Term
| What does the acronym DSL stand for as it relates to security design? |
|
Definition
| Defense in depth, Reducing single points of failure, reducing weakest links |
|
|
Term
| ________ sets a standard for addressing security throughout the development, deployment, and implementation schedule. |
|
Definition
|
|
Term
|
Definition
| Enterprise Security Architecture |
|
|
Term
|
Definition
| Information Security Architecture |
|
|
Term
|
Definition
| A well-recognized and accepted approach |
|
|
Term
| ___________ is a high level perspective of how business requirements are to be structured. |
|
Definition
|
|
Term
| ____________ is a defined approach to the process used to achieve the goals of an architecture. |
|
Definition
|
|
Term
| ____________ refers to the integrated building blocks that support the goals of the architecture. |
|
Definition
|
|
Term
| A security ___________ outlines how security is to be implemented within the organization. |
|
Definition
|
|
Term
| What is the difference between strategic and tactical? |
|
Definition
| Strategic is a long-range perspective and tactical is short range |
|
|
Term
| What are the four computer architecture layers? |
|
Definition
| Applications, Utilities, Operating Systems, and Hardware |
|
|
Term
| A __________ is a large, fault tolerant, multiuser computer engineered to run without interruption for long periods of time. |
|
Definition
|
|
Term
| ____________ is a smaller system architected into a centralized model. |
|
Definition
|
|
Term
| __________ are also kn own a desktops. |
|
Definition
|
|
Term
| A __________ is the interface device that enables a computer to communicate over various media. |
|
Definition
|
|
Term
| A ____________ connects a wired network to a wireless network. |
|
Definition
|
|
Term
| A ____________ is a bridge that connects to nodes wirelessly. |
|
Definition
|
|
Term
| A ______________ is a device that integrates a wireless access point with an IP Router and an Ethernet Switch. |
|
Definition
|
|
Term
| A _____________ can increase the range of an existing wireless network. |
|
Definition
|
|
Term
| _____________ is software that is permanently embedded in hardware and typically provides low-level services and/or control of hardware. |
|
Definition
|
|
Term
| What are the two main components of a CPU? |
|
Definition
| Control Unit and Arithmetic Logic Unit. |
|
|
Term
| What does a CPU's control unit do? |
|
Definition
| Handles instructions, handles I/O, and handles clock cycles |
|
|
Term
| _____________ refers to the concurrent performance/interleaved execution of two or more tasks. |
|
Definition
|
|
Term
| ___________ refers to the interleaved execution of two or more programs by a processor. |
|
Definition
|
|
Term
| ______________ refers to the simultaneous execution of two or more programs by a computer. Generally refers to parallel processing by two or more processors of a multiprocessor. |
|
Definition
|
|
Term
| ___________ refers to two or more processors on a single chip. |
|
Definition
|
|
Term
| ______________ allows several processors to share the same resource. |
|
Definition
|
|
Term
| ____________ allows a hardware device to access system memory without having to go through a CPU. |
|
Definition
|
|
Term
| _______________ are systems that support mission critical services such as flight controls. |
|
Definition
|
|
Term
| What are the two types of Virtual Machine Architecture? |
|
Definition
|
|
Term
| The ___________ state is used to execute a system's programs. In this state, a program can access the entire system and execute both privileged and non-privileged instructions. |
|
Definition
|
|
Term
| The __________ state, sometimes called the user state or program state, is intended for programs which execute non-privileged instructions. |
|
Definition
|
|
Term
| What state is the CPU in when it is executing instructions? |
|
Definition
|
|
Term
| What state is the CPU in when it is idle because there is either no input or it is waiting for another process to run? |
|
Definition
|
|
Term
| A ______ state is unable to until an external event occurs. |
|
Definition
|
|
Term
| The ___________ is responsible for moving data in and out of memory. |
|
Definition
|
|
Term
| The ___________ consists of several components - software, firmware, and hardware, and represents all the security functionality of the OS. |
|
Definition
|
|
Term
| _________ are the interface between the equipment and the system or application that is using the equipment. |
|
Definition
|
|
Term
