C.  A process that can access only certain memory locations

                    D.  A process that controls access to an object


                5.  What is an access object?
                    A.  A resource a user or process wants to access


                    B.  A user or process that wants to access a resource

                    C.  A list of valid access rules

                    D.  The sequence of valid access types

                6.  What is a security control?

                    A.  A security component that stores attributes that describe an
                        object

                    B.  A document that lists all data classification types

                    C.  A list of valid access rules


                    D.  A mechanism that limits access to an object
                7.  For what type of information system security accreditation are the

                    applications and systems at a specific, self-contained location
                    evaluated?

                    A.  System accreditation

                    B.  Site accreditation

                    C.  Application accreditation

                    D.  Type accreditation

                8.  How many major categories do the TCSEC criteria define?

                    A.  Two

                    B.  Three


                    C.  Four

                    D.  Five

                9.  What is a trusted computing base (TCB)?

                    A.  Hosts on your network that support secure transmissions