bundle

50%

You are here: Home > ISC Exam Questions > CISSP (v.2) > Which of the following security modes of operation involved the highest risk?

PrepAway - Latest Free Exam Questions & Answers

Which of the following security modes of operation involved the highest risk?

seenagapeNovember 2, 2015

Which of the following security modes of operation involved the highest risk?

PrepAway - Latest Free Exam Questions & Answers

A.
Compartmented Security Mode

B.
Multilevel Security Mode

C.
System-High Security Mode

D.
Dedicated Security Mode

Explanation:
“Security Modes
In a secure environment, information systems are configured to process information in one of four
security modes. These modes are set out by the Department of Defense as follows:
Systems running compartmental security mode may process two or more types of compartmented
information. All system users must have an appropriate clearance to access all information
processed by the system but do not necessarily have a need to know all of the information in the
system. Compartments are subcategories or compartments within the different classification levels
and extreme care is taken to preserve the information within the different compartments. The
system may be classified at the Secret level but contain five different compartments, all classified
Secret. If a user has only the need to know about two of the five different compartments to do their
job, that user can access the system but can only access the two compartments. Compartmented
systems are usually dedicated systems for each specific compartment to prevent the chance of any
errors, because compartmentalization is the most secret of all the secrets.
Systems running in the dedicated security mode are authorized to process only a specific
classification level at a time, and all system users must have clearance and a need to know that
information.
Systems running in multilevel security mode are authorized to process information at more than one
level of security even when all system users do not have appropriate clearances or a need to know
for all information processed by the system.
Systems running in system-high security mode are authorized to process only information that all
system users are cleared to read and to have a valid need to know. These systems are not trusted to
maintain separation between security levels, and all information processed by these systems must
be handled as if it were classified at the same level as the most highly classified information
processed by the system.”
Pg. 234 Tittel: CISSP Study Guide

Leave a Reply Cancel reply

You must be logged in to post a comment.

Move Up