| _____________ are used for system maintenance and operation. |
|
Definition
|
|
Term
| Unless a product is explicitly used for security, it will first be devoted to _____________. |
|
Definition
|
|
Term
|
Definition
| Standards-Based interfaces that support standard protocols |
|
|
Term
|
Definition
|
|
Term
| __________ systems only allow a single level of processing. |
|
Definition
|
|
Term
| ____________ systems permit users to execute any instruction available. |
|
Definition
|
|
Term
| _____________ systems allow processing at two levels is permitted through some form of user authentication and authorization. |
|
Definition
|
|
Term
| ___________ systems are single purpose computers designed to perform a dedicated function. |
|
Definition
|
|
Term
| A _____________ architecture refers to a system where a central server or group of servers provides service to a user who accesses the server(s) over the network. |
|
Definition
|
|
Term
| A _____________ architecture refers to an architecture permitting centralized control and enforcement of security policies. |
|
Definition
|
|
Term
| A _____________ architecture refers to an architecture with no centralized command and control. |
|
Definition
|
|
Term
| A _____________ architecture refers to an architecture which removes most client functions from the desktop and moves them to the server. |
|
Definition
|
|
Term
| __________ are a group of servers working together. |
|
Definition
|
|
Term
| ____________ is a software based architecture structure that provides translation or communication services between applications that were never designed to work directly together. |
|
Definition
|
|
Term
| ___________ memory addressing refers to a memory location that is independent of the current assignment of data to memory. |
|
Definition
|
|
Term
| ___________ memory addressing refers to memory addresses expressed as a location relative to a known point. |
|
Definition
|
|
Term
| ___________ memory addressing refers to memory addresses expressed as an actual value or location. |
|
Definition
|
|
Term
| As it relates to memory protection, what is the base value? |
|
Definition
| the lower limit of memory addressing that can be used |
|
|
Term
| As it relates to memory protection, what is the limit value? |
|
Definition
| the upper limit of memory addressing that can be used |
|
|
Term
| ________ are very high speed storage structures built into the CPU chip set. |
|
Definition
|
|
Term
| ____________ is the memory directly accessible to the CPU and with the highest response speed. |
|
Definition
|
|
Term
| ____________- is the very fast memory directly on the CPU chip body. |
|
Definition
|
|
Term
| ___________ is the main memory of the system and is provided through chips inserted into slots on the motherboard. |
|
Definition
|
|
Term
| __________ is a simple, cost-effective storage solution that utilizes drives attached to the network. |
|
Definition
|
|
Term
| ___________ is a complex, expensive solution to offer large capacity storage for servers over high-speed links. |
|
Definition
|
|
Term
| ______________ isolation is accomplished through time limits. |
|
Definition
|
|
Term
| _____________ isolation refers to separating out sensitive areas from common access. |
|
Definition
|
|
Term
| _____________ isolation protects against malicious activity by not permitting a process to execute outside of a strict set of boundaries. |
|
Definition
|
|
Term
|
Definition
| Requiring processes that occur at different layers to communicate through interfaces |
|
|
Term
| _____________ means if a process does not have an interface with a process at a different layer, it cannot communicate and will, therefore, not have access to data on a different layer. |
|
Definition
|
|
Term
| The __________ includes the reference monitor, hardware, software, inter-process communications, and human factors that make up a security solution. |
|
Definition
|
|
Term
| The Trusted Computer Base monitors what four functions? |
|
Definition
| Process Activation, Execution Domain Switching, Memory Protection, I/O Operations |
|
|
Term
| The _____________- enforces access relationships between all subjects and objects based on privilege and need to know |
|
Definition
|
|
Term
| According to the Abstract Machine concept, what are the three things that a reference monitor must be? |
|
Definition
| Tamperproof, Always envoked, and Verifiable |
|
|
Term
| What three things are the security kernel designed to do? |
|
Definition
