Security Architecture and Design Prep Test


1. 

The four CPU operating states include all the following except

  1. Operating

  2. Problem

  3. Wait

  4. Virtual

image from book

2. 

A computer system that alternates execution of multiple subprograms on a single processordescribes what type of system?

  1. Multiprogramming

  2. Multitasking

  3. Multiuser

  4. Multiprocessing

image from book

3. 

An address used as the origin for calculating other addresses describes

  1. Base addressing

  2. Indexed addressing

  3. Indirect addressing

  4. Direct addressing

image from book

4. 

The four main functions of the operating system include all the following except

  1. Process management

  2. BIOS management

  3. I/O device management

  4. File management

image from book

5. 

The total combination of protection mechanisms within a computer system, including hardware, firmware, and software, which is responsible for enforcing a security policydefines

  1. Reference monitor

  2. Security kernel

  3. Trusted Computing Base

  4. Protection domain

image from book

6. 

A system that continues to operate following failure of a network component describes which type of system?

  1. Fault-tolerant

  2. Fail-safe

  3. Fail-soft

  4. Failover

image from book

7. 

Which of the following access control models addresses availability issues?

  1. Bell-LaPadula

  2. Biba

  3. Clark-Wilson

  4. None of the above

image from book

8. 

The four basic control requirements identified in the Orange Book include all the following except

  1. Role-based access control

  2. Discretionary access control

  3. Mandatory access control

  4. Object reuse

image from book

9. 

All the following Orange Book classes require mandatory access control protection except

  1. B2

  2. B3

  3. A1

  4. A2

image from book

10. 

Which of the following ITSEC classification levels is equivalent to TCSEC level B3?

  1. E3

  2. E4

  3. E5

  4. E6

image from book

Answers

1. 

D. Virtual.The four CPU operating states are operating (or run), problem (or application, supervisory, and wait. Review “CPU.”

2. 

B. Multitasking. A multiprogramming computer alternates execution of multiple programs on a single processor. A multiuser computer supports several users. A multiprocessing computer executes multiple programs on multiple processors. Review “CPU.”

3. 

A. Base addressing. Indexed addressing specifies an address relative to an index register. Indirect addressing specifies the address of the desired location. Direct addressing specifies the desired location. Review “Memory.”

4. 

B. BIOS management.The four main functions of an OS are process management, I/O device management, memory management, and file management. The system BIOS operates independently of the OS. Review “Software.”

5. 

C. Trusted Computing Base. A reference monitor enforces access controls on an object. A security kernel implements the reference monitor concept. A protection ring is a security concept that implements the principle of least privilege. Review “Trusted Computing Base (TCB).”

6. 

A. Fault-tolerant. A fail-safe system terminates program execution. A fail-soft system continues functioning in a degraded mode. A failover system automatically switches to a hot backup. Review “Recovery procedures.”

7. 

D. None of the above. Bell-LaPadula addresses confidentiality issues. Biba and Clark-Wilson address integrity issues. Review “Access Control Models.”

8. 

A. Role-based access control.The four basic control requirements identified in the Orange Book are discretionary access control, mandatory access control, object reuse, and labels. Review “Trusted Computer System Evaluation Criteria (TCSEC).”

9. 

D. A2. Orange Book levels B1, B2, B3, and A1 all require mandatory access control protection. A2 is a non-existent level. Review “Trusted Computer System Evaluation Criteria (TCSEC).”

10. 

C. E5. E3 is equivalent toTCSEC level B1, E4 to B2, and E6 to A1. Review “European Information Technology Security Evaluation Criteria (ITSEC).”




CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net