SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
Orange Book interpretations
Life Cycle Assurance Requirement
Complex Instruction Set Computers (CISC)
Swap Space
2. Subjects and Objects cannot change their security levels once they have been instantiated (created)
Orange Book ratings
The Tranqulity principle (The Bell-LaPadula Model)
No write down
Trusted Distribution
3. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Strong star property rule
The Rule is talking about writing
Controlling unauthorized downgrading of information
Orange Book - A1
4. Mandatory access control is enfored by the use of security labels.
Division B - Mandatory Protection
Multilevel Security Policies
Simple Integrity Axiom
Examples of Layered Operating Systems
5. Can be erased - modified and upgraded.
The National Computer Security Center (NCSC)
Erasable and Programmable Read-Only Memory (EPROM)
The Security Kernel
Execution Domain
6. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Government and military applications
Trusted facility management
A lattice of Intergrity Levels
Programmable Read-Only Memory (PROM)
7. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
The security kernel
Orange Book - A1
State machine model
Firmware
8. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
Indirect addressing
Security rating B
Security Policy is clearly defined and documented
Overt channel
9. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Absolute addresses
Real storage
B2
10. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Execution Domain
Stored in Reak Memory
Orange Book ratings
Examples of Layered Operating Systems
11. Operating System Kernel
Orange Book interpretations
Ring 0
Security Policy
Access control to the objects by the subjects
12. Includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted.
Administrative declaration
The security perimeter
B1 - Labeled Security rating
*-Integrity Axiom
13. The Physical memory address that the CPU uses
All Mandatory Access Control (MAC) systems
A Thread
The Monolithic Operation system Architecture
Absolute addresses
14. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Division D - Minimal Protection
Reduced Instruction Set Computers (RISC)
Dominate the object's sensitivity label
Orange Book - A1
15. A type of memory used for High-speed writing and reading activities.
Cache Memory
Multiprocessing
Security Policy
Virtual Memory
16. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
B1 - Labeled Security rating
Operational assurance requirements
Orange Book A
Ring 1
17. Which describe a condition when RAM and Secondary storage are used together?
Security Policy is clearly defined and documented
Stored in Reak Memory
A security domain
Virtual storage
18. The *-Property rule is refered to as ____________.
International Standard 15408
In C2 - Controlled Access Protection environment
The "No write Down" Rule
The rule is talking about "Reading"
19. n this class more granularity is provided in each protection mechanism - and the programming code that is not necessary to support the security policy is excluded.
Virtual Memory
Logical addresses
Bell-LaPadula Model
B3 - Security Domains
20. A process that resides in a privileged domain to be able to execute its instructions and process its data with the assurance that programs in a different domain can NOT negatively affect its environment.
Bell-LaPadula Model
Execution Domain
C2 - Controlled Access Protection
The reference monitor
21. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
*-Integrity Axiom
Reduced Instruction Set Computers (RISC)
Most commonly used approach
A Domain
22. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Access control to the objects by the subjects
Its classification label (Top Secret - Secret or confidential)
Continuous protection - O/B
A security domain
23. Permits a database to have two records that are identical except for Their classifications
Polyinstantiation
Dedicated Security Mode
Files - directories and devices
B3 - Rating
24. What does the simple security (ss) property mean in the Bell-LaPadula model?
Fail safe
B1 - Labeled Security
A Limit Register (Memory Management)
No read up
25. The Reserved hard drive space used to to extend RAM capabilites.
Swap Space
International Standard 15408
Mandatory Access Control (MAC)
Multilevel Security Policies
26. The Security Model Incorporates the ____________ that should be enforced in the system.
Relative Addresses
Security Policy
Primary storage
C2
27. What prevents a process from accessing another process' data?
Controlling unauthorized downgrading of information
Models concerned with integrity
B2
Process isolation
28. Discretionary protection
B2 - Structured Protection
Subject to Object Model
Disclosure of residual data
Orange Book C
29. System Architecture that separates system functionality into Hierarchical layers
Highly secure systems (B2 - B3 and A1)
A Layered Operating System Architecure
The Tranqulity principle (The Bell-LaPadula Model)
The Simple Security Property
30. In access control terms - the word "dominate" refers to ___________.
Higher or equal to access class
Stored in Reak Memory
Access control to the objects by the subjects
Programmable Read-Only Memory (PROM)
31. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
Direct Addressing
Dedicated Security Mode
Totality of protection mechanisms
Access Matrix model
32. Trusted facility management is an assurance requirement only for ________________.
Security mechanisms and evalautes their effectivenes
Pipelining
Most commonly used approach
Highly secure systems (B2 - B3 and A1)
33. The TCB is the ________________ within a computer system that work together to enforce a security policy.
Totality of protection mechanisms
Constrained
TCB (Trusted Computing Base)
Complex Instruction Set Computers (CISC)
34. Users need to be Identified individually to provide more precise acces control and auditing functionality.
State machine model
The reference monitor
C2 - Controlled Access Protection
Prevent secret information from being accessed
35. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
All Mandatory Access Control (MAC) systems
The security perimeter
Polyinstantiation
Basic Security Theorem (used in computer science) definition
36. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Ring 1
Trusted hardware - Software and Firmware
Need-to-know
Orange Book - B3
37. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
The *-Property rule (Star property)
International Standard 15408
Swap Space
Complex Instruction Set Computers (CISC)
38. The assignment of a specific individual to administer the security-related functions of a system.
Security rating B
The Tranqulity principle (The Bell-LaPadula Model)
Physical security
Trusted facility management
39. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Direct addressing
Orange Book B
The Red Book
First evaluation class
40. Using TPs (Transformation Procedures) to modify CDIs (Constrained Data) items is refered to as Well-Formed transaction
Disclosure of residual data
Scalar processors
TCB (Trusted Computing Base)
Clark-Wilson Model
41. The combination of RAM - Cache and the Processor Registers
Primary storage
Isolate processes
Controlling unauthorized downgrading of information
Orange Book - B1
42. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
In C2 - Controlled Access Protection environment
Controls the checks
Physical security
Secondary Storage
43. Which Orange Book evaluation level is described as "Verified Design"?
Polyinstantiation
A1
B2 rating
C2 - Controlled Access Protection
44. Should always trace to individuals responsible for observing and recording the data
Clark-Wilson
B3
The Security Kernel
Attributable data
45. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Evaluated separately
Prevent secret information from being accessed
Storage and timing
Direct addressing
46. Audit data must be captured and protected to enforce accountability
State machine model
C2
The Trusted Computing Base (TCB)
Accountability - Orange Book
47. The group that oversees the processes of evaluation within TCSEC is?
No read down
Trusted Products Evaluation Program (TPEP)
A single classification and a Compartment Set
The rule is talking about "Reading"
48. The security kernel is the mechanism that _____________ of the reference monitor concept.
A security domain
B1 - Labeled Security rating
Fail safe
Enforces the rules
49. Each data object must contain a classification label and each subject must have a clearance label.
The Trusted Computing Base (TCB)
Orange Book C
B1 - Labeled Security
The Evaluated Products List (EPL) with their corresponding rating
50. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Files - directories and devices
The security kernel
Dedicated Security Mode
No read down
