Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
100 Cards in this Set
- Front
- Back
|
A server farm is an example of:
A. ) Server clustering B. ) Redundant servers C. ) Multiple servers D. ) Server fault tolerance |
Server clustering
|
|
|
In which state must a computer system operate to process input/output instructions?
A. User mode B. Stateful inspection C. Interprocess communication D. Supervisor mode |
Supervisor mode
|
|
|
What should be the size of a Trusted Computer Base?
A. Small - in order to permit it to be implemented in all critical system components without using excessive resources. B. Small - in order to facilitate the detailed analysis necessary to prove that it meets design requirements. C. Large - in order to accommodate the implementation of future updates without incurring the time and expense of recertification. D. Large - in order to enable it to protect the potentially large number of resources in a typical commercial system environment |
Small - in order to facilitate the detailed analysis necessary to prove that it meets design
requirements. |
|
|
Which one of the following are examples of security and controls that would be found in a "trusted"
application system? A. Data validation and reliability B. Correction routines and reliability C. File integrity routines and audit trail D. Reconciliation routines and data labels |
File integrity routines and audit trail
|
|
|
Which of the following is an operating system security architecture that provides flexible support
for security policies? A. OSKit B. LOMAC C. SE Linux D. Flask |
Flask
|
|
|
Which of the following statements pertaining to the security kernel is incorrect?
A. ) It is made up of mechanisms that fall under the TCB and implements and enforces the reference monitor concept. B. ) It must provide isolation for the processes carrying out the reference monitor concept and they must be tamperproof C. ) It must be small enough to be able to be tested and verified in a complete and comprehensive manner D. ) Is an access control concept, not an actual physical component |
System performance and execution are enhanced.
|
|
|
What is a PRIMARY reason for designing the security kernel to be as small as possible?
A. The operating system cannot be easily penetrated by users. B. Changes to the kernel are not required as frequently. C. Due to its compactness, the kernel is easier to formally verify. D. System performance and execution are enhanced. |
Due to its compactness, the kernel is easier to formally verify.
|
|
|
Which of the following implements the authorized access relationship between subjects and
objects of a system? A. Security model B. Reference kernel C. Security kernel D. Information flow model |
Security kernel
|
|
|
The concept that all accesses must be meditated, protected from modification, and verifiable as
correct is the concept of A. Secure model B. Security locking C. Security kernel D. Secure state |
Security kernel
|
|
|
What is an error called that causes a system to be vulnerable because of the environment in which
it is installed? A. ) Configuration error B. ) Environmental error C. ) Access validation error D. ) Exceptional condition handling error |
Environmental error
|
|
|
Which of the following ensures that security is not breached when a system crash or other system
failure occurs? A. ) trusted recovery B. ) hot swappable C. ) redundancy D. ) secure boot |
trusted recovery
|
|
|
What type of subsystem is an application program that operates outside the operating system and
carries out functions for a group of users, maintains some common data for all users in the group, and protects the data from improper access by users in the group? A. Prevented subsystem B. Protected subsystem C. File subsystem D. Directory subsystem |
Protected subsystem
|
|
|
A Pseudo flaw is which of the following?
A. ) An apparent loophole deliberately implanted in an operating system B. ) An omission when generating Pseudo-code C. ) Used for testing for bounds violations in application programming D. ) A Normally generated page fault causing the system halt |
An apparent loophole deliberately implanted in an operating system
|
|
|
Which of the following yellow-book defined types of system recovery happens after a system fails
in an uncrontrolled manner in response to a TCB or media failure and the system cannot be brought to a consistent state? A. ) Recovery restart B. ) System reboot C. ) Emergency system restart D. ) System Cold start |
Emergency system restart
|
|
|
Which one of the following describes a reference monitor?
A. Access control concept that refers to an abstract machine that mediates all accesses to objects by subjects. B. Audit concept that refers to monitoring and recording of all accesses to objects by subjects. C. Identification concept that refers to the comparison of material supplied by a user with its reference profile. D. Network control concept that distributes the authorization of subject accesses to objects. |
Access control concept that refers to an abstract machine that mediates all accesses to objects
by subjects. |
|
|
What can best be described as an abstract machine which must mediate all access to subjects to
objects? A. ) A security domain B. ) The reference monitor C. ) The security kernel D. ) The security perimeter |
The reference monitor
|
|
|
What is the PRIMARY component of a Trusted Computer Base?
