SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Security Architecture And Design
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Configuration management is also defined in the Orange Book BUT As a _____________________ and NOT an operational assurance requirement.
A Domain
Life Cycle Assurance Requirement
Orange Book B
Bell-LaPadula Model
2. What does the simple security (ss) property mean in the Bell-LaPadula model?
The Biba Model
The Simple Security Property
No read up
NOT Integrity
3. TCB contains The Security Kernel and all ______________.
Controls the checks
security protection mechanisms
Covert channels
Division B - Mandatory Protection
4. To ensure that the Trusted Computing Base is not tampered with during shipment or installation.
Trusted Distribution
Basic Security Theorem (used in computer science) definition
Orange Book B
Ring 1
5. A form of ROM(Read-Only Memory) that can be modified after it has been manufactured. It can only be programmed only one time.
'Dominate'
Programmable Read-Only Memory (PROM)
Orange Book A
Orange Book ratings
6. Each data object must contain a classification label and each subject must have a clearance label.
Its classification label (Top Secret - Secret or confidential)
A Base Register (Memory Management)
Virtual Memory
B1 - Labeled Security
7. There is only only one class in Division D. Reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions.
B3
The Simple Security Property
Access control to the objects by the subjects
Division D - Minimal Protection
8. Verification Protection
C2 - Controlled Access Protection
Orange Book ratings
Orange Book A
A Base Register (Memory Management)
9. The *-Property rule is refered to as ____________.
Security rating B
The "No write Down" Rule
A Base Register (Memory Management)
Documentation - Orange Book
10. Which in the Orange Book ratings represents the highest level of trust?
Access Matrix model
security protection mechanisms
A Domain
B2
11. What are the components of an object's sensitivity label?
Orange Book A
No write down
A single classification and a Compartment Set
No read up
12. What is called the formal acceptance of the adequacy of a system's overall security by management?
attributability
Accreditation
Swap Space
First evaluation class
13. A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Protection Rings Support
Overt channel
TCB (Trusted Computing Base)
security protection mechanisms
14. A logical form of separation used by secure computing systems - Processes are _____________ so that each cannot access objects outside its permitted domain
'Dominate'
Constrained
The Clark Wilson integrity model
The *-Property rule (Star property)
15. Requires more stringent authentication mechanisms and well-defined interfaces among layers.
B2 - Structured Protection
Indexed addressing
Disclosure of residual data
TCB (Trusted Computing Base)
16. When the RAM and secondary storage are combined the result is __________.
Scalar processors
The "No read Up" rule
The Simple Security Property
Virtual Memory
17. Accreditation is also defined as an ____________________ by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards
Administrative declaration
Process isolation
The Trusted Computing Base (TCB)
Subject to Object Model
18. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
A and B
Clark-Wilson
The rule is talking about "Reading"
Security mechanisms and evalautes their effectivenes
19. The Bell-LaPadula Model is a _______________ that enforces Confidentiality aspect of access control. Formed by David Bell and Leonard LaPadula.
A1
The Strong star property rule
The rule is talking about "Reading"
State machine model
20. Best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in the system?
Fail safe
Most commonly used approach
Relative Addresses
No read up
21. Security is made up of: System administration - ________ - installation and configuration mechanisms within the environment - and other security issues.
B1 - Labeled Security
Reduced Instruction Set Computers (RISC)
Physical security
No read up
22. A nonvolatile storage media etc computer hard drive - floppy disks and CD-ROMs
A1 - Rating
Direct addressing
In C2 - Controlled Access Protection environment
Secondary Storage
23. In the Bell-LaPadula Model the Subject's Label contains ___________________.
The Thread (memory Management)
Its Clearance Label (Top Secret - Secret - or Confidential)
Evaluated separately
Controls the checks
24. Operating System Kernel
Trusted Network Interpretation (TNI)
The National Computer Security Center (NCSC)
Clark-Wilson
Ring 0
25. The reserved hard drive space used to Extend RAM capabilities. Windows system use the pagefile.sys file to reserve this space
The security perimeter
Swap Space
Its Clearance Label (Top Secret - Secret - or Confidential)
Files - directories and devices
26. This type of environment is highly secured environment that processes very sensitive information. It requires systems that are highly resistant to penetration.
