PrepAway - Latest Free Exam Questions & Answers

Which Orange book security rating introduces the object…

Which Orange book security rating introduces the object reuse protection?

PrepAway - Latest Free Exam Questions & Answers

A.
C1

B.
C2

C.
B1

D.
B2

Explanation:
C2: Controlled Access Protection: Users need to be identified individually to provide more precise access
control and auditing functionality. Logical access control mechanisms are used to enforce authentication and
the uniqueness of each individual’s identification. Security-relevant events are audited, and these records must
be protected from unauthorized modification. The architecture must provide resource, or object, isolation so
proper protection can be applied to the resource and any actions taken upon it can be properly audited. The
object reuse concept must also be invoked, meaning that any medium holding data must not contain any
remnants of information after it is released for another subject to use. If a subject uses a segment of memory,
that memory space must not hold any information after the subject is done using it. The same is true forstorage media, objects being populated, and temporary files being created—all data must be efficiently erased
once the subject is done with that medium.
Incorrect Answers:
A: Object reuse protection is not required at level C1.
C: Object reuse protection is required at level B1; however, it was introduced at level C2.
D: Object reuse protection is required at level B2; however, it was introduced at level C2.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 392-395


Leave a Reply