CISSP认证考试（安全体系结构和设计）模拟试卷1 - 众享搜题网

登录　| 注册　| 充值

首页 > 计算机 > CISSP认证 > CISSP认证考试（安全体系结构和设计）模拟试卷1

Lacy’s manager has tasked her with researching an intrusion detection system for a new dispatching center. Lacy identifies the top five products and compares their ratings. Which of the following are the evaluation criteria most in use today for these types of purposes? ITSEC Common Criteria Red Book Orange Book

Certain types of attacks have been made more potent by which of the following advances to microprocessor technology? Increased circuits, cache memory, and multiprogramming Dual mode computation Direct memory access I/O Increases in processing power

CPUs and operating systems can work in two main types of multitasking modes. What controls access and the use of system resources in preemptive multitasking mode? The user and application The program that is loaded into memory The operating system The CPU and user

Virtual storage combines RAM and secondary storage for system memory. Which of the following is a security concern pertaining to virtual storage? More than one process uses the same resource. It allows cookies to remain persistent in memory. It allows for side-channel attacks to take place. Two processes can carry out a denial-of-service.

Which of the following is a common association of the Clark-Wilson access model? Chinese Wall Access tuple Read up and write down rule Subject and application binding

Which of the following correctly describes the relationship between the reference monitor and the security kernel? The security kernel implements and enforces the reference monitor. The reference monitor is the core of the trusted computing base, which is made up of the security kernel. The reference monitor implements and enforces the security kernel. The security kernel, aka abstract machine, implements the reference monitor concept.

The trusted computing base (TCB) ensures security within a system when a process in one domain must access another domain in order to retrieve sensitive information. What function does the TCB initiate to ensure that this is done in a secure manner? I/O operational execution Process deactivation Execution domain switching Virtual memory to real memory mapping

The Zachman Architecture Framework is often used to set up an enterprise security architecture. Which of the following does not correctly describe the Zachman Framework? A two-dimensional model that uses communication interrogatives intersecting with different levels A security-oriented model that gives instructions in a modular fashion Used to build a robust enterprise architecture versus a technical security architecture Uses six perspectives to describe a holistic information infrastructure

John has been told to report to the board of directors with a vendor-neutral enterprise architecture framework that will help the company reduce fragmentation that results from the misalignment of IT and business processes. Which of the following frameworks should he suggest? DoDAF CMMI ISO/IEC 42010 TOGAF

Protection profiles used in the Common Criteria evaluation process contain five elements. Which of the following establishes the type and intensity of the evaluation? Descriptive elements Evaluation assurance requirements Evaluation assurance level Security target

Which of the following best defines a virtual machine? A virtual instance of an operating system A piece of hardware that runs multiple operating system environments simultaneously A physical environment for multiple guests An environment that can be fully utilized while running legacy applications

Bethany is working on a mandatory access control (MAC) system. She has been working on a file that was classified as Secret. She can no longer access this file because it has been reclassified as Top Secret. She deduces that the project she was working on has just increased in confidentiality and she now knows more about this project than her clearance and need-to-know allows. Which of the following refers to a concept that attempts to prevent this type of scenario from occurring? Covert storage channel Inference attack Noninterference Aggregation

Virtualization offers many benefits. Which of the following incorrectly describes virtualization? Virtualization simplifies operating system patching. Virtualization can be used to build a secure computing platform. Virtualization can provide fault and error containment. Virtual machines offer powerful debugging capabilities.

Which security architecture model defines how to securely develop access rights between subjects and objects? Brewer-Nash Clark-Wilson Graham-Denning Bell-LaPadula

Operating systems can be programmed to carry out different methods for process isolation. Which of the following refers to a method in which an interface defines how communication can take place between two processes and no process can interact with the other’s internal programming code? Virtual mapping Encapsulation of objects Time multiplexing Naming distinctions

Which of the following is not a responsibility of the memory manager? Use complex controls to ensure integrity and confidentiality when processes need tp use the same shared memory segments. Limit processes to interact only with the memory segments assigned to them. Swap contents from RAM to the hard drive as needed. Run an algorithm to identify unused committed memory and inform the operating system that the memory is available.

Several types of read-only memory devices can be modified after they are manufactured. Which of the following statements correctly describes the differences between two types of ROM? PROM can only be programmed once, while EEPROM can be programmed multiple times. A UV light is used to erase data on EEPROM, while onboard programming circuitry and signals erase data on EPROM. The process used to delete data on PROM erases one byte at a time, while to erase data on an EPROM chip, you must remove it from the hardware. The voltage used to write bits into the memory cells of EPROM burns out the fuses that connect individual memory cells, while UV light is used to write to the memory cells of PROM.

There are different ways that operating systems can carry out software I/O procedures. Which of the following is used when the CPU sends data to an I/O device and then works on another process’s request until the I/O device is ready for more data? I/O using DMA Interrupt-driven I/O Programmable I/O Premapped I/O

The Information Technology Infrastructure Library(ITIL) consists of five sets of instructional books. Which of the following is considered the core set and focuses on the overall planning of the intended IT services? Service Operation Service Design Service Transition Service Strategy

Widgets Inc.’s software development processes are documented and the organization is capable of producing its own standard of software processes. Which of the following Capability Maturity Model Integration levels best describes Widgets Inc.? Initial Repeatable Defined Managed

相关试卷

CISSP认证考试模拟试卷4
CISSP认证考试模拟试卷3
CISSP认证考试模拟试卷2
CISSP认证考试模拟试卷1
CISSP认证考试（软件开发安全）模拟试卷1
CISSP认证考试（访问控制）模拟试卷1
CISSP认证考试（信息安全治理与风险管理）模拟试卷1
CISSP认证考试（通信安全与网络安全）模拟试卷1
CISSP认证考试（安全体系结构和设计）模拟试卷1
CISSP认证考试（密码学）模拟试卷1
CISSP认证考试（物理安全与环境安全）模拟试卷1
CISSP认证考试（法律、法规、调查与合规）模拟试卷1
CISSP认证考试（业务连续性和灾难恢复）模拟试卷1
CISSP认证考试（安全运营）模拟试卷1