What is necessary for a subject to have write access to an object in a Multi-Level Security Policy?

A.
The subject’s sensitivity label must dominate the object’s sensitivity label.

B.
The subject’s sensitivity label subordinates the object’s sensitivity label.

C.
The subject’s sensitivity label is subordinated by the object’s sensitivity label.

D.
The subject’s sensitivity label is dominated by the object’s sensitivity label.

Explanation:
The correct answer is: The subject’s sensitivity label must dominate the object’s sensitivity label.
With a Multi-level security policy you have information that has different sensitivity labels. In order
to read an object the subject’s sensitivity label must be equal to or greater than that of the object.
So it would be considered to dominate it, no read up.
The following answers are incorrect:

The subject’s sensitivity label subordinates the object’s sensitivity label. Is incorrect because if the
subject’s sensitivity label subordinates the object’s sensitivity label that would mean it is lower and
the subject should not have read access to the object.
The subject’s sensitivity label is subordinated by the object’s sensitivity label. Is incorrect because
the this would not allow for read access if the sensitivity lables were equal. So the subject’s
sensitivity label is not subordinated by the object’s sensitivity label, the subject’s label must
dominate the object’s label. Remember dominate means equal to or greater than where
subordinate means less than.
The subject’s sensitivity label is dominated by the object’s sensitivity label. Is incorrect because if
the object’s sensitivity label dominates the subject’s sensitivity label then the subject should not
have access, it is the subject that must dominate the object and not the other way around.
Remember dominate means equal to or greater than so this would mean that the object’s
sensitivity label is equal to or greater than the subject.
According to the OIG, Multi-level security is defined as a class of system-containing information
with different sensitivities that simultaneously permits access by users with different security
clearances and need-to-know, but prevents users from obtaining access to information for which
they lack authorization. The Subject’s sensitivity label must be equal to or greater than the object’s
sensitivity label in order for the subject to have read access to it, no read up.