SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The Security Model Incorporates the ____________ that should be enforced in the system.
The security perimeter
The security kernel
Security Policy
Mandatory access control
2. Individual subjects must be uniquely identified.
Identification - Orange Book
Life Cycle Assurance Requirement
Orange Book B
The rule is talking about "Reading"
3. When a portion of primary memory is accessed by specifying the actual address of the memory location
Documentation - Orange Book
Direct addressing
NOT Integrity
Orange Book - D
4. The Simple Security rule is refered to as______________.
Multiprocessing
Pagefile.sys file
The "No read Up" rule
The Evaluated Products List (EPL) with their corresponding rating
5. The type of environment that would require A1 systems is the most secure of secure environments. It deals with top-secret information and cannot adequately trust anyone using the systems without strict authentication - restrictions and auditing.
Multitasking
A1 - Rating
Simple Integrity Axiom
Orange Book A
6. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
The Rule is talking about writing
Highly secure systems (B2 - B3 and A1)
Constrained
Division B - Mandatory Protection
7. The Orange book requires protection against two_____________ - which are these Timing and Storage
Buffer (temporary data storage area)
Types of covert channels
Simple Integrity Axiom
Buffer overflows
8. Which Orange Book evaluation level is described as "Verified Design"?
A1
Trusted hardware - Software and Firmware
Orange Book C
Sensitivity labels
9. Verification Protection
B2
Orange Book A
Trusted Products Evaluation Program (TPEP)
Disclosure of residual data
10. The Indexed memory addresses that software uses
Relative Addresses
Thrashing
Mandatory access control
Logical addresses
11. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
Security mechanisms and evalautes their effectivenes
Simple Security Rule
Subject to Object Model
The *-Property rule (Star property)
12. Which describe a condition when RAM and Secondary storage are used together?
Operational assurance requirements
Execution Domain
Evaluated separately
Virtual storage
13. The Physical memory address that the CPU uses
Absolute addresses
The security perimeter
Buffer (temporary data storage area)
Prevent secret information from being accessed
14. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
NOT Integrity
Security Policy is clearly defined and documented
Models concerned with integrity
The National Computer Security Center (NCSC)
15. Based on the Bell-LaPadula Security model - and evidence of reference monitor enforcement must be available.
The TCSEC - Aka Orange Book
TCB (Trusted Computing Base)
Division B - Mandatory Protection Architecture
Cache Memory
16. The Biba Model - _____________: A subject cannot read data from a lower Integrity level " No Read Down"
A and B
Sensitivity labels
Simple Integrity Axiom
B3
17. Based on a known address with an offset value applied.
A1
State machine model
Relative Addresses
Fail safe
18. When the address location that is specified in the program instruction contains the address of the final desired location.
Life Cycle Assurance Requirement
Indirect addressing
Operational assurance requirements
The security perimeter
19. According to the Orange Book - trusted facility management is not required for which security levels?
Real storage
B1
Polyinstantiation
Direct addressing
20. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
The "No read Up" rule
Totality of protection mechanisms
Implement software or systems in a production environment
The Integrity of data within applications
21. Documentation must be provided - including test - design - and specification document - user guides and manuals
Clark-Wilson
Erasable and Programmable Read-Only Memory (EPROM)
Documentation - Orange Book
Operational assurance requirements
22. The Orange Book describes four hierarchical levels to categorize security systems. Which levels require mandatory protection?
A Limit Register (Memory Management)
D
A and B
A Domain
23. The omission of networks and network components in the TCSEC was recognized and addressed in the "Trusted Network Interpretation of the TCSEC" otherwise known as ___________.
The Integrity of data within applications
The Red Book
Orange Book A
Controls the checks
24. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
A Thread
Firmware
B2 - Structured Protection
The Tranqulity principle (The Bell-LaPadula Model)
25. In the Orange Book - functionality and assurance are NOT _____________ as they are in the ITSEC and the Common Criteria.