A. The computer hardware B. The security subsystem C. The operating system software D. The reference monitor |
The reference monitor
|
|
|
Which of the following is best defined as a mode of system termination that automatically leaves
system processes and components in a secure state when a failure occurs or is detected in the system? A. ) Fail proof B. ) Fail soft C. ) Fail safe D. ) Fail resilient |
Fail safe
|
|
|
LOMAC uses what Access Control method to protect the integrity of processes and data?
A. Linux based EFS. B. Low Water-Mark Mandatory Access Control. C. Linux based NFS. D. High Water-Mark Mandatory Access Control. |
Low Water-Mark Mandatory Access Control.
|
|
|
On Linux, LOMAC is implemented as:
A. Virtual addresses B. Registers C. Kernel built in functions D. Loadable kernel module |
Loadable kernel module
|
|
|
LOMAC is a security enhancement for what operating system?
A. Linux B. Netware C. Solaris |
Linux
|
|
|
What was introduced for circumventing difficulties in classic approaches to computer security by
limiting damages produces by malicious programs? A. Integrity-preserving B. Reference Monitor C. Integrity-monitoring D. Non-Interference |
Reference Monitor
|
|
|
A feature deliberately implemented in an operating system as a trap for intruders is called a:
A. Trap door B. Trojan horse C. Pseudo flaw D. Logic bomb |
Pseudo flaw
|
|
|
Fault tolerance countermeasures are designed to combat threats to
A. ) an uninterruptible power supply B. ) backup and retention capability C. ) design reliability D. ) data integrity |
design reliability
|
|
|
A Psuedo flaw is which of the following?
A. ) An apparent loophole deliberately implanted in an operating system program as a trap for intruders B. ) An omission when generating Psuedo-code C. ) Used for testing for bounds violations in application programming D. ) A normally generated page fault causing the system to halt |
An apparent loophole deliberately implanted in an operating system program as a trap for
intruders |
|
|
What Distributed Computing Environment (DCE) component provides a mechanism to ensure that
services are made available only to properly designated parties? A. Directory Service B. Remote Procedure Call Service C. Distributed File Service D. Authentication and Control Service |
Directory Service
|
|
|
What can be accomplished by storing on each subject a list of rights the subject has for every
object? A. Object B. Capabilities C. Key ring D. Rights |
Capabilities
|
|
|
In the Information Flow Model, what relates two versions of the same object?
A. Flow B. State C. Transformation D. Successive points |
Flow
|
|
|
What is a security requirement that is unique to Compartmented Mode Workstations (CMW)?
A. ) Sensitivity Labels B. ) Object Labels C. ) Information Labels D. ) Reference Monitors |
Information Labels
|
|
|
The Common Criteria (CC) represents requirements for IT security of a product or system under
which distinct categories? A. Functional and assurance B. Protocol Profile (PP) and Security Target (ST) C. Targets of Evaluation (TOE) and Protection Profile (PP) D. Integrity and control |
Functional and assurance
|
|
|
What are the assurance designators used in the Common Criteria (CC)?
A. EAL 1, EAL 2, EAL 3, EAL 4, EAL 5, EAL 6, and EAL 7 B. A1, B1, B2, B3, C2, C1, and D C. E0, E1, E2, E3, E4, E5, and E6 D. AD0, AD1, AD2, AD3, AD4, AD5, and AD6 |
EAL 1, EAL 2, EAL 3, EAL 4, EAL 5, EAL 6, and EAL 7
|
|
|
Which of the following uses protection profiles and security targets?
A. ) ITSEC B. ) TCSEC C. ) CTCPEC D. ) International Standard 15408 |
International Standard 15408
|
|
|
According to Common Criteria, what can be described as an intermediate combination of security
requirement components? A. ) Protection profile (PP) B. ) Security target (ST) C. ) Package D. ) The Target of Evaluation (TOE) |
Package
|
|
|
The Common Criteria construct which allows prospective consumers or developers to create
standardized sets of security requirements to meet there needs is A. a Protection Profile (PP). B. a Security Target (ST). C. an evaluation Assurance Level (EAL). D. a Security Functionality Component Catalog (SFCC). |
a Protection Profile (PP).
|
|
|
The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of
the following that the Orange Book did not address? A. ) integrity and confidentiality B. ) confidentiality and availability C. ) integrity and availability D. ) none of the above |
integrity and availability
|
|
|
Which of the following was developed by the National Computer Security Center (NCSC)?
