SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What does the simple integrity axiom mean in the Biba model?
No read down
Swap Space
Prevent secret information from being accessed
Bell-LaPadula Model
2. The Simple Security rule is refered to as______________.
B1 - Labeled Security
The "No write Down" Rule
The "No read Up" rule
Virtual storage
3. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
Orange Book - B1
The Biba Model
Fail safe
A Thread
4. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
The Security Kernel
TCB (Trusted Computing Base)
Fail safe
A security kernel
5. The Physical memory address that the CPU uses
Absolute addresses
The Trusted Computing Base (TCB)
Erasable and Programmable Read-Only Memory (EPROM)
Process isolation
6. The security kernel is the mechanism that _____________ of the reference monitor concept.
Examples of Layered Operating Systems
B2 rating
Multilevel Security Policies
Enforces the rules
7. The biggest difference between System High Security Mode and Dedicated Security Mode is: ______.
Need-to-know
Implement software or systems in a production environment
Orange Book C
The Biba Model
8. In which users are processing information at the same sensitivity level; thus - strict access control and auditing measures are not required. It would be a trusted envirnment with low security concerns.
C2 - Controlled Access Protection
C1 - Discrection Security Protection is a type of environment
Accreditation
No read down
9. Which TCSEC level first addresses object reuse?
Evaluated separately
Stored in Reak Memory
Integrity
C2
10. A domain of trust that shares a single security policy and single management
A security domain
Orange Book - B2
C1
Orange Book ratings
11. Individual subjects must be uniquely identified.
C2 - Controlled Access Protection
Division C - Discretionary Protection
Identification - Orange Book
The reference monitor
12. Which can be used as a covert channel?
Storage and timing
Trusted hardware - Software and Firmware
Scalar processors
Clark-Wilson Model
13. The centerpiece of the DoD Rainbow Series publications.Developed by the National Computer Security Center (NCSC)?
Cache Memory
Buffer overflows
Direct Addressing
The TCSEC - Aka Orange Book
14. What model use an access control triples and requires that the system maintain separation of duty ?
D
Identification - Orange Book
Clark-Wilson
Mandatory access control
15. In both the Bell-LaPadula and Biba Models if the word "* or Star is used - _______________.
The Rule is talking about writing
Covert channels
D
Division C - Discretionary Protection
16. When a computer uses more than one CPU in parallel to execute instructions is known as?
The Thread (memory Management)
Ring 1
Highly secure systems (B2 - B3 and A1)
Multiprocessing
17. Remaining parts of the operating system
Ring 1
A Limit Register (Memory Management)
Virtual storage
Primary storage
18. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
A security kernel
The National Computer Security Center (NCSC)
Security Policy
Programmable Read-Only Memory (PROM)
19. The Biba Model adresses _____________________.
Electrically Erasable and Programmable Read-Only Memory (EEPROM)
Trusted Distribution
The Integrity of data within applications
A1 - Rating
20. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Its Clearance Label (Top Secret - Secret - or Confidential)
Thrashing
Ring 3
C1 - Discretionary Security Protection
21. Which addresses a portion of the primary memory by specifying the actual address of the memory location?
The *-Property rule (Star property)
Direct Addressing
Government and military applications
C2 - Controlled Access Protection
22. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
C2
Invocation Property
Storage and timing
Evaluated separately
23. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
Dominate the object's sensitivity label
Absolute addresses
security protection mechanisms
State machine model
24. The object reuse concept must also be invoked - meaning that any medium holding data must not contain any remnants of information after it is released for another subject to use. All data must be efficiently erased once the subject is doen with the m
The Thread (memory Management)
C2 - Controlled Access Protection
Division B - Mandatory Protection
Constrained
25. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
Swap Space
Evaluated separately
The rule is talking about "Reading"
The Clark Wilson integrity model
26. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. The C2 evaluation class of the _________________ offers controlled access protection.
B3
Need-to-know
Trusted Network Interpretation (TNI)
Certification
28. What are the components of an object's sensitivity label?
Clark-Wilson Model
B2 rating
Programmable Read-Only Memory (PROM)
A single classification and a Compartment Set
29. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
Evaluated separately
A security domain
The *-Property rule (Star property)
An abstract machine
30. System Architecture that separates system functionality into Hierarchical layers
The Biba Model
Life Cycle Assurance Requirement
A Layered Operating System Architecure
Trusted Distribution
31. A portion of a process. When the thread is generated - it shares the same domain(resources) as its process.
Assigned labels
Cache Memory
A Thread
Ring 2
32. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
attributability
Ring 2
The Clark Wilson integrity model
Attributable data
33. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Be protected from modification
Secondary Storage
Swap Space
Scalar processors
34. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
A security domain
C1 - Discretionary Security Protection
Multitasking
Types of covert channels
35. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
Continuous protection - O/B
Assigned labels
Trusted Products Evaluation Program (TPEP)
C2
36. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Implement software or systems in a production environment
Examples of Layered Operating Systems
Controlling unauthorized downgrading of information
A security kernel
37. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
C1 - Discrection Security Protection is a type of environment
An abstract machine
Pipelining
38. Commonly referred to as The Big Mess Because of its lack of structure. MS-DOS is an example of a monolithic operation system
The Monolithic Operation system Architecture
Orange Book interpretations
attributability
C2 - Controlled Access Protection
39. Users are trusted but a certain level of accountability is required. C2 over is seen as the most reasonable class for commmercial applications - but the level of protection is still relatively weak.
Execution Domain
The TCSEC - Aka Orange Book
In C2 - Controlled Access Protection environment
Fail safe
40. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
The Thread (memory Management)
No write down
Swap Space
41. In B2 Subjects and devices requre labels and the system must NOT allow ________. No Trapdoors exists.
Overt channel
The rule is talking about "Reading"
Covert channels
B3
42. What does the simple security (ss) property mean in the Bell-LaPadula model?
Highly secure systems (B2 - B3 and A1)
No read up
Secondary Storage
'Dominate'
43. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Trusted Distribution
D
*-Integrity Axiom
Implement software or systems in a production environment
44. Simpler instructions that require fewer clock cycles to execute.
A security kernel
The security perimeter
Reduced Instruction Set Computers (RISC)
Logical addresses
45. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
Orange Book ratings
C2 - Controlled Access Protection
Division D - Minimal Protection
Its classification label (Top Secret - Secret or confidential)
46. The *-Property rule is refered to as ____________.
The "No write Down" Rule
Primary storage
Orange Book B
Documentation - Orange Book
47. Components considered as part of the Trusted Computing Base (from the Orange Book) are?
Dominate the object's sensitivity label
The security perimeter
Buffer overflows
Trusted hardware - Software and Firmware
48. When the address location that is specified in the program instruction contains the address of the final desired location.
C1
Indirect addressing
The Red Book
Ring 0
49. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
Controls the checks
B3 - Security Domains
A and B
All Mandatory Access Control (MAC) systems
50. The Biba model (introduced in 1977) - The Sutherland model (published in 1986) - The Brewer-Nash model (published in 1989)
The Evaluated Products List (EPL) with their corresponding rating
Identification - Orange Book
A Thread
Models concerned with integrity
