Chapter 8 Principles of Security Models, Design, and Capabilities Flashcards

1
Q

The user or process that makes a request to access a resource is called a _____.

A

subject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The ____ is the resource a user or process wants to access.

A

object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

______ is the concept that if A trusts B and B trusts C, then A inherits trust of C

A

Transitive trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A ________ is designed to work well with a narrow range of other systems, generally all from the same manufacturer.

A

closed system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

_______ allows a process to read from and write to only certain memory locations and resources.

Confinement
Bounds
Isolation
Controls

A

confinement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The ____ of a process consist of limits set on the memory addresses and resources it can access.

Confinement
Bounds
Isolation
Controls

A

bounds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

______ ensures that any behavior will affect only the memory and resources associated with the isolated process

Confinement
Bounds
Isolation
Controls

A

isolation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A ___ uses access rules to limit the access of a subject to an object.

Confinement
Bounds
Isolation
Controls

A

control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

type of attribute storage is called a _____, which is generally a permanent part of the object to which it’s attached.

Tokens
Capabilities
Labels

A

Labels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A ____ list
maintains a row of security attributes for each controlled object. Although not as fl exible as the token approach, capabilities lists generally offer quicker lookups when a subject requests access to an object.

Tokens
Capabilities
Labels

A

capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A ___ can communicate security information about
an object prior to requesting access to the actual object

Tokens
Capabilities
Labels

A

token

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A combination of
hardware, software, and controls that work together to form a trusted base to enforce
your security policy.

A

trusted computing base

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A ________ is a channel established with

strict standards to allow necessary communication to occur without exposing the TCB to security vulnerabilities.

A

trusted path

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

________ stands between every subject and object, verifying that a requesting subject’s credentials
meet the object’s access requirements before any requests are allowed to proceed.

A

Reference Monitors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The collection of components in the TCB that work together to implement reference monitor functions

A

security kernel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The ____ is a concept or theory that is put into practice via the implementation of a security kernel in software
and hardware.

A

reference monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

a system that is always secure no matter what state it is in.

A

state machine model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a secure state

machine .

A

each possible

state transition results in another secure state,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

_____ is concerned with preventing information flow from a high security level to a low security level.

Bell-LaPadula
Biba

A

Bell-LaPadula

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

___ is concerned with preventing information fl ow from a low security level to a
high security level.

Bell-LaPadula
Biba

A

Biba

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The _______ is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level.

A

noninterference model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What type of model follows how information flows between systems rather than within an individual system.

A

composition theories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

_____ theories because they explain how outputs from one system relate to inputs to another system.

A

composition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What type of composition theory is described here:

One system sends input to another system but also sends input to external
entities.

Cascading
Feedback
Hookup

25
What type of composition theory is described here: Input for one system comes from the output of another system. Cascading Feedback Hookup
Cascading
26
What type of composition theory is described here: One system provides input to another system, which reciprocates by reversing those roles (so that system A first provides input for system B and then system B provides input to system A). Cascading Feedback Hookup
Feedback
27
Which model employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object
Take-Grant Model
28
A table of subjects and objects that indicates the actions or functions that each subject can perform on each object.
access control matrix
29
Each column of the matrix is an ________ list . access control capabilities
access control
30
Each row of the matrix is a ____ list . access control capabilities
capabilities
31
_______ model prevents the leaking or transfer of classified information to less secure clearance levels.
Bell-LaPadula | Biba
32
What Property states that a subject may not read information at a higher sensitivity level (no read up). ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```
Simple Security
33
``` What Property states that a subject cannot modify an object at a higher integrity level (no write-up). ``` ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```
star Integrity
34
``` What Property states that a subject cannot read an object at a lower integrity level (no read-down). ``` ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```
Simple Integrity
35
What Property states that a subject may not write information to an object at a lower sensitivity level (no write down). This is also known as the Confinement Property. ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```
star Security
36
What Property states that the system uses an access matrix to enforce discretionary access control. ``` star Security Simple Security Discretionary Security Simple Integrity star Integrity ```
Discretionary Security
37
Subjects do not have direct access to objects. Objects can be accessed only through programs.
Clark-Wilson Model
38
A _________ | uses classification-based restrictions to offer only subject-specific authorized information and functions.
restricted interface model
39
Which model is said to be the foundation of noninterference conceptual theories.
Goguen-Meseguer Model
40
Chinese Wall
Brewer and Nash Model
41
which model is based on predetermining the set or domain—a list of objects that a subject can access ?
Goguen-Meseguer Model
42
which model is focused on the secure creation and deletion of both subjects and objects.
Graham-Denning Model
43
____ is the comprehensive evaluation of the technical and nontechnical security features of an IT system and other safeguards made in support of the accreditation process to establish the extent to which a particular design and implementation meets a set of specifi ed security requirements.
Certification
44
______ is the formal declaration by the designated approving authority (DAA) that an IT system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
Accreditation
45
The standard for all other US government executive | branch departments, agencies, and their contractors and consultants is the ___________
Committee on | National Security Systems (CNSS) Policy (CNSSP)
46
The current DoD standard for the certification and accreditation of computing systems is ________.
Risk Management Framework | RMF
47
The standard for all non DOD US government executive branch departments, agencies, and their contractors and consultants is the ______
Committee on National Security Systems (CNSS) Policy (CNSSP)
48
four phases of Certification and Accreditation
Phase 1: Definition Phase 2: Verification Phase 3: Validation Phase 4: Post Accreditation
49
What guides the entire certification and accreditation process ?
System Security Authorization Agreement (SSAA)
50
Which stage of the certification and accreditation process Includes further refi nement of the SSAA, certifi cation evaluation of the integrated system, development of a recommendation to the DAA, and the DAA’s accreditation decision Definition Verification Validation Post Accreditation
Validation
51
Which stage of the certification and accreditation process Involves the assignment of appropriate project personnel; documentation of the mission need; and registration, negotiation, and creation of a System Security Authorization Agreement (SSAA) that guides the entire certifi cation and accreditation process Definition Verification Validation Post Accreditation
Definition
52
Which stage of the certification and accreditation process Includes maintenance of the SSAA, system operation, change management, and compliance validation ? Definition Verification Validation Post Accreditation
Post Accreditation
53
Which stage of the certification and accreditation process Includes refi nement of the SSAA, systems development activities, and a certification analysis Definition Verification Validation Post Accreditation
Verification
54
used to prevent an active process from interacting with an area of memory that was not specifically assigned or allocated to it.
Memory Protection
55
used to host one or more operating systems within the memory of a single host computer.
Virtualization
56
chip is used to store and process cryptographic keys for the purposes of a hardware supported/implemented hard drive encryption system.
Trusted Platform Module
57
A _____ interface is implemented within an application to restrict what users can do or see based on their privileges.
constrained or restricted
58
The methods that are used to describe the necessary security attributes for an object are _____, ________ and __________
Tokens, Capabilities, and Labels