A. ) TCSEC B. ) ITSEC C. ) DITSCAP D. ) NIACAP |
TCSEC
|
|
|
The Trusted Computer Security Evaluation Criteria (TBSEC) provides
A. a basis for assessing the effectiveness of security controls built into automatic data-processing system products B. a system analysis and penetration technique where specifications and document for the system are analyzed. C. a formal static transition model of computer security policy that describes a set of access control rules. D. a means of restricting access to objects based on the identity of subjects and groups to which they belong. |
a basis for assessing the effectiveness of security controls built into automatic data-processing
system products |
|
|
Which Orange Book evaluation level is described as "Verified Design"?
A. ) A1 B. ) B3 C. ) B2 D. ) B1 |
A1
|
|
|
Which of the following classes is defined in the TCSEC (Orange Book) as mandatory protection?
A. ) B B. ) A C. ) C D. ) D |
B
|
|
|
Which Orange Book security rating requires that formal techniques are used to prove the
equivalence between the TCB specifications and the security policy model? A. ) B2 B. ) B3 C. ) A1 D. ) A2 |
A1
|
|
|
According to the Orange Book, which security level is the first to require trusted recovery?
A. ) A1 B. ) B2 C. ) B3 D. ) B1 |
B3
|
|
|
According to the Orange Book, which security level is the first to require a system to protect
against covert timing channels? A. ) A1 B. ) B3 C. ) B2 D. ) B1 |
B3
|
|
|
Which of the following is not an Orange Book-defined operational assurance requirement?
A. ) System architecture B. ) Trusted facility management C. ) Configuration management D. ) Covert channel analysis |
Configuration management
|
|
|
Which of the following is least likely to be found in the Orange Book?
A. ) Security policy B. ) Documentation C. ) Accountability D. ) Networks and network components |
Networks and network components
|
|
|
According to the Orange Book, which security level is the first to require a system to support
separate operator and system administrator rules? A. ) A1 B. ) B1 C. ) B2 D. ) B3 |
B2
|
|
|
Which of the following is not an Orange book-defined life cycle assurance requirement?
A. ) Security testing B. ) Design specification and testing C. ) Trusted distribution D. ) System integrity |
System integrity
|
|
|
At what Trusted Computer Security Evaluation Criteria (TCSEC) or Information Technology
Security Evaluation Criteria (ITSEC) security level are database elements FIRST required to have security labels? A. A1/E6 B. B1/E3 C. B2/E4 D. C2/E2 |
B1/E3
|
|
|
Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria
(TCSEC) is incorrect? A. ) With TCSEC, functionality and assurance are evaluated separately. B. ) TCSEC provides a means to evaluate the trustworthiness of an information system C. ) The Orange Book does not cover networks and communications D. ) Database management systems are not covered by the TCSEC |
With TCSEC, functionality and assurance are evaluated separately.
|
|
|
Which of the following is the lowest TCSEC class wherein the systems must support separate
operator and system administrator roles? A. ) B2 B. ) B1 C. ) A1 D. ) A2 |
B2
|
|
|
Which TCSEC (Orange Book) level requires the system to clearly identify functions of security
administrator to perform security-related functions? A. ) C2 B. ) B1 C. ) B2 D. ) B3 |
B3
|
|
|
Which of the following statements pertaining to the trusted computing base (TCB) is false?
A. ) It addresses the level of security a system provides B. ) It originates from the Orange Book C. ) It includes hardware, firmware, and software D. ) A higher TCB rating will require that details of their testing procedures and documentation be reviewed with more granularity |
It addresses the level of security a system provides
|
|
|
Which of the following is not an Orange book-defined operational assurance requirement?
A. ) System architecture B. ) Trusted facility management C. ) Configuration management D. ) Covert channel analysis |
Configuration management
|
|
|
Which of the following focuses on the basic features and architecture of a system?
A. ) operational assurance B. ) life cycle assurance C. ) covert channel assurance D. ) level A1 |
operational assurance
|
|
|
Which level(s) must protect against both covert storage and covert timing channels?
A. ) B3 and A1 B. ) B2, B3 and A1 C. ) A1 D. ) B1, B2, B3 and A1 |
B3 and A1
|
|
|
According to the Orange Book, trusted facility management is not required for which of the
following security levels? A. ) B1 B. ) B2 C. ) B3 D. ) A1 |
B1
|
|
|
Which factor is critical in all systems to protect data integrity?
A. Data classification B. Information ownership C. Change control D. System design |
Data classification
|
|
|
Which of the following is not a common integrity goal?
