5 - Security Architecture and Design Flashcards
1
Q
- What is the principle of least privilege?a. All users are assigned a minimum standard level of access, then additional access is granted as neededb. A system is designed so there are the fewest number of different security access levels as possiblec. Users are assigned only enough access to accomplish their work tasksd. The least privileged users are assigned roles
A
C: The principle of least privilege is users are assigned only enough access to accomplish their work tasks.
2
Q
- What security model is a directed graph that indicates the rights or privileges that a subject can transfer to an object or that a subject can obtain from another subject?a. State machine modelb. Bell-LaPadula modelc. Clark-Wilson modeld. Take-grant model
A
D: The take-grant model is a directed graph that indicates the rights or privileges that a subject can transfer to an object or that a subject can obtain from another subject.
3
Q
- If the operating system fails to establish boundaries for the size and type of data that can be inputted, what malicious event or activity can occur?a. Denial of serviceb. Logic bombc. Buffer overflowd. Virus infection
A
C: Failing to control input may result in a buffer overflow.
4
Q
- Which operating state represents a process in normal execution?a. Ready stateb. Wait statec. Supervisory stated. Problem state
A
D: The problem state is the state of a process performing normal execution.
5
Q
- In order for an OS to remain stable, what must it be able to accomplish or perform?a. At least one calculation per secondb. Grant limited access to unauthorized usersc. Protect itself from users and softwared. Operate at Ring 3
A
C: An OS must protect itself from users and software to remain stable.
6
Q
- What mode of operation exists when all users have the authorization and need-to-know to access all resources?a. Dedicated security modeb. System-high security modec. Compartmentalized security moded. Multilevel security mode
A
A: Dedicated security mode exists when all users have the authorization and need-to-know to access all resources.
7
Q
- At which Ring of protection do device drivers operate?a. Ring 0b. Ring 1c. Ring 2d. Ring 3
A
C: Ring 2 is for device drivers.
8
Q
- What mechanism is used for a lower protection ring entity to communicate with a higher protection ring entity?a. Hashingb. RPCc. Covert channeld. System call
A
D: A system call is needed for a lower protection ring entity to communicate with a higher protection ring entity.
9
Q
- Of the four possible operating states of a system, which represents the state within which an application is being actively processed?a. Problem stateb. Ready statec. Wait stated. Supervisory state
A
A: The problem state is the execution of an application.
10
Q
- The orange book security classifications such as C2 and B1 are focused on what?a. The entire computerb. The trusted computer basec. The entire networkd. Just the CPU and primary storage
A
B: The orange book classifications are focused on the TCB.
11
Q
- Secondary storage is?a. Nonvolatile storage, such as a hard driveb. The RAM in a computerc. Allocated memory for programsd. The combination of RAM and space from a paging file
A
A: This is secondary storage.
12
Q
- What is the most trusted component of a computer?a. Memoryb. CPUc. Hard drived. Network interface
A
B: The CPU is the most trusted component of a computer.
13
Q
- A buffer overflow can cause all but which of the following?a. network throttlingb. system freezingc. system rebootingd. data corruption
A
A: Network throttling is usually not a function, symptom, or effect of a buffer overflow. Network throttling is a control feature to limit the bandwidth consumed by a specific application or service
14
Q
- Once data has been processed by the CPU for a program, it is moved into memory areas known as?a. primary storageb. real storagec. secondary storaged. virtual storage
A
B: Once data has been processed by the CPU, it is moved into memory areas known as real storage. Real storage is the memory address space allocated for use by programs.
15
Q
- What type of memory storage requires constant updates because the data it stores dissipates and decays?a. Static RAM or Random Access Memoryb. ROM or Read Only Memoryc. Dynamic RAM or Random Access Memoryd. EPROM or Erasable and Programmable Read Only Memory
A
C: Dynamic RAM or Random Access Memory requires constant updates because the data it stores dissipates and decays.
