PrepAway - Latest Free Exam Questions & Answers

which model would you recommend to the client?

You have been approached by one of your clients. They are interested in doing some security re-engineering.
The client is looking at various information security models. It is a highly secure environment where data at high
classifications cannot be leaked to subjects at lower classifications. Of primary concern to them, is the
identification of potential covert channel. As an Information Security Professional, which model would you
recommend to the client?

PrepAway - Latest Free Exam Questions & Answers

A.
Information Flow Model combined with Bell LaPadula

B.
Bell LaPadula

C.
Biba

D.
Information Flow Model

Explanation:
The Bell-LaPadula model focuses on preventing information from flowing from a high security level to a low
security level. Information Flow Model deals with covert channels.
Subjects can access files. Processes can access memory segments. When data are moved from the hard
drive’s swap space into memory, information flows. Data are moved into and out of registers on a CPU. Data
are moved into different cache memory storage devices. Data are written to the hard drive, thumb drive, CDROM drive, and so on. Properly controlling all of these ways of how information flows can be a very complex
task. This is why the information flow model exists—to help architects and developers make sure their software
does not allow information to flow in a way that can put the system or data in danger. One way that the
information flow model provides this type of protection is by ensuring that covert channels do not exist in the
code.Incorrect Answers:
B: The Bell LaPadula model on its own is not sufficient because it does not deal with the identification of covert
channels.
C: The Biba model is an integrity model. It will not prevent information from flowing from a high security level to
a low security level or identify covert channels.
D: The Information Flow model on its own is not sufficient because it will not prevent information from flowing
from a high security level to a low security level.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 377-378


Leave a Reply