PrepAway - Latest Free Exam Questions & Answers

Which of the following should the security administrator implement?

A security administrator must implement a system that will support and enforce the following file system
access control model:
FILE NAME SECURITY LABEL
Employees.doc Confidential
Salary.xls Confidential
OfficePhones.xls Unclassified
PersonalPhones.xls Restricted
Which of the following should the security administrator implement?

PrepAway - Latest Free Exam Questions & Answers

A.
White and black listing

B.
SCADA system

C.
Trusted OS

D.
Version control

Explanation:
A trusted operating system (TOS) is any operating system that meets the government’s requirements for
security. Trusted OS uses a form of Mandatory access control called Multi-Level Security.
The Mandatory access control (MAC) is a form of access control commonly employed by government and
military environments. MAC specifies that access is granted based on a set of rules rather than at the
discretion of a user. The rules that govern MAC are hierarchical in nature and are often called sensitivity
labels, security domains, or classifications.
MLS is an implementation of MAC that focuses on confidentiality. A Multi-Level Security operating system
is able to enforce the separation of multiple classifications of information as well as manage multiple
users with varying levels of information clearance. The military and intelligence community must handle
and process various hierarchical levels of classified information. At the high-end there is Top Secret,
followed in turn by Secret, Confidential, and Unclassified:
Incorrect Answers:
A: With white and black listing, there are only two classifications; those who are allowed access and those
who are disallowed access. White and black listing commonly uses email addresses, user names or
domains to determine who is allowed or who is not allowed. White and black listing does not classify
documents by levels of confidentiality. Therefore, this answer is incorrect.
B: SCADA (supervisory control and data acquisition) is a category of software application program for
process control, the gathering of data in real time from remote locations in order to control equipment
and conditions. SCADA is not used for controlling access to files based on levels of confidentiality.
Therefore, this answer is incorrect.
D: Version control is used to monitor changes to files and save previous versions of files if required. It is
not used for controlling access to files based on levels of confidentiality. Therefore, this answer is
incorrect.
http://www.sistina.com/f/pdf/sec/path_to_mlsec.pdf


Leave a Reply