16
Q
- Which of the following is the fastest form of memory?a. secondaryb. virtualc. reald. cache
A
D: Cache memory is a form of high-speed memory accessed directly by the CPU that operates at a higher rate than real memory.
17
Q
- For security to be effective which of the following should not be true?a. security is added to a product after its initial developmentb. security is integrated into a product at the design stagec. security is engineered into the productd. security is implemented by default in the product
A
A: Adding security as an afterthought is not an effective means to provide adequate, functional, or even reliable security.
18
Q
- Once security is implemented into the design of a product, it should also be all but which of the following?a. testedb. disabledc. certifiedd. audited
A
B: Security should not be disabled once it has been integrated into a product.
19
Q
- If the operating system or an application fails to set boundaries on input data, what problem can occur?a. session hijackingb. access grabbingc. buffer overflowd. information disclosure
A
C: Failing to defined boundaries for input can result in a buffer overflow error.
20
Q
- When a buffer overflow occurs, the extra data may flow into the CPU and cause what?a. loss of privilegesb. the system to drop the extra datac. an error event log is writtend. execution of malicious code in privileged mode
A
D: Buffer overflows often result in the execution of malicious code in privileged mode.
21
Q
- The act of positioning data in one security division that is not accessibly by a subject of another security division is called what?a. Data hidingb. Layeringc. Data diddlingd. Abstraction
A
A: Data hiding is the placement of data in a different security level than a given subject in order to hide it from that subject.
22
Q
- Which of the following security models is focused on protecting confidentiality?a. Biba modelb. Bell-LaPadula modelc. Take-Grant modeld. Clark-Wilson model
A
B: The Bell-LaPadula model is focused on protecting confidentiality.
23
Q
- Which of the books from the Rainbow series is concerned with the interactions of computers over a communication medium?a. Orangeb. Tanc. Redd. Purple
A
C: The red book is concerned with the interactions of computers over a communication medium
24
Q
- The ability for a single processor computer system to execute more than one process simultaneously is known as?a. multithreadingb. multitaskingc. multiprocessingd. multiplexing
A
B: Multitasking is when a computer system can execute more than one process simultaneously.
25
25. The _______________ a security system, the _______________ it provides. a. less complex, less assurance b. greater complexity, greater assurance c. more complex, less assurance d. more complex, more assurance
C: The more complex a security system, the less assurance it provides.
26
26. The collection of mechanisms within a computer system that work in harmony to enforce and support a security policy is known as? a. Ring 0 b. an assurance package c. white box system d. trusted computing base
D: The collection of mechanisms within a computer system that work in harmony to enforce and support a security policy is known as the trusted computing base or TCB.
27
27. Trusted computing base is important for all but which of the following reasons? a. TCB ensures that a properly designed system is fully secured. b. If the TCB meets specific requirements, it can be said to provide a specific level of trust. c. TCB can be built into a system, evaluated, and certified. d. TCB certification provides a standardized system to compare the security capabilities between different systems and to provide a standardized label of the level of security it provides.
A: No system is fully secure. TCB provides a means to measure and evaluate the level of security offered.
28
28. In a trusted computer that employs the concept of protection rings, in which ring are hardware drivers typically located? a. Ring 0 b. Ring 1 c. Ring 2 d. Ring 3
C: Device drivers are typically located in Ring 2.
29
29. If a process in a higher protection ring number needs to communicate with a process or resource in a lower protection ring number, what must occur? a. buffer overflow b. execution priority shift c. the process must be moved to a lower ring number d. system call
D: A system call is required for a a process in a higher ring number needs to communicate with a process or resource in a lower ring number.
30
30. Which of the four possible operating states is exemplified by a processes that will resume execution as soon as its print job is fully sent to the print server? a. Wait state b. Ready state c. Problem state d. Supervisory state.
A: The wait state is the state of a process waiting for a specific event to finish, such as a print job.
31
31. What component of a computer system is the most trusted element? a. CPU b. memory c. storage devices d. network interface
A: The CPU is the most trusted component of a computer system.
