Security Architecture and Design

Question 1

A holistic lifecycle for developing security architecture that begins with assessing business requirements and subsequently creating a chain of traceability through phases of strategy, concept, design, implementation and metrics is characteristic of which of the following frameworks?
A. Zachman
B. SABSA
C. ISO 27000
D. TOGAF

Answer 1

B. SABSA

Question 2

Which of the following component of ITIL's service portfolio primarily focused on translating designs into operational services through a project management standard?
A. service strategy
B. service design
C. service transition
D. service operations

Answer 2

C. service transition

Question 3

Which of the following can best be used to capture detailed security requirements?
A. threat modeling, covert channels, data classification
B. data classification, risk assessments, covert channels
C. risk assessments, covert channels, and threat modeling
D. threat modeling, data classification, risk assessments

Answer 3

D. threat modeling, data classification, risk assessments

Question 4

Which of the following security standards is internationally recognized as the standards for sound security practices and is focused on the standardization and certification of an organization's information security management system?
A. ISO 15408
B. ISO 27001
C. ISO 9001
D. ISO 9146

Answer 4

B. ISO 27001

Question 5

Which of the following describes the rules that need to be implemented to ensure that the security requirement are met?
A. security kernel
B. security policy
C. security model
D. security reference monitor

Answer 5

B. security policy

Question 6

A two dimensional grouping of individual subjects into groups or roles and granting access to groups to objects is an example of which of the following types of models?
A. multilevel lattice
B. state machine
C. non-interference
D. matrix based

Answer 6

D. matrix based

Question 7

Which of the following models ensures that a subject with a clearance level of secret has the ability to write only to objects classified as secret or top secret but is prevent from writing information classified as public?
A. Biba-integrity
B. clark-wilson
C. brewer-nash
D. bell-lapadula

Answer 7

D. bell-lapadula

Question 8

Which of the following is unique to the biba-integrity model?
A. simple property
B. star property
C. invocation property
D. Strong star property

Answer 8

C. invocation property

Question 9

Which of the following models is best considered in a shared data hosting environment so that the data of one customer is not disclosed to a competitor or other customers sharing that hosted environment?
A. brewer-nash
B. clark-wilson
C. bell-lapadula
D. lipner

Answer 9

A. brewer-nash

Question 10

Which of the following security models is primarily concerned with how the subjects and objects are created and how subjects are assigned rights or privileges?
A. bell-lapdula
B. biba-integrity
C. chinese wall
D. graham-denning

Answer 10

D. graham-denning

Question 11

Which of the following ISO standards provides the evaluation criteria that can be used to evaluate security requirements of different products with different functions?
A. 15408
B. 27000
C. 9100
D. 27002

Answer 11

A. 15408

Question 12

In the common criteria, the common set of functional and assurance requirements for a category of vendor products deployed in a particular type of environment are known as
A. protection profiles
B. security target
C. trusted computing base
D. ring protection

Answer 12

A. protection profiles

Question 13

Which of the following evaluation assurance level that is formally verified, designed and tested is expected for a high risk situation?
A. EAL 1
B. EAL 3
C. EAL 5
D. EAL 7

Answer 13

D. EAL 7

Question 14

Formal acceptance of an evaluated system by management is known as
A. certification
B. accreditation
C. validation
D. verification

Answer 14

B. accreditation

Question 15

Which stage of the capability maturity model is characterized by having organizational processes that are proactive?
A. initial
B. managed
C. defined
D. optimizing

Answer 15

C. defined

Question 16

Which of the following best provides a method of quantifying risks associated with information technology when validating the abilities of new security controls and countermeasures to address the identified risks?
A. threat/risk assessment
B. penetration testing
C. vulnerability assessment
D. data classification

Answer 16

A. threat/risk assessment

Question 17

The use of proxies to protect more trusted assets from less sensitive ones is an example of which of the following types of security services?
A. access control
B. boundary control
C. integrity
D. audit and monitoring

Answer 17

B. boundary control

Question 18

Which of the following is the main reason for security concerns in mobile computing devices?
A. the 3G protocol is inherently insecure
B. lower processing power
C. hackers are targeting mobile computing devices
D. lack of anti-virus software

Answer 18

B. lower processing power

Question 19

In decentralized environments device drivers that enable the OS to control and communicate with hardware need to be securely designed, developed and deployed because they are
A. typically installed by end users and granted access to the supervisor state
B. typically installed by administrators and granted access to user mode state
C. typically installed by software without human interaction
D. integrated as part of the operating system

