SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Division C - Discretionary Protection
Orange Book A
Thrashing
TCB (Trusted Computing Base)
2. The process of Evaluating the security stance of the software or system against a selected set of standards or policies. This may precede accreditation but is not a required precursor.
The security kernel
The Rule is talking about writing
Certification
Integrity
3. This class ("Structured Protection") requires more stringent authentication mechanisms and well-defined interfaces between layers. Subjects and devices require labels and the system must not allow covert channels.
B1 - Labeled Security
Orange Book - B2
Discretionary Security Property (ds-property)
A1 - Rating
4. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Ring 3
Protection Rings Support
Need-to-know
Operational assurance requirements
5. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
TCB (Trusted Computing Base)
Constrained
security protection mechanisms
Isolate processes
6. Based on a known address with an offset value applied.
The National Computer Security Center (NCSC)
Orange Book C
Division B - Mandatory Protection
Relative Addresses
7. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
Subject to Object Model
Basic Security Theorem (used in computer science) definition
Execution Domain
Swap Space
8. The total combination of protection mechanisms within a computer system
Pagefile.sys file
Swap Space
Access control to the objects by the subjects
TCB (Trusted Computing Base)
9. The Security Kernel is the Core of The TCB and is the _____________ to building trusted computing systems.
Absolute addresses
Orange Book - A1
Trusted facility management
Most commonly used approach
10. What does the simple security (ss) property mean in the Bell-LaPadula model?
No read up
Attributable - original - accurate - contemporaneous and legible
System High Security Mode
Cache Memory
11. Accreditation is the authorization by management to _____________________. This authorization may be either provisional or full.
Implement software or systems in a production environment
B1
Logical addresses
B2 - Structured Protection
12. Which integrity model defines a constrained data item - an integrity verification procedure and a transformation procedure?
Protection Rings Support
The Clark Wilson integrity model
TCB (Trusted Computing Base)
Government and military applications
13. The hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept.
Division B - Mandatory Protection
The security kernel
NOT Integrity
Implement software or systems in a production environment
14. Discretionary access control is based on individuals and/or groups. It requires a separation of users and information and identification and authentication of individual entities
C1 - Discretionary Security Protection
'Dominate'
Multitasking
A1 - Rating
15. Verification Protection
Orange Book A
A1
The security perimeter
Trusted Network Interpretation (TNI)
16. In Access Control terms it means to be higher than or equal to. In the Bell-Lapadula Model - this is refered to as the dominance relation - which is the relationship of the subject's clearance to the object's classification
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Which TCSEC level first addresses object reuse?
Trusted Network Interpretation (TNI)
B3
Buffer overflows
C2
18. What is called the formal acceptance of the adequacy of a system's overall security by management?
Accreditation
Overt channel
Life-cycle assurance - O/B
Division B - Mandatory Protection Architecture
19. Remaining parts of the operating system
Orange Book - D
Security Policy - Orange Book
The Rule is talking about writing
Ring 1
20. The Physical memory address that the CPU uses
Absolute addresses
Highly secure systems (B2 - B3 and A1)
Cache Memory
Protection Rings Support
21. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
The trustworthiness of an information system
Controls the checks
The Rule is talking about writing
Administrative declaration
22. According to the Orange Book - trusted facility management is not required for which security levels?
Pipelining
'Dominate'
B1
System High Security Mode
23. Bell-LaPadula - ______________: This rule is based on named subjects and objects. It specifies that specific permissions allow a subject to pass on permissions to pass on permissions at its own discretion. These permissions are stored in an access ma
Certification
The Evaluated Products List (EPL) with their corresponding rating
A and B
Discretionary Security Property (ds-property)
24. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
Secondary Storage
The Tranqulity principle (The Bell-LaPadula Model)