| Check every access, enforce least privilege, Verify acceptable usage |
|
|
Term
| As it relates to a reference monitor, what is a subject? |
|
Definition
|
|
Term
| As it relates to a reference monitor, what is an object? |
|
Definition
|
|
Term
| The ideal location for security is at the _____________ level. |
|
Definition
|
|
Term
|
Definition
| Trusted Protection Module |
|
|
Term
| ___________ will ensure that the security of a system cannot be circumvented through just one vulnerability. |
|
Definition
|
|
Term
| Which Fundamental Model is designed to prevent data leakage? |
|
Definition
|
|
Term
| A ___________ model tracks the movement of information from one object to another so that movement of sensitive data will be identified |
|
Definition
|
|
Term
| Which fundamental model is concerned with logical separation and role based access control? |
|
Definition
|
|
Term
| ____________ is an abstract mathematical model where state variables represent the system state. |
|
Definition
|
|
Term
| __________ model is a hierarchical model defining access control privilege levels |
|
Definition
|
|
Term
| What are fundamental models? |
|
Definition
|
|
Term
| What does the Bell LaPadula model address? |
|
Definition
|
|
Term
| What type of model is the Bell LaPadula Model? |
|
Definition
|
|
Term
| What are the three fundamental modes of access? |
|
Definition
| Read only, write only, or read and write |
|
|
Term
| In the Bell LaPadula model, you may read ______ and write ________. |
|
Definition
|
|
Term
| What does the Biba model address? |
|
Definition
|
|
Term
| What fundamental model is the Biba model based on? |
|
Definition
|
|
Term
| With the Biba model, you may read ______ and write ________ |
|
Definition
|
|
Term
| What does the Clark-Wilson Model Address? |
|
Definition
| All three integrity goals |
|
|
Term
| What are the three integrity goals addressed by the Clark-Wilson model? |
|
Definition
| Preventing unauthorized users from making changes, Preventing authorized users from making improper changes, and maintaining internal and external consistency |
|
|
Term
| What does internal consistency mean? |
|
Definition
| Transactions must fit internal rules of systems |
|
|
Term
| What does external consistency mean? |
|
Definition
| Transactions must fit reality |
|
|
Term
| What are the three components of the Clark-Wilson Model? |
|
Definition
| All three integrity goals, Defines Well Formed transactions, and Separation of Duties |
|
|
Term
| Which model uses the Chinese Wall security Policy? |
|
Definition
|
|
Term
| What does the Brewer and Nash model allow? |
|
Definition
| Separation of competitors' data within the same integrated database |
|
|
Term
| What is the Brewer and Nash model designed to prevent? |
|
Definition
|
|
Term
| What mediates access from subjects to objects? |
|
Definition
|
|
Term
| Who coined the term monitor? |
|
Definition
|
|
Term
| Who coined the term reference model? |
|
Definition
|
|
Term
| Who formalized Access control Methods? |
|
Definition
| Harrison-Ruzzo-Ullman(HRU) Result |
|
|
Term
| What does TCSec (Orange Book) test for? |
|
Definition
|
|
Term
| What is the International Equivalent of of TCSec? |
|
Definition
|
|
Term
| What does ISO 15408 refer to? |
|
Definition
|
|
Term
| What does ISO 27001 refer to? |
|
Definition
|
|
Term
| What does ISO 27002 refer to? |
|
Definition
|
|
Term
| A ____________ is a general set of security requirements and objectives for a category of products in Common Criteria. |
|
Definition
|
|
Term
| ____________ is a set of software, firmware, and/or hardware to be evaluated in Common Criteria |
|
Definition
|
|
Term
| __________ contains the IT security objectives for a specific TOE in Common Criteria |
|
Definition
|
|
Term
| What level of ITSec introduces discretionary access control and Identification/Authentication? |
|
Definition
|
|
Term
| What level of ITSec introduces object reuse protection and Protected Audit trails? |
|
Definition
|
|
Term
| What level of ITSec introduces mandatory access control and Labeled Protection? |
|
Definition
|
|
Term
| What level of ITSec introduces Trusted Path and Covert Storage Channel Analysis? |
|
Definition
|
|
Term
| What level of ITSec introduces Trusted Recovery and Covert Timing Channel Analysis? |
|
Definition
|
|
Term
| What level of ITSec introduces formal design verification? |
|
Definition
|
|
Term
| What did ISO 7498-2 define? |
|
Definition
|
|
Term
| The ___________ framework is the de facto world standard for expressing the basic elements of an enterprise architecture. |
