and Objects cannot change their security levels once they have been instantiated (created)






23. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.






24. An organization within the National Security Agency (NSA) is responsible for Evaluating computer systems and products. The Trusted Product Evaluation program (TPEP) oversees the testing by approved entities of commercial products against a specific s






25. When the RAM and secondary storage are combined the result is __________.






26. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity






27. Requires more stringent authentication mechanisms and well-defined interfaces among layers.






28. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.






29. The Biba Model adresses _____________________.






30. The combination of RAM - Cache and the Processor Registers






31. When the address location that is specified in the program instruction contains the address of the final desired location.






32. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction






33. In the Bell-LaPadula Model the Subject's Label contains ___________________.






34. A Policy based control. All objects and systems have a sensitivity level assigned to them






35. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.






36. Each data object must contain a classification label and each subject must have a clearance label.






37. Components considered as part of the Trusted Computing Base (from the Orange Book) are?






38. Which is an ISO standard product evaluation criteria that supersedes several different criteria






39. The total combination of protection mechanisms within a computer system






40. Contains the ending address






41. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.






42. System Architecture that separates system functionality into Hierarchical layers






43. Can be erased - modified and upgraded.






44. Security Labels are not required until __________; thus C2 does not require security labels but B1 does






45. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"






46. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.






47. Which Orange Book evaluation level is described as "Discretionary Security Protection"?






48. Discretionary protection






49. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.






50. A subject at a given clearance may not read an object at a higher classification