Physical security
Dominate the object's sensitivity label
25. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
Trusted facility management
B2 - Structured Protection
Multilevel Security Policies
Integrity
26. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channel
C2 - Controlled Access Protection
The Monolithic Operation system Architecture
Government and military applications
27. The Biba Model - ______________: A subject cannot request service (invoke) to subjects of higher integrity
The Red Book
Invocation Property
Orange Book A
Indirect addressing
28. Based on The Bell-LaPadula model - because it allows for multilevel security to be integrated into the code.
All Mandatory Access Control (MAC) systems
Accountability - Orange Book
Administrative declaration
Access Matrix model
29. What model use an access control triples and requires that the system maintain separation of duty ?
Orange Book ratings
The Thread (memory Management)
Polyinstantiation
Clark-Wilson
30. The reference monitor must mediate all access - _____________ - be verifiable as correct - and must always be invoked.
Be protected from modification
The National Computer Security Center (NCSC)
In C2 - Controlled Access Protection environment
Programmable Read-Only Memory (PROM)
31. When a vendor submits a product for evaluation - it submits it to the ____________.
The National Computer Security Center (NCSC)
A Base Register (Memory Management)
The TCSEC - Aka Orange Book
Most commonly used approach
32. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
Programmable Read-Only Memory (PROM)
No write down
Continuous protection - O/B
Certification
33. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
Orange Book - A1
Mandatory access control
Buffer (temporary data storage area)
Stored in Reak Memory
34. Succesfully Evaluated products are placed on?
A Base Register (Memory Management)
Files - directories and devices
The Evaluated Products List (EPL) with their corresponding rating
Division D - Minimal Protection
35. Applications and user activity
Security Policy is clearly defined and documented
Polyinstantiation
Ring 3
Life Cycle Assurance Requirement
36. Which Orange Book evaluation level is described as "Verified Design"?
A lattice of Intergrity Levels
A1
B2
Indirect addressing
37. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
Division B - Mandatory Protection
A lattice of Intergrity Levels
First evaluation class
Its classification label (Top Secret - Secret or confidential)
38. The Availability - Integrity and confidentiality requirements of multitasking operating systems
Orange Book ratings
Protection Rings Support
Trusted Network Interpretation (TNI)
Scalar processors
39. What does the simple integrity axiom mean in the Biba model?
Access Matrix model
The "No write Down" Rule
Subject to Object Model
No read down
40. Can be erased - modified and upgraded.
A security kernel
Prohibits
A Domain
Erasable and Programmable Read-Only Memory (EPROM)
41. The Red Book aka Trusted Network Interpretation (TNI) - provides _________________ for Trusted computer and communications network systems under the areas of assurance requirements
System High Security Mode
Virtual Memory
Government and military applications
Orange Book interpretations
42. Happen because input data is not checked for appropriate length at time of input
Orange Book - B1
Buffer overflows
The Tranqulity principle (The Bell-LaPadula Model)
The security perimeter
43. Bell-LaPadula model was proposed for enforcing access control in _____________________.
Security mechanisms and evalautes their effectivenes
A security kernel
Attributable data
Government and military applications
44. TCSEC provides a means to evaluate ______________________.
The trustworthiness of an information system
Controlling unauthorized downgrading of information
Overt channel
Mandatory Access Control (MAC)
45. The first mathematical model of a multi-level security policy used to define the concept of a secure state - the modes of access - and rules for granting access?
The security perimeter
State machine model
Bell-LaPadula Model
Complex Instruction Set Computers (CISC)
46. Should always trace to individuals responsible for observing and recording the data
C2
Attributable data
Documentation - Orange Book
Evaluated separately
47. What prevents a process from accessing another process' data?
Absolute addresses
The trustworthiness of an information system
The Monolithic Operation system Architecture
Process isolation
48. All users have a clearance for and a formal need to know about - all data processed with the system.
Dedicated Security Mode
No write down
The security kernel
A Limit Register (Memory Management)
49. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
C1
The security perimeter
Security Policy is clearly defined and documented
Security mechanisms and evalautes their effectivenes
50. Ssoftware that is stored within ROM (Read-Only Memory) - (ROM is nonvolatile)
Firmware
Compare the security labels
A1
Security Policy is clearly defined and documented