|
Definition
|
|
Term
| What is the Zachman framework used for? |
|
Definition
| To gather input for design requirements |
|
|
Term
| What framework was the follow on the Zachman framework which had an operational security focus? |
|
Definition
|
|
Term
| The ___________ framework is a framework to provide a comprehensive approach to design, planning, implementation, and governance of an enterprise information architecture |
|
Definition
| The Open Group Architecture Framework (TOGAF) |
|
|
Term
| _____________ describes a unified approach for evaluation of internal control systems |
|
Definition
| Committee of Sponsoring Organizations (COSO) |
|
|
Term
| What does ISO 27001 cover? |
|
Definition
| Information Security Management Systems |
|
|
Term
| What is the CMM based on? |
|
Definition
| Total Quality Management concepts |
|
|
Term
| What does the CMM provide a framework for? |
|
Definition
|
|
Term
| _____________ sets the standard for the handling of credit card information. |
|
Definition
|
|
Term
| What are the following frameworks designed to help an organization do: Zachman, SASBA, TOGAF |
|
Definition
|
|
Term
| What are the following frameworks designed to help an organization do: CMMI ITIL Six Sigma |
|
Definition
|
|
Term
| What are the following frameworks designed to help an organization do: ISO 27001, ISO 27002, SASBA, ITIL, PCI-DSS |
|
Definition
|
|
Term
| What are the following frameworks designed to help an organization do: COSO, ISO 27001, CoBIT |
|
Definition
|
|
Term
| What type of CPU functionality allows simultaneous execution of two or more programs by one or more processors? |
|
Definition
|
|
Term
| What computer component organizes memory, logging, and error detection? |
|
Definition
|
|
Term
| What CPU operational mode processes data for an application and allows less access to some resources? |
|
Definition
|
|
Term
| What type of system architecture supports standardized interfaces and protocols, rather than proprietary and customized applications? |
|
Definition
|
|
Term
| What network architectural structure is more secure, removes client functions, and primarily supports processing and storage at a centralized location? |
|
Definition
|
|
Term
| What type of software is best described as being distributed, providing translation or communications, and expanding applications and services? |
|
Definition
|
|
Term
| The ___________ is the combination of all hardware, software, and firmware responsible for enforcing the security policy and serves as a protection mechanism within a computer system. |
|
Definition
|
|
Term
| Which security model addresses preventing unauthorized users from making modifications, preventing authorized users from making improper modifications, and maintaining internal and external consistency? |
|
Definition
|
|
Term
| What Lattice Model is characterized by read down and no write down? |
|
Definition
|
|
Term
| Which security model primarily protects confidentiality? |
|
Definition
|
|
Term
| What fundamental security model is based on rules to prevent subjects that are operating in different domains from affecting each other? |
|
Definition
|
|
Term
| What type of memory storage is the fastest, highest cost and lowest capacity? |
|
Definition
|
|
Term
| What cloud computing service offers support to business operations without the organization building their own servers and networks? |
|
Definition
| Infrastructure as a Service |
|
|
Term
| A framework that provides a comprehensive approach to the design, planning, implementation, and governance of an enterprise and typically modeled at four levels - business, application, data, and technology |
|
Definition
|
|
Term
| An international information security standard and framework that addresses security throughout all phases is called what? |
|
Definition
| Information Security Management System |
|
|
Term
| Which of the Common Criteria components outlines a general and industry set of security requirements for a category of products? |
|
Definition
|
|
Term
| What Ring provides access to the system components and contains utilities and file system drivers? |
|
Definition
|
|
Term
| To create a virtual memory on a computer, two different types of memory must be combined. What are they? |
|
Definition
| RAM and secondary storage |
|
|
Term
| What type of memory addressing uses absolute addresses? |
|
Definition
|
|
Term
| What are the four Reference Monitor Design Rules? |
|
Definition
| Mediate all access, tampering protection, verifiable, always on |
|
|
