Chapter 8 Principles of Security Models, Design, and Capabilities

Question 1

The user or process that makes a request to access a resource is called a _____.

Answer 1

subject

Question 2

The ____ is the resource a user or process wants to access.

Answer 2

object

Question 3

______ is the concept that if A trusts B and B trusts C, then A inherits trust of C

Answer 3

Transitive trust

Question 4

A ________ is designed to work well with a narrow range of other systems, generally all from the same manufacturer.

Answer 4

closed system

Question 5

_______ allows a process to read from and write to only certain memory locations and resources.

Confinement
Bounds
Isolation
Controls

Answer 5

confinement

Question 6

The ____ of a process consist of limits set on the memory addresses and resources it can access.

Confinement
Bounds
Isolation
Controls

Answer 6

bounds

Question 7

______ ensures that any behavior will affect only the memory and resources associated with the isolated process

Confinement
Bounds
Isolation
Controls

Answer 7

isolation

Question 8

A ___ uses access rules to limit the access of a subject to an object.

Confinement
Bounds
Isolation
Controls

Answer 8

control

Question 9

type of attribute storage is called a _____, which is generally a permanent part of the object to which it’s attached.

Tokens
Capabilities
Labels

Answer 9

Labels

Question 10

A ____ list
maintains a row of security attributes for each controlled object. Although not as fl exible as the token approach, capabilities lists generally offer quicker lookups when a subject requests access to an object.

Tokens
Capabilities
Labels

Answer 10

capabilities

Question 11

A ___ can communicate security information about
an object prior to requesting access to the actual object

Tokens
Capabilities
Labels

Answer 11

token

Question 12

A combination of
hardware, software, and controls that work together to form a trusted base to enforce
your security policy.

Answer 12

trusted computing base

Question 13

A ________ is a channel established with

strict standards to allow necessary communication to occur without exposing the TCB to security vulnerabilities.

Answer 13

trusted path

Question 14

________ stands between every subject and object, verifying that a requesting subject’s credentials
meet the object’s access requirements before any requests are allowed to proceed.

Answer 14

Reference Monitors

Question 15

The collection of components in the TCB that work together to implement reference monitor functions

Answer 15

security kernel

Question 16

The ____ is a concept or theory that is put into practice via the implementation of a security kernel in software
and hardware.

Answer 16

reference monitor

Question 17

a system that is always secure no matter what state it is in.

Answer 17

state machine model

Question 18

What is a secure state

machine .

Answer 18

each possible

state transition results in another secure state,

Question 19

_____ is concerned with preventing information flow from a high security level to a low security level.

Bell-LaPadula
Biba

Answer 19

Bell-LaPadula

Question 20

___ is concerned with preventing information fl ow from a low security level to a
high security level.

Bell-LaPadula
Biba

Answer 20

Biba

Question 21

The _______ is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level.

Answer 21

noninterference model

Question 22

What type of model follows how information flows between systems rather than within an individual system.

Answer 22

composition theories

Question 23

_____ theories because they explain how outputs from one system relate to inputs to another system.

Answer 23

composition

Question 24

What type of composition theory is described here:

One system sends input to another system but also sends input to external
entities.

Cascading
Feedback
Hookup

Answer 24

Hookup

Question 25

What type of composition theory is described here: Input for one system comes from the output of another system. Cascading Feedback Hookup

Answer 25

Cascading

Question 26

What type of composition theory is described here: One system provides input to another system, which reciprocates by reversing those roles (so that system A first provides input for system B and then system B provides input to system A). Cascading Feedback Hookup

Answer 26

Feedback

Question 27

Which model employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object

Answer 27

Take-Grant Model

Question 28

A table of subjects and objects that indicates the actions or functions that each subject can perform on each object.

