PrepAway - Latest Free Exam Questions & Answers

Which security model introduces access to objects only …

Which security model introduces access to objects only through programs?

PrepAway - Latest Free Exam Questions & Answers

A.
The Biba model

B.
The Bell-LaPadula model

C.
The Clark-Wilson model

D.
The information flow model

Explanation:
With the Clark–Wilson model, users are unable to modify critical data (CDI) directly. Users have to be
authenticated to a piece of software, and the software procedures (TPs) will carry out the operations on behalf
of the user.
Incorrect Answers:A: The Biba model allows access to sensitive data based on a lattice of integrity levels.
B: The Bell-LaPadula model allows access to sensitive data based on a lattice of security levels.
D: The information flow model, on which both the Bell-LaPadula and Biba models are based, allows direct
access to data.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 369-378
https://en.wikipedia.org/wiki/Clark-Wilson_model


Leave a Reply