PrepAway - Latest Free Exam Questions & Answers

which of the following security models is the subject’s…

In which of the following security models is the subject’s clearance compared to the object’s classification such
that specific rules can be applied to control how the subject-to-object interactions take place?

PrepAway - Latest Free Exam Questions & Answers

A.
Bell-LaPadula model

B.
Biba model

C.
Access Matrix model

D.
Take-Grant model

Explanation:
A system that employs the Bell-LaPadula model is called a multilevel security system because users with
different clearances use the system, and the system processes data at different classification levels. The level
at which information is classified determines the handling procedures that should be used. The Bell-LaPadula
model is a state machine model that enforces the confidentiality aspects of access control. A matrix and
security levels are used to determine if subjects can access different objects. The subject’s clearance is
compared to the object’s classification and then specific rules are applied to control how subject-toobject interactions can take place.
This model uses subjects, objects, access operations (read, write, and read/write), and security levels. Subjects
and objects can reside at different security levels and will have relationships and rules dictating the acceptable
activities between them.
Incorrect Answers:
B: The Biba Model is a formal state transition system of computer security policy that describes a set of access
control rules designed to ensure data integrity. This is not what is described in the question.
C: An access control matrix is a table of subjects and objects indicating what actions individual subjects can
take upon individual objects. This is not what is described in the question.
D: The take-grant protection model is used to establish or disprove the safety of a given computer system that
follows specific rules. This is not what is described in the question.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 229


Leave a Reply