Answer 19

A. typically installed by end users and granted access to the supervisor state

Question 20

A system administrator grants rights to a group of individuals called accounting instead of granting rights to each individual.  This is an example of which of the following security mechanisms?
A. layering
B. data hiding
C. cryptographic protections
D. abstraction

Answer 20

D. abstraction

Question 21

Which of the following are the evaluation criteria most in use today for rating IDS systems?
A. ITSEC
B. Common Criteria
C. Red Book
D. Orange Book

Answer 21

B. Common Criteria

Question 22

What is the subject of the Red Book?

Answer 22

security evaluation for networks and network components

Question 23

What is the subject of the Orange Book?

Answer 23

security requirements for operating systems

Question 24

Certain types of attacks have been made more potent by which of the following advances to microprocessor technology?
A. Increased circuits, cache memory, and multiprogramming.
B. Dual mode computing
C. Direct memory access I/O
D. Increases in processing power

Answer 24

D. Increases in processing power

Question 25

CPUs and operating systems can work in two main types of multitasking modes. What controls access and the use of system resources in preemptive multitasking mode?
A. The user and application
B. The program that is loaded into memory
C. The operating system
D. The CPU and user

Answer 25

C. The operating system

Question 26

Virtual storage combines RAM and secondary storage for system memory. Which of the following is a security concern pertaining to virtual storage?
A. More than one process uses the same resource
B. It allows cookies to remain persistent in memory
C. It allows for side-channel attacks to take place
D. Two processes can carry out a denial of service

Answer 26

A. More than one process uses the same resource

Question 27

Which of the following is a common association of the Clark-Wilson access model?
A. Chinese Wall
B. Access tuple
C. Read up and write down rule
D. Subject and application binding

Answer 27

D. Subject and application binding

aka: access triple

Question 28

What is access triple?

Answer 28

user, program, object

A user can’t access an object without going through a program. Part of the Clark-Wilson model.

Question 29

What data access model do the Bell-LaPadula and Biba models use?

Answer 29

read up, write down

Question 30

Which of the following correctly describes the relationship between the reference monitor and the security kernel?
A. The security kernel implements and enforces the reference monitor.
B. The reference monitor is the core of the trusted computing base, which is made up of the security kernel.
C. The reference monitor implements and enforces the security kernel.
D. The security kernel, aka abstract machine, implements the reference monitor concept.

Answer 30

A. The security kernel implements and enforces the reference monitor.

Question 31

What is the core of the trusted computing base?

Answer 31

security kernel

Question 32

What is another name for reference monitor?

Answer 32

abstract machine

Question 33

What is another name for abstract machine?

Answer 33

reference monitor

Question 34

The trusted computing base ensures security within a system when a process in one domain must access another domain in order to retrieve sensitive information.  What function does the TCB initiate to ensure that this is done in a secure manner?
A. I/O operation execution
B. Process deactivation
C. Execution domain switching
D. Virtual memory to real memory mapping

Answer 34

C. Execution domain switching

Question 35

The Zachman architecture framework is often used to set up an enterprise security architecture. Which of the following does not correctly describe the Zachman Framework?
A. A two dimensional model that uses communication interrogatives intersecting with different levels.
B. A security oriented model that gives instructions in a modular fashion.
C. Used to build a robust enterprise architecture versus a technical security architecture.
D. Uses six perspectives to describe a holistic information infrastructure

Answer 35

B. A security oriented model that gives instructions in a modular fashion.

Question 36

Describe elements of the Zachman Framework

Answer 36

two dimensional model that addresses the what, how, where, who, when, and why from 6 different perspectives.
Used for enterprise architecture not security

Question 37

John has been told to report to the board of directors with a vendor neutral enterprise architecture framework that will help the company reduce fragmentation that results from the misalignment of IT and business processes. Which of the following frameworks should he suggest?
A. DoDAF (Department of Defense Architecture Framework)
B. CMMI (Capability Maturity Model Integration)
C. ISO/IEC 42010
D. TOGAF (The Open Group Architecture Framework

Answer 37

D. TOGAF (The Open Group Architecture Framework

Question 38

What is ISO/IEC 42010?

Answer 38

recommended practices intended to simplify the design and conception of software intensive architectures.