32
32. Memory is controlled using a kernel level memory mapper and manager. This establishes an access control layer between software and memory, why? a. prevents buffer overflows b. software is not trusted c. helps to minimize the use of secondary storage d. required by D1 TCSEC certification
B: Software is not trusted, therefore it is isolated from managing hardware (i.e. memory) directly.
33
33. The security model that defines the relationships that allow a subject to transfer rights to objects is known as? a. Bell-LaPadula model b. Biba model c. Clark-Wilson model d. Take-Grant model
D: The Take-Grant model defines the relationships that allow a subject to transfer rights to objects. It also defines the rights that a subject can take from another subject.
34
34. The Bell-LaPadula security model is primarily concerned with protecting? a. confidentiality b. integrity c. non-repudiation d. accountability
A: The Bell-LaPadula security model is primarily concerned with confidentiality.
35
35. The primary regulation of the Bell-LaPadula security model is? a. * (star) integrity axiom b. * (star) property rule c. No write up d. No read down
B: The * (star) property rule, no write down, is the primary regulation of the Bell-LaPadula security model.
36
36. The Bell-LaPadula's simple security rule is what? a. no write up b. no write down c. no read up d. no read down
C: No read up, the simple security rule, is the secondary regulation of the Bell-LaPadula security model.
37
37. Resource isolation provides for all but which of the following? a. only auditing and tracking of major events b. subject and object are clearly identified c. enforced accountability d. independent assignment of permissions and rights
A: Resource isolation provides for auditing and tracking of all events, including minor ones.
38
38. The separation of memory physically instead of just logically is an example of and a requirement for what? a. trusted computing base b. hardware segmentation c. a division between user mode and kernel mode d. data classification levels
B: The separation of memory physically instead of just logically is an example of and a require for hardware segmentation.
39
39. _____________ means subjects are granted only the minimal amount of access required for them to complete their assigned work tasks. a. need to know b. separation of duties c. least privilege d. privilege elevation
C: Least privilege (or the principle of least privilege) means subjects are granted only the minimal amount of access required for them to complete their assigned work tasks.
40
40. The method used to restrict communications to detailed and controlled interfaces in order to maintain the security of a system is? a. data diddling b. data hiding c. abstraction d. layering
D: Laying restricts communications to detailed and controlled interfaces in order to maintain the security.
41
41. The absence of a communication interface between security layers in order to prevent subjects from obtaining knowledge of a confidential resource is what? a. data hiding b. layering c. data classification d. abstraction
A: Data hiding is placing restricted data in a different security domain so a specific subject is unaware of its existence. Data hiding is also the absence of a communication interface between security layers in order to prevent subjects from obtaining knowledge of a confidential resource.
42
42. Which of the following is not true of a state machine model? a. is secure in every instance of its existence b. executes commands but not transactions securely c. boots into a secure state, even after an error is encountered d. restricts subjects to access resources
B: A state machine model executes commands and transactions securely.
43
43. The columns of an access control matrix are known as? a. capability lists b. tuples c. access control lists d. ordinal sets
C: A column of an access control matrix is known as an access control list.
44
44. The orange book from the TCSEC rainbow series addresses what? a. auditing b. stand-alone systems c. interactions of computers over a communication medium d. development of production-quality formal verification systems
B: The orange book is concerned with stand-alone systems.
45
45. Which of the following is not true in regards to security domains? a. Interactions between a security domain and a TCB must be strictly regulated and controlled to maintain security. b. A security domain contains the objects and resources that a specific subject can access. c. The O/S when operating in user mode has access to a larger security domain than when operating in kernel mode. d. Security domains must be clearly identified, separated, and enforced.
C: The O/S when operating in kernel mode has access to a larger security domain than when operating in user mode.
46
46. Which of the following is not true in regards to an application executing in user mode? a. cannot access hardware directly b. memory access is handled by a mediator c. can access resources only within its own security domain d. It should be closely monitored since it is directly interacting with sensitive resources
D: Applications executing in user mode do not have direct access to sensitive resources. Only application in kernel mode have such access.
