Bookmark and Share

Front Back
1. What flaw creates buffer overflows?
A. Application executing in privileged mode
B. Inadequate memory segmentation
C. Inadequate protection ring use
D. Insufficient bounds checking
1. D. A buffer overflow takes place when too much data are accepted as input.
Programmers should implement the correct security controls to ensure this
does not take place. This means they need to perform bounds checking and
parameter checking to ensure that only the allowed amount of data is actually
accepted and processed by the system.
2. The operating system performs all except which of the following tasks?
A. Memory allocation
B. Input and output tasks
C. Resource allocation
D. User access to database views
2. D. The operating system has a long list of responsibilities, but implementing
database views is not one of them. This is the responsibility of the database
management software
3. If an operating system allows sequential use of an object without refreshing it,
what security issue can arise?
A. Disclosure of residual data
B. Unauthorized access to privileged processes
C. Data leakage through covert channels
D. Compromise of the execution domain
3. A. If an object has confidential data and these data are not properly erased
before another subject can access them, this leftover or residual data can be
accessible. This can compromise the data and system’s security by disclosing
this confidential information. This is true of media (hard drives) and memory
4. What is the final step in authorizing a system for use in an environment?
A. Certification
B. Security evaluation and rating
C. Accreditation
D. Verification
4. C. Certification is a technical review of a product, and accreditation is
management’s formal approval of the findings of the certification process.
This question asked you which step was the final step in authorizing a
system before it is used in an environment, and that is what accreditation
is all about
5. What feature enables code to be executed without the usual security checks?
A. Temporal isolation
B. Maintenance hook
C. Race conditions
D. Process multiplexing
5. B. Maintenance hooks get around the system’s or application’s security and
access control checks by allowing whomever knows the key sequence to
access the application and most likely its code. Maintenance hooks should be
removed from any code before it gets into production.
6. If a component fails, a system should be designed to do which of the
A. Change to a protected execution domain
B. Change to a problem state
C. Change to a more secure state
D. Release all data held in volatile memory
6. C. The state machine model dictates that a system should start up securely,
carry out secure state transitions, and even fail securely. This means that if the
system encounters something it deems unsafe, it should change to a more
secure state for self-preservation and protection
7. What security advantage does firmware have over software?
A. It is difficult to modify without physical access.
B. It requires a smaller memory segment.
C. It does not need to enforce the security policy.
D. It is easier to reprogram.
7. A. Firmware is a type of software that is held in a ROM or EROM chip. It
is usually used to allow the computer to communicate with some type of
peripheral device. The system’s BIOS instructions are also held in firmware
on the motherboard. In most situations, firmware cannot be modified unless
someone has physical access to the system. This is different from other types
of software that may be modified remotely or through logical means
8. Which is the first level of the Orange Book that requires classification labeling
of data?
A. B3
B. B2
C. B1
D. C2
8. C. These assurance ratings are from the Orange Book. B levels on up require
security labels be used, but the question asks which is the first level to require
this. B1 comes before B2 and B3, thus it is the correct answer.
9. Which of the following best describes the security kernel?
A. A software component that monitors activity and writes security events to
an audit log
B. A software component that determines if a user is authorized to perform a
requested operation
C. A software component that isolates processes and separates privileged and
user modes
D. A software component that works in the center protection ring and
provides interfaces between trusted and untrusted objects
9. B. A security kernel is the software component that enforces access control for
the operating system. A reference monitor is the abstract machine that holds
all of the rules of access for the system. The security kernel is the active entity that enforces the reference monitor’s rules. They control the access attempts of
any and all subjects; a user is just one example of a subject.
10. The Information Technology Security Evaluation Criteria was developed for
which of the following?
A. International use
B. U.S. use
C. European use
D. Global use
10. C. In ITSEC, the I does not stand for international, it stands for information.
This set of criteria was developed to be used by European countries to evaluate
and rate their products
11. A security kernel contains which of the following?
A. Software, hardware, and firmware
B. Software, hardware, and system design
C. Security policy, protection mechanisms, and software
D. Security policy, protection mechanisms, and system design
11. A. The security kernel makes up the main component of the TCB, which is
comprised of software, hardware, and firmware. The security kernel performs
a lot of different activities to protect the system. Enforcing the reference
monitor’s access rules is just one of those activities.
12. What is the purpose of base and limit registers?
A. Countermeasure buffer overflows
B. Time sharing of system resources, mainly the CPU
C. Process isolation
D. TCB enforcement
12. C. The CPU has base and limit registers that contain the starting and ending
memory addresses a process is allowed to work within. This ensures the
process is isolated from other processes in that it cannot interact with another
process’s memory segment
13. A guard is commonly used with a classified system. What is the main purpose
of implementing and using a guard?
A. To ensure that less trusted systems only receive acknowledgments and not
B. To ensure proper information flow
C. To ensure that less trusted and more trusted systems have open
architectures and interoperability
D. To allow multilevel and dedicated mode systems to communicate
13. B. The guard accepts requests from the less trusted entity, reviews the request
to make sure it is allowed, and then submits the request on behalf of the less
trusted system. The goal is to ensure that information does not flow from a
high security level to a low security level in an unauthorized manner
14. The trusted computing base (TCB) controls which of the following?
A. All trusted processes and software components
B. All trusted security policies and implementation mechanisms
C. All trusted software and design mechanisms
D. All trusted software and hardware components
14. D. The TCB contains and controls all protection mechanisms within the
system, whether they are software, hardware, or firmware.