Question 39

Protection profiles used in the Common Criteria evaluation process contain five elements.  Which of the following establishes the type and intensity of the evaluation?
A. Descriptive elements
B. Evaluation assurance requirements
C. Evaluation assurance level
D. Security target

Answer 39

B. Evaluation assurance requirements

Question 40

Which of the following best defines a virtual machine?
A. A virtual instance of an operating system
B. A piece of hardware that runs multiple operating systems environments simultaneously.
C. A physical environment for multiple guests
D. An environment that can be fully utilized while running legacy applications.

Answer 40

A. A virtual instance of an operating system

Question 41

Bethany is working on a mandatory access control system.  She has been working on a file classified as secret.  She can no longer access this file because it has been reclassified as Top Secret.  She deduces that the project she was working on has just increased in confidentiality and she knows more about this project than her clearance and need to know allows.  Which of the following refers to a concept that attempts to prevent this type of scenario from occurring?
A. Covert storage channel
B. Inference attack
C. Noninterference
D. Aggregation

Answer 41

C. Noninterference

Question 42

Virtualization offers many benefits. Which of the following incorrectly describes virtualization?
A. Virtualization simplifies operating system patching
B. Virtualization can be used to build a secure computing environment
C. Virtualization can provide fault and error containment
D. Virtual machines offer powerful debugging capabilities

Answer 42

A. Virtualization simplifies operating system patching

Question 43

Which security architecture model defines how to securely develop access rights between subjects and objects?
A. Brewer-Nash
B. Clark-Wilson
C. Graham-Denning
D. Bell-LaPadula

Answer 43

C. Graham-Denning

Question 44

What is the Brewer-Nash model?

Answer 44

Intended to provide access controls that can change dynamically depending on a user’s previous actions.

Protect against conflicts of interest

Question 45

What is the Clark-Wilson model?

Answer 45

Intended to protect the integrity of data and ensure that properly formatted transactions take place within applications.

Question 46

What is the Bell-LaPadula model?

Answer 46

Intended to address the US military’s concern with the security of its systems and the leakage of classified information.

Question 47

Operating systems can be programmed to carry out different methods for process isolation.  Which of the following refers to a method in which an interface defines how communication can take place between two processes and no process can interact with the other's internal programming code?
A. Virtual mapping
B. Encapsulation of objects
C. Time multiplexing
D. Naming distinctions

Answer 47

B. Encapsulation of objects

Question 48

Which of the following is not a responsibility of the memory manager?
A. Use complex controls to ensure integrity and confidentiality when processes need to use the same shared memory segments.
B. Limit processes to interact only with the memory segments assigned to them.
C. Swap contents from RAM to the hard drive as needed.
D. Run an algorithm to identify unused committed memory and inform the operating system that the memory is available.

Answer 48

D. Run an algorithm to identify unused committed memory and inform the operating system that the memory is available.

Question 49

What is the function of the garbage collector?

Answer 49

Run an algorithm to identify unused committed memory and inform the operating system that the memory is available.

Question 50

Several types of read only memory devices can be modified after they are manufactured. Which of the following statements correctly describes the differences between two types of ROM?
A. PROM can only be programmed once, while EEPROM can be programmed many times.
B. A UV light is used to erase data on EEPROM, while onboard programming circuitry and signals erase data on EPROM.
C. The process used to delete data on PROM erases one byte at a time, while to erase data on an EPROM chip, you must remove it from the hardware.
D. The voltage used to write bits into the memory cells of EPROM burns out the fuses that connect individual memory cells, while UV light is used to write the memory cells of PROM.

Answer 50

A. PROM can only be programmed once, while EEPROM can be programmed many times.

Question 51

The Information Technology Infrastructure Library consists of 5 sets of instructional books.  Which of the following is considered the core set and focuses on the overall planning of the intended IT services?
A. Service Operation
B. Service Design
C. Service Transition
D. Service Strategy

Answer 51

D. Service Strategy

Question 52

Widgets Inc's software development processes are documented and the organization is capable of producing its own standard of software processes.  Which of the following Capability Maturity Model Integration levels best describes Widgets Inc?
A. Initial
B. Repeatable
C. Defined
D. Managed

Answer 52

C. Defined

Question 53

What are the 5 levels of CMMI?

Answer 53

Initial
Repeatable
Defined
Managed
Optimized