Ch.8

Question 1

What is system accreditation?
A. Formal acceptance of a stated system configuration
B. Functional evaluation of the manufacturer’s goals for each hardware and software component to meet integration standards
C. Acceptance of test results that prove the computer system enforces the security policy
D. The process to specify secure communication between machines

Answer 1

A. Formal acceptance of a stated system configuration

Question 2

What is a closed system?
A. A system designed around final, or closed, standards
B. A system that includes industry standards
C. A proprietary system that uses unpublished protocols
D. Any machines that does not run windows

Answer 2

C. A proprietary system that uses unpublished protocols

Question 3

Which best described a confined or constrained process?
A. A process that can run only for a limited time
B. A process that can run only during certain times of the day
C. A process that can access only certain memory locations
D. A process that controls access to an object

Answer 3

C. A process that can access only certain memory locations

Question 4

What is an access object?
A. A resource a user or process wants to access
B. A user or process that wants to access a resource
C. A list of valid access rules
D. The sequence of valid access types

Answer 4

A. A resource a user or process wants to access

Question 5

6. What is a security control?

A. A security component that stores attributes that describe an object
B. A document that lists all data classification types
C. A list of valid access rules
D. A mechanism that limits access to an object

Answer 5

Answer: D

A control limits access to an object to protect it from misuse by unauthorized users.

Question 6

9. What is a trusted computing base (TCB)?

A. Hosts on your network that support secure transmissions
B. The operating system kernel and device drivers
C. The combination of hardware, software, and controls that work together to enforce a security policy
D. The software and controls that certify a security policy

Answer 6

Answer: C

The TCB is the combination of hardware, software, and controls that work together to enforce a security policy.

Question 7

10. What is a security perimeter? (Choose all that apply.)

A. The boundary of the physically secure area surrounding your system
B. The imaginary boundary that separates the TCB from the rest of the system
C. The network where your firewall resides
D. Any connections to your computer system

Answer 7

Answer: A;B

Although the most correct answer in the context of this chapter is Option B, Option A is also a correct answer in the context of physical security.

Question 8

11. What part of the TCB concept validates access to every resource prior to granting the requested access?

A. TCB partition
B. Trusted library
C. Reference monitor
D. Security kernel

Answer 8

Answer: C

The reference monitor validates access to every resource prior to granting the requested access. Option D, the security kernel, is the collection of TCB components that work together to implement the reference monitor functions. In other words, the security kernel is the implementation of the reference monitor concept. Options A and B are not valid TCB concept components.

Question 9

What technique may database administrators use to prevent inference attacks by presenting different data to users of different security clearance levels?
A. Polyinstantiation
B. Aggregation
C. Provisioning 
D. Semantic Integrity

Answer 9

A. Polyinstantiation

Question 10

Which of the following models primarily deals with integrity?
A. Bell LaPadula
B. Biba
C. Clark-Wilson
D. Budweiser

Answer 10

B. Biba

C. Clark-Wilson