47
47. Which of the following is not an element of the Clark-Wilson security model? a. subjects can access resources only through authorized interfaces b. the classifications or levels of access are defined c. separation of duties is compulsory d. auditing is mandatory
B: The Biba security model uses three levels of integrity axioms: high, medium, and low. Clark-Wilson does not.
48
48. The management of the movement of data between classification levels is the primary concern of which security model? a. Biba b. Clark-Wilson c. Information Flow d. Noninterference
C: The Information Flow model controls how data is moved to and from approved levels.
49
49. What security model is concerned with preventing the actions of subjects at one security level from being noticed by or affecting subjects at a different security level. a. Biba b. Clark-Wilson c. Information Flow d. Noninterference
D: The Noninterference model is concerned with preventing the actions of subjects at one security level from being noticed by or affecting subjects at a different security level.
50
50. Which of the following is not a weakness of the Bell-LaPadula security model?
D: Bell-LaPadula is based on a multilevel security policy.
51
51. The Biba security model is primarily concerned with protecting? a. integrity b. disclosure c. availability d. confidentiality
A: The Biba security model is primarily concerned with integrity.
52
52. The * (star) integrity axiom of the Biba security model is what? a. no write down b. no write up c. no read down d. no read up
B: No write up, the * (star) integrity axiom, is the primary regulation of the Biba security model.
53
53. Within what security mode does the system function at a single security level? a. system-high security mode b. multilevel security mode c. dedicated security mode d. compartmented security mode
C: A system within the dedicated security mode functions at a single security level.
54
54. A system is labeled as having __________ when all of the security protection mechanism work in concert to process and handle sensitive data without violating the trusted computer base or the applicable security policy. a. assurance b. certification c. accreditation d. trust
D: A system is labeled as trusted when all of the security protection mechanism work in concert to process and handle sensitive data without violating the trusted computer base or the applicable security policy.
55
55. The European standards for security evaluation criteria is known as? a. Information Technology Security Evaluation Criteria (ITSEC) b. Common Criteria (CC) c. European Union Trusted Computer System Evaluation Criteria (EU TCSEC) d. Trusted Computer System Evaluation Criteria (TCSEC)
A: Information Technology Security Evaluation Criteria (ITSEC) is the set of European standards.
56
56. What security model was developed as the integrity analog to the Bell-LaPadula security model? a. Take-Grant b. Clark-Wilson c. Biba d. Information Flow
C: The Biba security model developed as the integrity analog to the Bell-LaPadula security model.
57
57. A security model that employs the boundary controls of least upper bound (LUB) and greatest lower bound (GLB) is commonly referred to as? a. the Biba model b. the non-interference model c. the integrity model d. a lattice model
D: The lattice model uses the boundary controls of least upper bound (LUB) and greatest lower bound (GLB)
58
58. Which security model is focused on preventing authorized users from making unauthorized modifications to data? a. Clark-Wilson b. Bell-LaPadula c. Biba d. Take-Grant
A: Clark-Wilson model is focused on preventing authorized users from making unauthorized modifications to data.
59
59. What security mode is represented by the state when all users have the clearance and need to know for all information stored on a system? a. dedicated security mode b. system-high security mode c. compartmented security mode d. multilevel security mode
A: Dedicated security mode is represented by the state when all users have the clearance or need to know for all information stored on a system.
60
60. What security mode is represented by the state when users are limited to resource access based on need to know and formal access approval? a. multilevel security mode b. compartmented security mode c. system-high security mode d. dedicated security mode
B: Compartmented security mode is represented by the state when users are limited to resource access based on need to know and formal access approval (i.e. real-time clearance for access by a superior).
61
61. What is the minimum Trusted Computer System Evaluation Criteria (TCSEC) security level that directly addresses covert channels? a. C2 b. B1 c. B2 d. A1
C: B2 is the minimum Trusted Computer System Evaluation Criteria (TCSEC) security level that directly addresses covert channels.