Answer 28

access control matrix

Question 29

Each column of the matrix is an ________ list . access control capabilities

Answer 29

access control

Question 30

Each row of the matrix is a ____ list . access control capabilities

Answer 30

capabilities

Question 31

_______ model prevents the leaking or transfer of classified information to less secure clearance levels.

Answer 31

Bell-LaPadula | Biba

Question 32

What Property states that a subject may not read information at a higher sensitivity level (no read up). ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```

Answer 32

Simple Security

Question 33

``` What Property states that a subject cannot modify an object at a higher integrity level (no write-up). ``` ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```

Answer 33

star Integrity

Question 34

``` What Property states that a subject cannot read an object at a lower integrity level (no read-down). ``` ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```

Answer 34

Simple Integrity

Question 35

What Property states that a subject may not write information to an object at a lower sensitivity level (no write down). This is also known as the Confinement Property. ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```

Answer 35

star Security

Question 36

What Property states that the system uses an access matrix to enforce discretionary access control. ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```

Answer 36

Discretionary Security

Question 37

Subjects do not have direct access to objects. Objects can be accessed only through programs.

Answer 37

Clark-Wilson Model

Question 38

A _________ | uses classification-based restrictions to offer only subject-specific authorized information and functions.

Answer 38

restricted interface model

Question 39

Which model is said to be the foundation of noninterference conceptual theories.

Answer 39

Goguen-Meseguer Model

Question 40

Chinese Wall

Answer 40

Brewer and Nash Model

Question 41

which model is based on predetermining the set or domain—a list of objects that a subject can access ?

Answer 41

Goguen-Meseguer Model

Question 42

which model is focused on the secure creation and deletion of both subjects and objects.

Answer 42

Graham-Denning Model

Question 43

____ is the comprehensive evaluation of the technical and nontechnical security features of an IT system and other safeguards made in support of the accreditation process to establish the extent to which a particular design and implementation meets a set of specifi ed security requirements.

Answer 43

Certification

Question 44

______ is the formal declaration by the designated approving authority (DAA) that an IT system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.

Answer 44

Accreditation

Question 45

The standard for all other US government executive | branch departments, agencies, and their contractors and consultants is the ___________

Answer 45

Committee on | National Security Systems (CNSS) Policy (CNSSP)

Question 46

The current DoD standard for the certification and accreditation of computing systems is ________.

Answer 46

Risk Management Framework | RMF

Question 47

The standard for all non DOD US government executive branch departments, agencies, and their contractors and consultants is the ______

Answer 47

Committee on National Security Systems (CNSS) Policy (CNSSP)

Question 48

four phases of Certification and Accreditation

Answer 48

Phase 1: Definition Phase 2: Verification Phase 3: Validation Phase 4: Post Accreditation

Question 49

What guides the entire certification and accreditation process ?

Answer 49

System Security Authorization Agreement (SSAA)

Question 50

Which stage of the certification and accreditation process Includes further refi nement of the SSAA, certifi cation evaluation of the integrated system, development of a recommendation to the DAA, and the DAA’s accreditation decision Definition Verification Validation Post Accreditation

Answer 50

Validation

Question 51

Which stage of the certification and accreditation process Involves the assignment of appropriate project personnel; documentation of the mission need; and registration, negotiation, and creation of a System Security Authorization Agreement (SSAA) that guides the entire certifi cation and accreditation process Definition Verification Validation Post Accreditation

Answer 51

Definition

Question 52

Which stage of the certification and accreditation process Includes maintenance of the SSAA, system operation, change management, and compliance validation ? Definition Verification Validation Post Accreditation

Answer 52

Post Accreditation

Question 53

Which stage of the certification and accreditation process Includes refi nement of the SSAA, systems development activities, and a certification analysis Definition Verification Validation Post Accreditation

Answer 53

Verification

Question 54

used to prevent an active process from interacting with an area of memory that was not specifically assigned or allocated to it.

Answer 54

Memory Protection

Question 55

used to host one or more operating systems within the memory of a single host computer.

Answer 55

Virtualization

Question 56

chip is used to store and process cryptographic keys for the purposes of a hardware supported/implemented hard drive encryption system.

Answer 56

Trusted Platform Module

Question 57

A _____ interface is implemented within an application to restrict what users can do or see based on their privileges.

Answer 57

constrained or restricted

Question 58

The methods that are used to describe the necessary security attributes for an object are _____, ________ and __________

Answer 58

Tokens, Capabilities, and Labels