15. What is the imaginary boundary that separates components that maintain
security from components that are not security related?
A. Reference monitor
B. Security kernel
C. Security perimeter
D. Security policy
15. C. The security perimeter is a boundary between items that are within the TCB
and items that are outside the TCB. It is just a mark of delineation between
these two groups of items.
16. Which model deals only with confidentiality?
A. Bell-LaPadula
B. Clark-Wilson
C. Biba
D. Reference monitor
16. A. The Bell-LaPadula model was developed for the U.S. government with
the main goal of keeping sensitive data unreachable to those who were
not authorized to access and view the same. This model was the first
mathematical model of a multilevel security policy used to define the
concepts of a security state and mode of access and to outline rules of
access. The Biba and Clark-Wilson models do not deal with confidentiality,
but with integrity instead.
17. What is the best description of a security kernel from a security point of view?
A. Reference monitor
B. Resource manager
C. Memory mapper
D. Security perimeter
17. A. The security kernel is a portion of the operating system’s kernel and
enforces the rules outlined in the reference monitor. It is the enforcer
of the rules and is invoked each time a subject makes a request to access
an object.
18. When is the security of a system most effective and economical?
A. When it is designed and implemented from the beginning of the
development of the system
B. When it is designed and implemented as a secure and trusted front end
C. When it is customized to fight specific types of attacks
D. When the system is optimized before security is added
18. A. It is difficult to add useful and effective security at the end of developing
a product or to add security as a front end to an existing product. Adding
security at the end of a project is usually more expensive because it will break
items and the team will need to go back to the drawing board and redesign
and recode portions of the product
19. In secure computing systems, why is there a logical form of separation used
between processes?
A. Processes are contained within their own security domains so each does
not make unauthorized accesses to other processes or their resources.
B. Processes are contained within their own security perimeter so they can
only access protection levels above them.
C. Processes are contained within their own security perimeter so they can
only access protection levels equal to them.
D. The separation is hardware and not logical in nature.
19. A. Processes are assigned their own variables, system resources, and memory
segments, which make up their domain. This is done so they do not corrupt
each other’s data or processing activities.
20. What type of attack is taking place when a higher-level subject writes data to a
storage area and a lower-level subject reads it?
B. Covert storage attack
C. Covert timing attack
D. Buffer overflow
20. B. A covert channel is being used when something is using a resource for
communication purposes, and that is not the reason this resource was created.
A process can write to some type of shared media or storage place that
another process will be able to access. The first process writes to this media
and the second process reads it. This action goes against the security policy
of the system.
21. What type of rating does the Common Criteria give to products?
D. A–D
21. C. The Common Criteria uses a different assurance rating system than the
previously used criteria. It has packages of specifications that must be met
for a product to obtain the corresponding rating. These ratings and packages
are called Evaluation Assurance Levels (EALs). Once a product achieves any
type of rating, customers can view this information on an Evaluated Products
List (EPL).
22. Which best describes the *-integrity axiom?
A. No write up in the Biba model
B. No read down in the Biba model
C. No write down in the Bell-LaPadula model
D. No read up in the Bell-LaPadula model
22. A. The *-integrity axiom (or star integrity axiom) indicates that a subject of a
lower integrity level cannot write to an object of a higher integrity level. This
rule is put into place to protect the integrity of the data that resides at the
higher level.
23. Which best describes the simple security rule?
A. No write up in the Biba model
B. No read down in the Biba model
C. No write down in the Bell-LaPadula model
D. No read up in the Bell-LaPadula model
23. D. The simple security rule is implemented to ensure that any subject at a
lower security level cannot view data that resides at a higher level. The reason
this type of rule is put into place is to protect the confidentiality of the data
that resides at the higher level. This rule is used in the Bell-LaPadula model.
Remember that if you see “simple” in a rule, it pertains to reading, while *
or “star” pertains to writing.
24. Which of the following was the first mathematical model of a multilevel
security policy used to define the concepts of a security state and mode of
access, and to outline rules of access?
A. Biba
B. Bell-LaPadula
C. Clark-Wilson
D. State machine
24. B. This is a formal definition of the Bell-LaPadula model, which was
created and implemented to protect government and military confidential
25. Which of the following is a true statement pertaining to memory addressing?
A. The CPU uses absolute addresses. Applications use logical addresses.
Relative addresses are based on a known address and an offset value.
B. The CPU uses logical addresses. Applications use absolute addresses.
Relative addresses are based on a known address and an offset value.
C. The CPU uses absolute addresses. Applications use relative addresses.
Logical addresses are based on a known address and an offset value.
D. The CPU uses absolute addresses. Applications use logical addresses.
Absolute addresses are based on a known address and an offset value.
25. A. The physical memory addresses that the CPU uses are called absolute
addresses. The indexed memory addresses that software uses are referred
to as logical addresses. And relative addresses are based on a known address
with an offset value applied.
x of y cards