CISSP Security Architecture And Design MCQs

CISSP Security Architecture And Design MCQs

These CISSP Security Architecture And Design multiple-choice questions and their answers will help you strengthen your grip on the subject of CISSP Security Architecture And Design. You can prepare for an upcoming exam or job interview with these 30 CISSP Security Architecture And Design MCQs.
So scroll down and start answering.

1: The Security Model Incorporates the ____________ that should be enforced in the system.

A.   Division D - Minimal Protection

B.   Models concerned with integrity

C.   Security Policy

D.   Discretionary Security Property (ds-property)

2: Security Labels are not required until __________; thus C2 does not require security labels but B1 does

A.   Security rating B

B.   A1

C.   Controls the checks

D.   Mandatory access control

3: The Bell-LaPadula Model is a _______________.

A.   Subject to Object Model

B.   Be protected from modification

C.   Reduced Instruction Set Computers (RISC)

D.   Its classification label (Top Secret - Secret or confidential)

4: TCB contains The Security Kernel and all ______________.

A.   Security protection mechanisms

B.   The National Computer Security Center (NCSC)

C.   Documentation - Orange Book

D.   Ring 3

5: Happen because input data is not checked for appropriate length at time of input

A.   Security Policy - Orange Book

B.   Multitasking

C.   Invocation Property

D.   Buffer overflows

6: Data in Cache can be accessed much more quickly than Data

A.   Stored in Reak Memory

B.   Identification - Orange Book

C.   C1

D.   Examples of Layered Operating Systems

7: Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.

A.   Security mechanisms and evalautes their effectivenes

B.   C2 - Controlled Access Protection

C.   A Domain

D.   The National Computer Security Center (NCSC)

8: A1 is also called "Verified Design" and requires formal verification of the design and specifications.

A.   *-Integrity Axiom

B.   Security Policy - Orange Book

C.   Pipelining

D.   Orange Book - A1

9: A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.

A.   The Evaluated Products List (EPL) with their corresponding rating

B.   Prohibits

C.   Process isolation

D.   Security Policy

10: What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?

A.   A1

B.   The security perimeter

C.   A security kernel

D.   Trusted Products Evaluation Program (TPEP)

11: The subject must have Need to Know for ONLY the information they are trying to access.

A.   B3

B.   System High Security Mode

C.   The Strong star property rule

D.   The Clark Wilson integrity model

12: When a vendor submits a product for evaluation - it submits it to the ____________.

A.   C1 - Discretionary Security Protection

B.   The Rule is talking about writing

C.   The National Computer Security Center (NCSC)

D.   A security kernel

13: Contains the beginning address

A.   Buffer overflows

B.   A Base Register (Memory Management)

C.   State machine model

D.   The Strong star property rule

14: Applications and user activity

A.   Ring 3

B.   The *-Property rule (Star property)

C.   Higher or equal to access class

D.   Implement software or systems in a production environment

15: Permits a database to have two records that are identical except for Their classifications

A.   The Trusted Computing Base (TCB)

B.   Ring 3

C.   No write down

D.   Polyinstantiation

16: B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.

A.   A security domain

B.   Prevent secret information from being accessed

C.   Access control to the objects by the subjects

D.   Orange Book - B3

17: TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.

A.   The Rule is talking about writing

B.   The Monolithic Operation system Architecture

C.   The security perimeter

D.   NOT Integrity

18: What does the Clark-Wilson security model focus on

A.   Swap Space

B.   Types of covert channels

C.   Integrity

D.   The TCSEC - Aka Orange Book

19: The security kernel is the mechanism that _____________ of the reference monitor concept.

A.   Enforces the rules

B.   C2

C.   Secondary Storage

D.   Firmware

20: What does the simple security (ss) property mean in the Bell-LaPadula model?

A.   Continuous protection - O/B

B.   Trusted hardware - Software and Firmware

C.   No read up

D.   Division B - Mandatory Protection Architecture

21: When a computer uses more than one CPU in parallel to execute instructions is known as?

A.   Programmable Read-Only Memory (PROM)

B.   Multiprocessing

C.   Multitasking

D.   C2 - Controlled Access Protection

22: If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.

A.   Basic Security Theorem (used in computer science) definition

B.   Attributable - original - accurate - contemporaneous and legible

C.   Types of covert channels

D.   Identification - Orange Book

23: Audit data must be captured and protected to enforce accountability

A.   Primary storage

B.   Accountability - Orange Book

C.   Evaluated separately

D.   The security perimeter

24: Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?

A.   Bell-LaPadula Model

B.   Trusted Products Evaluation Program (TPEP)

C.   Trusted hardware - Software and Firmware

D.   B3

25: When a portion of primary memory is accessed by specifying the actual address of the memory location

A.   Trusted hardware - Software and Firmware

B.   Attributable data

C.   Files - directories and devices

D.   Direct addressing

26: Mandatory access control is enfored by the use of security labels.

A.   Need-to-know

B.   Division B - Mandatory Protection

C.   The National Computer Security Center (NCSC)

D.   Orange Book - D

27: B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.

A.   First evaluation class

B.   Swap Space

C.   Cache Memory

D.   The Common Criteria

28: The TCB is the ________________ within a computer system that work together to enforce a security policy.

A.   Accountability - Orange Book

B.   The Integrity of data within applications

C.   Pagefile.sys file

D.   Totality of protection mechanisms

29: The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.

A.   Disclosure of residual data

B.   The Trusted Computing Base (TCB)

C.   Relative Addresses

D.   Division B - Mandatory Protection

30: What is called the formal acceptance of the adequacy of a system's overall security by management?

A.   The Red Book

B.   A Thread

C.   C1

D.   Accreditation

31: Static packet filtering firewalls are limited to ________.

A.   Inspecting packets for which there are good application proxy filtering rules

B.   Inspecting packets in isolation from their context

C.   Both A and B

D.   Neither A nor B