Disclosure of residual data
Evaluated separately
Most commonly used approach
A lattice of Intergrity Levels
26. The Biba Model - ______________: A Subject cannot write data to an object at a higher integrity level (No write Up)
*-Integrity Axiom
The security kernel
Administrative declaration
Orange Book C
27. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Orange Book ratings
The Evaluated Products List (EPL) with their corresponding rating
Government and military applications
C2
28. The Policy must be explicit and well defined and enforced by the mechanisms within the system
Discretionary Security Property (ds-property)
Security Policy - Orange Book
B3
C1
29. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
The security perimeter
Orange Book - B2
A1
Prevent secret information from being accessed
30. According to the Orange Book - which security level is the first to require a system to protect against covert timing channels?
Sensitivity labels
The Evaluated Products List (EPL) with their corresponding rating
The security kernel
B3
31. For rhe type of environment that processes sensitive data that require a higher degree of security. It requires systems that are relatively resistant to peneration and compromise
Mandatory Access Control (MAC)
A lattice of Intergrity Levels
Need-to-know
B2 rating
32. System Architecture that separates system functionality into Hierarchical layers
The security perimeter
Bell-LaPadula Model
A Base Register (Memory Management)
A Layered Operating System Architecure
33. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. The security mechanisms and the system as a whole must perform predictably and acceptably in different situations continuously.
B3
Orange Book - D
Certification
Continuous protection - O/B
35. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
attributability
The Trusted Computing Base (TCB)
Scalar processors
Totality of protection mechanisms
36. Users need to be Identified individually to provide more precise acces control and auditing functionality.
The security perimeter
Multitasking
C2 - Controlled Access Protection
Security rating B
37. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
Orange Book - B2
The Strong star property rule
Need-to-know
Implement software or systems in a production environment
38. Which Orange Book evaluation level is described as "Controlled Access Protection"? - This class requires a more granular method of providing access control. The system must enforce strict logon procedures and provide decision-making capabilites when
B2 rating
Virtual storage
C2
Prevent secret information from being accessed
39. In B1 the security policy is based on Informal statement and the design specifications are reviewed and verified where as in B2 the ___________________ - and the system design and implementation are subject to more thorough review and testing procedu
Secondary Storage
The Integrity of data within applications
Complex Instruction Set Computers (CISC)
Security Policy is clearly defined and documented
40. Mandatory Access requires that _____________ be attached to all objects.
Sensitivity labels
Security Policy is clearly defined and documented
Multiprocessing
Simple Integrity Axiom
41. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
The "No write Down" Rule
Dominate the object's sensitivity label
Orange Book interpretations
Trusted hardware - Software and Firmware
42. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Isolate processes
Swap Space
Secondary Storage
TCB (Trusted Computing Base)
43. The assignment of a specific individual to administer the security-related functions of a system.
Trusted facility management
Be protected from modification
Pipelining
attributability
44. In the Bell-LaPadula Model the Object's Label contains ___________________.
All Mandatory Access Control (MAC) systems
Reduced Instruction Set Computers (RISC)
Its classification label (Top Secret - Secret or confidential)
Orange Book - B2
45. Involves sharing the processor amoung all ready processes
Orange Book - A1
B2 rating
B2
Multitasking
46. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Basic Security Theorem (used in computer science) definition
Bell-LaPadula Model
Certification
The Trusted Computing Base (TCB)
47. Minimal Security
Simple Security Rule
Dedicated Security Mode
Implement software or systems in a production environment
Orange Book - D
48. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Most commonly used approach
The "No write Down" Rule
Direct Addressing
Orange Book ratings
49. What does the Clark-Wilson security model focus on
Integrity
Process isolation
Indexed addressing
A Limit Register (Memory Management)
50. The reference monitor - in accordance with the security policy - ____________ that are made in the access control database.
B3 - Security Domains
Controls the checks
The "No read Up" rule
Virtual storage