62
62. Which of the following is not true in regards to Trusted Computer System Evaluation Criteria (TCSEC)? a. addresses confidentiality b. work with government data classifications c. employs only a few specific ratings d. addresses network connectivity
D: Trusted Computer System Evaluation Criteria (TCSEC) does not address network connectivity, rather is only addresses stand alone systems. Trusted Computer System Evaluation Criteria (TCSEC) is the orange book.
63
63. Which of the following is not true in regards to the Red book from the rainbow series? a. addresses centralized and distributed networks with one or more accreditation authorities b. addresses network connectivity c. rates confidentiality and integrity d. addresses denial of service protection
A: The Red book (Trusted Network Interpretation) only addresses centralized networks with a single accreditation authority.
64
64. Which Trusted Computer System Evaluation Criteria (TCSEC) security label requires mandatory protection mechanisms and controls? a. A b. B c. C d. D
B: Trusted Computer System Evaluation Criteria (TCSEC) security label B requires mandatory protection mechanisms and controls.
65
65. Which of the following Trusted Computer System Evaluation Criteria (TCSEC) security labels represents those systems with the least degree of trust? a. A1 b. B2 c. B1 d. B3
C: B1 is the Trusted Computer System Evaluation Criteria (TCSEC) security label that represents those systems with the least degree of trust (among those labels listed in this question).
66
66. Which of the following is not an evaluation criteria for establishing TCSEC security labels? a. continuous protection b. identification c. accountability d. mandatory access controls
D: Mandatory access controls is not an evaluation criteria, but the defining characteristic of systems with a level B rating. Other evaluation criteria not listed here include security policy, labels, documentation, and life cycle assurance.
67
67. What security label from the Trusted Computer System Evaluation Criteria (TCSEC) represents those systems with the most secure configurations? a. A b. B c. C d. D
A: A is the highest Trusted Computer System Evaluation Criteria (TCSEC) label for security.
68
68. Which TCSEC security label represents systems that employ security domains? a. C1 b. B3 c. C2 d. B2
B: B3 is the Trusted Computer System Evaluation Criteria (TCSEC) security label that represents systems that employ security domains.
69
69. Which is the least effective way to prevent the use of covert channels? a. firewalls b. vulnerability scanners c. anti-virus software d. noise
D: Noise and traffic generation are the least effective means to protect against the use of covert channels.
70
70. Which of the following is not an effective countermeasure against buffer overflows? a. port blocking b. verifying input data c. verify data type for input d. adherence to security procedures during life cycle phases
A: Port blocking is not an effective countermeasure against buffer overflows. Buffer overflows occur because too much invalid data is submitted over an otherwise legitimate communications session.
71
71. A means by which a hacker can gain access to an operating system by planting a piece of software or opening a hole in the security is known as? a. maintenance hook b. back door c. Trojan horse d. covert channel
B: Back door is software or a break in a system's security imposed by a hacker that allows them to reconnect to a system at a later date.
72
72. The B2 Trusted Computer System Evaluation Criteria (TCSEC) security label is roughly equivalent to which of the following Information Technology Security Evaluation Criteria (ITSCE) security labels? a. E3 b. E4 c. E5 d. E6
B: The Information Technology Security Evaluation Criteria (ITSCE) E4 rating is roughly the equivalent of the Trusted Computer System Evaluation Criteria (TCSEC) B2 rating.
73
73. Which of the security evaluation methods employs protection profiles to specify security requirements? a. Trusted Computer System Evaluation Criteria (TCSEC) b. Information Technology Security Evaluation Criteria (ITSEC) c. Common Criteria (CC) d. European Union Trusted Computer System Evaluation Criteria (EU TCSEC)
C: The Common Criteria (CC) security evaluation method employs protection profiles to specify security requirements.
74
74. _________________ must be rechecked or re-verified after a specific period of time or after significant changes occur. a. Certification b. Accreditation c. Neither Certification nor Accreditation d. Both Certification and Accreditation
D: Both Certification and Accreditation must be rechecked or re-verified after a specific period of time or after significant changes occur.