Relative Addresses
Stored in Reak Memory
The *-Property rule (Star property)
B3 - Rating
27. Security Policies that prevent information from flowing from a higher security level to a lower security level are called ____________.
Life-cycle assurance - O/B
Multilevel Security Policies
Security Policy
The Thread (memory Management)
28. Discretionary protection
The National Computer Security Center (NCSC)
Life-cycle assurance - O/B
Orange Book C
Cache Memory
29. Bell-LaPadula Model -______________: A subject in a given security level can NOT WRITE information to a LOWER security level.
A security kernel
The *-Property rule (Star property)
Operational assurance requirements
Polyinstantiation
30. Software - hardware and firmware must be able to be tested individually to ensure that each enforces the security policy in an effective manner throughout their lifetimes.
The Common Criteria
Security Policy - Orange Book
Life-cycle assurance - O/B
Protection Rings Support
31. Levels of Security and Levels of Trust Lower Letters of the alphabet represent higher levels of security. Higher numbers indicate a greater level of trust.
Virtual storage
Certification
Orange Book ratings
*-Integrity Axiom
32. When a computer spends more time moving data from one small portion of memory to another THAN Actually processing the data
Disclosure of residual data
The "No read Up" rule
Highly secure systems (B2 - B3 and A1)
Thrashing
33. Execute one instruction at a time.
Scalar processors
Disclosure of residual data
Trusted Distribution
attributability
34. Based on a known address with an offset value applied.
A1 - Rating
Stored in Reak Memory
Relative Addresses
Most commonly used approach
35. Reference Monitor is responsible for ______________ it compares the security labels of a subject and an object
Access control to the objects by the subjects
Files - directories and devices
Subject to Object Model
Dedicated Security Mode
36. In both the Bell-LaPadula and Biba Models if the word "Simple is used ______________.
C2
The "No write Down" Rule
The rule is talking about "Reading"
Absolute addresses
37. In an automated system ________________ could be achieved by: A computer system designed to identify individuals responsible for any input.
A Domain
attributability
Scalar processors
No write down
38. The _________________ specified in the Orange Book are: System architecture - System integrity - Covert channel analysis - Trusted facility management and Trusted recovery.
Operational assurance requirements
Networks and Communications
A and B
A Thread
39. As per FDA data should be ______________________________.
Pipelining
Primary storage
Attributable - original - accurate - contemporaneous and legible
Division D - Minimal Protection
40. When a portion of primary memory is accessed by specifying the actual address of the memory location
Direct addressing
The Biba Model
The security perimeter
The Monolithic Operation system Architecture
41. The Bell-LaPaula Model's main goal was to ___________________ in an unauthorized manner. (Developed by the US gov)
Ring 0
Simple Security Rule
Prevent secret information from being accessed
Direct addressing
42. System Architecture that separates system functionality into Hierarchical layers
Isolate processes
The "No write Down" Rule
A Layered Operating System Architecure
Certification
43. The combination of RAM - Cache and the Processor Registers
Secondary Storage
Real storage
C2 - Controlled Access Protection
Primary storage
44. The Indexed memory addresses that software uses
Logical addresses
Implement software or systems in a production environment
No read up
Trusted Products Evaluation Program (TPEP)
45. Developed after the Bell-LaPadula model. Its a state machine model and is very similar to the Bell-LaPadula Model.
The Biba Model
B3 - Security Domains
B2 - Structured Protection
Accreditation
46. The Availability - Integrity and confidentiality requirements of multitasking operating systems
B3 - Security Domains
Constrained
Evaluated separately
Protection Rings Support
47. A type of memory used for High-speed writing and reading activities.
Cache Memory
Secondary Storage
Identification - Orange Book
Ring 0
48. Minimal Security
Programmable Read-Only Memory (PROM)
Pipelining
Orange Book - D
Controlling unauthorized downgrading of information
49. Which uses Protection Profiles and Security Targets?
Attributable - original - accurate - contemporaneous and legible
International Standard 15408
Most commonly used approach
The Common Criteria
50. THE (Technische Hogeschool Eindhoven) - VAX/VMS - Multics and Unix . THE and Multics are no longer in use
Division D - Minimal Protection
Buffer overflows
C2 - Controlled Access Protection
Examples of Layered Operating Systems
