CISSP Security Architecture And Design MCQ Questions Answers

1. Static packet filtering firewalls are limited to ________.

2. What is called the formal acceptance of the adequacy of a system's overall security by management?

3. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.

4. The TCB is the ________________ within a computer system that work together to enforce a security policy.

5. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.

6. Mandatory access control is enfored by the use of security labels.

7. When a portion of primary memory is accessed by specifying the actual address of the memory location

8. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?

9. Audit data must be captured and protected to enforce accountability

10. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.

11. When a computer uses more than one CPU in parallel to execute instructions is known as?

12. What does the simple security (ss) property mean in the Bell-LaPadula model?

13. The security kernel is the mechanism that _____________ of the reference monitor concept.

14. What does the Clark-Wilson security model focus on

15. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.

16. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.

17. Permits a database to have two records that are identical except for Their classifications

18. Applications and user activity

19. Contains the beginning address

20. When a vendor submits a product for evaluation - it submits it to the ____________.

21. The subject must have Need to Know for ONLY the information they are trying to access.

22. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?

23. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.

24. A1 is also called "Verified Design" and requires formal verification of the design and specifications.

25. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.

26. Data in Cache can be accessed much more quickly than Data

27. Happen because input data is not checked for appropriate length at time of input

28. TCB contains The Security Kernel and all ______________.

29. The Bell-LaPadula Model is a _______________.

30. Security Labels are not required until __________; thus C2 does not require security labels but B1 does

31. The Security Model Incorporates the ____________ that should be enforced in the system.