1. Static packet filtering firewalls are limited to ________.
2. What is called the formal acceptance of the adequacy of a system's overall security by management?
3. The total(sum)combination of protection mechanisms within a computer system. The TCB includes hardware - software - and firmware.
4. The TCB is the ________________ within a computer system that work together to enforce a security policy.
5. B1 is the ___________________ of the Trusted Network Interpretation (TNI) or TCSEC that offers labeled security protection.
6. Mandatory access control is enfored by the use of security labels.
7. When a portion of primary memory is accessed by specifying the actual address of the memory location
8. Which evaluation class of the Trusted Network Interpretation (TNI) offers security domains?
9. Audit data must be captured and protected to enforce accountability
10. If a system initializes in a secure state and all allowed state transitions are secure - the every subsequent state will be secure no matter what inputs occur.
11. When a computer uses more than one CPU in parallel to execute instructions is known as?
12. What does the simple security (ss) property mean in the Bell-LaPadula model?
13. The security kernel is the mechanism that _____________ of the reference monitor concept.
14. What does the Clark-Wilson security model focus on
15. TCSEC addresses Confidentiality - but _____________ . The TCSEC focuses mainly on one attribute of Security Confidentiality.
16. B3 is also called "Security Domains" and imposes more granularity in each protection mechanism.
17. Permits a database to have two records that are identical except for Their classifications
18. Applications and user activity
19. Contains the beginning address
20. When a vendor submits a product for evaluation - it submits it to the ____________.
21. The subject must have Need to Know for ONLY the information they are trying to access.
22. What is defined as the hardware - firmware and software elements of a trusted computing base that implement the reference monitor concept?
23. A ring protection system ________: User mode programs from direct access to peripherals and requires them to make use of services running at more privileged levels.
24. A1 is also called "Verified Design" and requires formal verification of the design and specifications.
25. Certification is a Technical review that assesses the _____________ - where as Accreditation is management's Official acceptance of the information in the Certification process findings.
26. Data in Cache can be accessed much more quickly than Data
27. Happen because input data is not checked for appropriate length at time of input
28. TCB contains The Security Kernel and all ______________.
29. The Bell-LaPadula Model is a _______________.
30. Security Labels are not required until __________; thus C2 does not require security labels but B1 does
31. The Security Model Incorporates the ____________ that should be enforced in the system.
CISSP Telecom And Network Security
GIAC
SSCP: Systems Security Certified Practitioner
CISSP Crypto Domain
CISSP Physical Security
FortiGate
Related MCQ's