A. ) Prevent unauthorized users from making modifications B. ) Maintain internal and external consistency C. ) Prevent authorized users from making improper modifications D. ) Prevent paths that could lead to inappropriate disclosure |
Prevent paths that could lead to inappropriate disclosure
|
|
|
Which security model introduces access to objects only through programs?
A. ) The Biba model B. ) The Bell-LaPadula model C. ) The Clark-Wilson model D. ) The information flow model |
The Clark-Wilson model
|
|
|
To ensure that integrity is attainted through the Clark and Wilson model, certain rules are
needed.These rules are: A. Processing rules and enforcement rules. B. Integrity-bouncing rules. C. Certification rules and enforcement rules. D. Certification rules and general rules. |
Certification rules and enforcement rules.
|
|
|
What can be defined as a formal security model for the integrity of subjects and objects in a
system? A. Biba B. Bell LaPadulaLattice C. Lattice D. Info Flow |
Biba
|
|
|
The Clark Wilson model has its emphasis on:
A. Security B. Integrity C. Accountability D. Confidentiality |
Integrity
|
|
|
What does * (star) integrity axiom mean in the Biba model?
A. ) No read up B. ) No write down C. ) No read down D. ) No write up |
No write up
|
|
|
Which access control model states that for integrity to be maintained data must not flow from a
receptacle of given integrity to a receptacle of higher integrity? A. Lattice Model B. Bell-LaPadula Model C. Biba Model D. Take-Grant Model |
Biba Model
|
|
|
Which one of the following is a KEY responsibility for the "Custodian of Data"?
A. Data content and backup B. Integrity and security of data C. Authentication of user access D. Classification of data elements |
Integrity and security of data
|
|
|
Which one of the following is true about information that is designated with the highest of
confidentiality in a private sector organization? A. It is limited to named individuals and creates and audit trail. B. It is restricted to those in the department of origin for the information. C. It is available to anyone in the organization whose work relates to the subject and requires authorization for each access. D. It is classified only by the information security officer and restricted to those who have made formal requests for access. |
It is available to anyone in the organization whose work relates to the subject and requires
authorization for each access. |
|
|
Related to information security, confidentiality is the opposite of which of the following?
A. ) closure B. ) disclosure C. ) disposal D. ) disaster |
disclosure
|
|
|
What is the main concern of the Bell-LaPadula security model?
A. ) Accountability B. ) Integrity C. ) Confidentiality D. ) Availability |
Confidentiality
|
|
|
Which of the following are the limitations of the Bell-LaPadula model?
A. No policies for changing access data control. B. All of the choices. C. Contains covert channels. D. Static in nature. |
All of the choices.
|
|
|
Which of the following is a state machine model capturing confidentiality aspects of access
control? A. Clarke Wilson B. Bell-LaPadula C. Chinese Wall D. Lattice |
Bell-LaPadula
|
|
|
With the BLP model, access permissions are defined through:
A. Filter rules B. Security labels C. Access Control matrix D. Profiles |
Access Control matrix
|
|
|
With the BLP model, security policies prevent information flowing downwards from a:
A. Low security level B. High security level C. Medium security level D. Neutral security level |
High security level
|
|
|
When will BLP consider the information flow that occurs?
A. When a subject alters on object. B. When a subject accesses an object. C. When a subject observer an object. D. All of the choices. |
All of the choices.
|
|
|
In the Bell-LaPadula model, the Star-property is also called:
A. ) The simple security property B. ) The confidentiality property C. ) The confinement property D. ) The tranquility property |
The confinement property
|
|
|
The Lattice Based Access Control model was developed MAINLY to deal with:
A. Affinity B. None of the choices. C. Confidentiality D. Integrity |
Integrity
|
|
|
With the Lattice Based Access Control model, a security class is also called a:
A. Control factor B. Security label C. Mandatory number D. Serial ID |
Security label
|
|
|
Under the Lattice Based Access Control model, a container of information is a(n):
A. Object B. Model C. Label |
Object
|
|
|
What Access Control model was developed to deal mainly with information flow in computer
systems? A. Lattice Based B. Integrity Based C. Flow Based D. Area Based |
Lattice Based
|
|
|
The Lattice Based Access Control model was developed to deal mainly with ___________ in
computer systems. A. Access control B. Information flow C. Message routes D. Encryption |
Information flow
|
|
|
In the Lattice Based Access Control model, controls are applied to:
A. Scripts B. Objects C. Models D. Factors |
Objects
|
|
|
Access control techniques do not include:
A. ) Rule-Based Access Controls B. ) Role-Based Access Controls C. ) Mandatory Access Controls D. ) Random Number Based Access Control |
Random Number Based Access Control
|
|
|
An access control policy for a bank teller is an example of the implementation of which of the
following? A. ) rule-based policy B. ) identity-based policy C. ) user-based policy D. ) role-based policy |
role-based policy
|
|
|
Access control techniques do not include which of the following choices?