75
75. Which of the following is not an effective countermeasure against backdoors and maintenance hooks? a. adherence to security protocols during life cycle phases b. network based intrusion detection systems c. strong authentication d. strong access controls
C: Strong authentication is not an effective countermeasure against backdoors and maintenance hooks since these subversive means to gain access to a system usually bypass the identification and authentication processes.
76
76. Which of the following is not an example of a covert channel being used to transmit data or a signal? a. a blinking light on a device b. a fraudulently marked bad sector on a hard drive c. a network packet sent repeatedly for a specific length of time d. a dedicated VPN link between the local LAN and a remote client
D: A dedicated VPN is not a covert channel.
77
77. Which of the following is not one of the three types of NIACAP (National Information Assurance Certification and Accreditation Process) accreditations? a. domain b. site c. type d. system
A: NIACAP does not offer a domain accreditation.
78
78. The Information Technology Security Evaluation Criteria (ITSEC) evaluates what two attributes separately that Trusted Computer System Evaluation Criteria (TCSEC) evaluates together? a. confidentiality and integrity b. functionality and assurance c. availability and authentication d. accountability and non-repudiation
B: ITSEC evaluates functionality and assurance separately while TCSEC evaluates them together.
79
79. The formalized certification and accreditation method employed by the department of defense is known as? a. Defense Information Technology Security Certification and Accreditation Process (DITSCAP) b. National Information Assurance Certification and Accreditation Process (NIACAP) c. Commercial Information Security Analysis Process (CIAP) d. Common Criteria (CC)
A: Defense Information Technology Security Certification and Accreditation Process (DITSCAP) is the certification and accreditation method employed by the department of defense.
80
80. Which of the following is not true in regards to closed systems? a. proprietary b. published specifications for easy 3rd party component development c. offers some level of security through obscurity d. not exemplified by Microsoft, Apple, or UNIX operating systems
B: Open systems have published specifications for easy 3rd party component development, not closed systems.
81
81. An information path that is not normally used to communicate information and therefore unprotected by the system's security mechanisms is known as? a. TEMPEST b. backdoor c. covert channel d. data remanence
C: A covert channel is an information path that is not normally used to communicate information and therefore unprotected by the system's security mechanisms. Covert channels are a means by which data can be secretly disclosed to other systems or users. The two types of covert channels are storage and timing.
82
82. Which security model is designed to protect confidentiality? a. Biba model b. Bell-LaPadula model c. Clark-Wilson model d. State machine model
B: The Bell-LaPadula model was designed to protect confidentiality.
83
83. The Biba model is ____________. a. A confidentiality protection scheme b. Based on user roles c. Lattice based d. An integrity analog of the Clark-Wilson model.
C: Biba is lattice based.
84
84. Which of the following is true? a. The levels in the lattice structure of the Biba model are bound by the least lower bound and the greatest upper bound. b. The Clark-Wilson model maintains resource availability. c. The Information Flow model restricts traffic flow to within the current security level. d. The noninterference model ensures that the actions of subjects at one security level are unseen and make no effect on objects or subjects at a different security level.
D: The noninterference model ensures that the actions of subjects at one security level are unseen and make no effect on objects or subjects at a different security level.
85
85. Which security model is an example of a multi-level security mode? a. Biba model b. Bell-LaPadula model c. Clark-Wilson model d. Non-interference model
B: The Bell-LaPadula model is an example of a multilevel security mode.
86
86. Which of the following is an example of a multi-level security model? a. Bell-LaPadula b. Information flow c. Clark-Wilson d. Take-Grant
A: Bell-LaPadula is an example of a multi-level security model.
87
87. Which of the following is secure in each and every instance of its existence? a. expert system b. state machine model c. neural network d. trusted computing base
B: A state machine model is secure in each and every instance of its existence.
88
88. Which of the following is a rule of the Bell-LaPadula model? a. * (star) property rule b. No Read down c. * (star) integrity axiom d. No write up
A: The * (star) property rule (no write down) is a rule of the Bell-LaPadula model.
