Which of the following are necessary components of a Multi-Level Security Policy?

seenagapeOctober 31, 2015

PrepAway - Latest Free Exam Questions & Answers

A.
Sensitivity Labels and a “system high” evaluation.

B.
Sensitivity Labels and Discretionary Access Control.

C.
Sensitivity Labels and Mandatory Access Control.

D.
Object Labels and a “system high” evaluation.

Explanation:
First implemented in Military organizations (and I think even today it’s implemented there only), this
model was a significant improvement in terms of security policy implementation. This model made
implementation of complex security policies very simple. It’s specifications are present in the orange
book from DoD. In this model, every object is assigned a sensitivity label. Also, every user is assigned
a sensitivity label. If a user’s sensitivity label is greater than or equal to the sensitivity label, he is
allowed access to the object, otherwise, he is denied access. This methodology is used for creating a
hierarchy of access. We can say that this method is used for partitioning the organization hierarchy
horizontally. Multi-Level Security is considered a Mandatory Access Control method.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which of the following are necessary components of a Multi-Level Security Policy?

Leave a Reply Cancel reply