A. ) Relevant Access Controls B. ) Discretionary Access Controls C. ) Mandatory Access Controls D. ) Lattice Based Access Controls |
Relevant Access Controls
|
|
|
What is called a type of access control where a central authority determines what subjects can
have access to certain objects, based on the organizational security policy? A. ) Mandatory Access Control B. ) Discretionary Access Control C. ) Non-discretionary Access Control D. ) Rule-based access control |
Non-discretionary Access Control
|
|
|
In non-discretionary access control, a central authority determines what subjects can have access
to certain objects based on the organizational security policy. The access controls may be based on: A. ) the society's role in the organization B. ) the individual's role in the organization C. ) the group-dynamics as they relate to the individual's role in the organization D. ) the group-dynamics as they relate to the master-slave role in the organization |
the individual's role in the organization
|
|
|
This is a common security issue that is extremely hard to control in large environments. It occurs
when a user has more computer rights, permissions, and privileges than what is required for the tasks the user needs to fulfill. What best describes this scenario? A. ) Excessive Rights B. ) Excessive Access C. ) Excessive Permissions D. ) Excessive Privileges |
Excessive Privileges
|
|
|
The default level of security established for access controls should be
A. All access B. Update access C. Read access D. No access |
No access
|
|
|
Access Control techniques do not include which of the following choices?
A. ) Relevant Access Controls B. ) Discretionary Access Control C. ) Mandatory Access Control D. ) Lattice Based Access Controls |
Relevant Access Controls
|
|
|
Which of the following is a type of mandatory access control?
A. ) Rule-based access control B. ) Role-based access control C. ) User-directed access control D. ) Lattice-based access control |
Rule-based access control
|
|
|
A central authority determines what subjects can have access to certain objects based on the
organizational security policy is called: A. ) Mandatory Access Control B. ) Discretionary Access Control C. ) Non-Discretionary Access Control D. ) Rule-based Access Control |
Non-Discretionary Access Control
|
|
|
What can be defined as a table of subjects and objects indicating what actions individual subjects
can take upon individual objects? A. ) A capacity table B. ) An access control list C. ) An access control matrix D. ) A capability table |
An access control matrix
|
|
|
What access control methodology facilitates frequent changes to data permissions?
A. Rule-based B. List-based C. Role-based D. Ticket-based |
Rule-based
|
|
|
Which of the following is a means of restricting access to objects based on the identity of the
subject to which they belong? A. Mandatory access control B. Group access control C. Discretionary access control D. User access control |
Discretionary access control
|
|
|
What is the method of coordinating access to resources based on the listening of permitted IP
addresses? A. MAC B. ACL C. DAC D. None of the choices. |
ACL
|
|
|
What control is based on a specific profile for each user?
A. Lattice based access control. B. Directory based access control. C. Rule based access control. D. ID based access control. |
Rule based access control.
|
|
|
In a very large environment, which of the following is an administrative burden?
A. Rule based access control. B. Directory based access control. C. Lattice based access control D. ID bases access control |
ID bases access control
|
|
|
Which of the following is a feature of the Rule based access control?
A. The use of profile. B. The use of information flow label. C. The use of data flow diagram. D. The use of token. |
The use of profile.
|
|
|
What is an access control model?
A. A formal description of access control ID specification. B. A formal description of security policy. C. A formal description of a sensibility label. D. None of the choices. |
A formal description of security policy.
|
|
|
Which of the following is true about MAC?
A. It is more flexible than DAC. B. It is more secure than DAC. C. It is less secure than DAC. D. It is more scalable than DAC. |
It is more secure than DAC.
|
|
|
Which of the following is true regarding a secure access model?
A. Secure information cannot flow to a more secure user. B. Secure information cannot flow to a less secure user. C. Secure information can flow to a less secure user. D. None of the choices. |
Secure information cannot flow to a less secure user.
|
|
|
In the Information Flow Model, what acts as a type of dependency?
A. State B. Successive points C. Transformation D. Flow |
Flow
|