89
89. All but which of the following is a classification evaluation criteria for the B1 level of Trusted Computer System Evaluation Criteria (TCSEC)? a. each object must have a classification label b. each subject must have a clearance label c. restrictions against covert channels. d. data leaving the system must have an accurate security label
C: B2 is the level which requires restrictions against cover channels, not B1.
90
90. What level of Trusted Computer System Evaluation Criteria (TCSEC) certification has a requirement of verified protection? a. C2 b. B2 c. B3 d. A1
D: A1 TCSEC certification has a requirement of verified protection.
91
91. Which grade or level of the TCSEC requires mandatory protection mechanisms? a. A b. B c. C d. D
B: Level B requires mandatory protection mechanisms.
92
92. Which of the following TCSEC classifications offers the highest level of security? a. C2 b. B3 c. A1 d. D
C: The TCSEC label A1 offers the highest level of security.
93
93. Which of the following is not an element of the evaluation criteria of TCSEC? a. Security policy b. Subject identification mechanisms c. Continuous protection d. System platform
D: The actual platform of the system is not an evaluation criteria of TCSEC. Any platform that can meet the security requirements can qualify.
94
94. The Trusted Network Interpretation (TNI), an extension of the orange book, can be found in what book? a. Red book b. Blue book c. Yellow book d. Purple book
A: The Red book is the Trusted Network Interpretation (TNI).
95
95. What is the equivalent or comparable system security evaluation method to the TCSEC that is used primarily in Europe? a. Trusted Data Base Management System (TDI) b. Information Technology Security Evaluation Criteria (ITSEC) c. Common Criteria (CC) d. Trusted Network Interpretation (TNI)
B: The Information Technology Security Evaluation Criteria (ITSEC) is the TCSEC equivalent used in Europe.
96
96. Which of the following represents the highest possible guarantee of security? a. Trust b. Privacy c. Assurance d. Confidentiality
C: Assurance represents the highest guarantee of security.
97
97. The Trusted Computer System Evaluation Criteria (TCSEC) is published in a book with what color cover? a. Blue b. Red c. Yellow d. Orange
D: The Trusted Computer System Evaluation Criteria (TCSEC) is the orange book.
98
98. When a system is approved or verified to operate within a specific security mode, it is said to be? a. Certified b. Assured c. Accredited d. Verified
C: When a system is approved or verified to operate within a specific security mode, it is said to be accredited.
99
99. What certification and accreditation process has been developed to be used in the private sector? a. DITSCAP b. NIACAP c. ITSECAP d. CIAP
D: CIAP or Commercial Information Security Analysis Process is a private sector certification and accreditation process.
100
100. Which of the following contains two types of covert channels a. Storage and timing b. Memory and timing c. I/O and processing d. Device and protocol
A: The two types of covert channels are storage and timing.
101
101. The ITSEC classification uses different ratings than that of the TCSEC. What is the TCSEC equivalent of the ITSEC E4? a. B2 b. C1 c. A1 d. B3
A: B2 it the TCSEC equivalent of ITSEC E4.
102
102. C2 is the lowest TCSEC classification that requires which of the following? a. No data remanence b. Each object must be assigned a classification level c. Prevention of covert channels d. Distinct process isolation
A: C2 is the lowest TCSEC classification to require no data remanence.
103
103. Which of the following is not true regarding the orange book? a. Addressed only confidentiality b. Is a government/military specific evaluation method c. Is applicable to networks d. Employs a few number of ratings and therefore has a restricted set of evaluation criteria
C: The TCSEC orange book only applies to stand-alone systems, not to networks.
104
104. What replaced TCSEC in Dec 2000? a. ITSEC b. Common Criteria c. IEEE 1394 d. DITSCAP
B: The Common Criteria (CC) replaced TCSEC.
105
105. Which of the following is not a classification level defined in the Red Book (Trusted Network Interpretation) (TNI)? a. No classification assigned b. C2 c. B2 d. A1
D: A1 is not a classification defined in the Red book.
