What is necessary for a subject to have write access to an object in a Multi-Level Security Policy?

A.
The subject’s sensitivity label must dominate the object’s sensitivity label.

B.
The subject’s sensitivity label subordinates the object’s sensitivity label.

C.
The subject’s sensitivity label is subordinated by the object’s sensitivity label.

D.
The subject’s sensitivity label is dominated by the object’s sensitivity label.

Explanation:
The correct answer is: The subject’s sensitivity label must dominate the object’s sensitivity label.
With a Multi-level security policy you have information that has different sensitivity labels. In order
to read an object the subject’s sensitivity label must be equal to or greater than that of the object.
So it would be considered to dominate it, no read up. The following answers are incorrect: The
subject’s sensitivity label subordinates the object’s sensitivity label. Is incorrect because if the
subject’s sensitivity label subordinates the object’s sensitivity label that would mean it is lower and
the subject should not have read access to the object. The subject’s sensitivity label is subordinated
by the object’s sensitivity label. Is incorrect because the this would not allow for read access if the
sensitivity lables were equal. So the subject’s sensitivity label is not subordinated by the object’s
sensitivity label, the subject’s label must dominate the object’s label. Remember dominate means
equal to or greater than where subordinate means less than. The subject’s sensitivity label is
dominated by the object’s sensitivity label. Is incorrect because if the object’s sensitivity label
dominates the subject’s sensitivity label then the subject should not have access, it is the subject
that must dominate the object and not the other way around. Remember dominate means equal to
or greater than so this would mean that the object’s sensitivity label is equal to or greater than the
subject. According to the OIG, Multi-level security is defined as a class of system-containing
information with different sensitivities that simultaneously permits access by users with different
security clearances and need-to-know, but prevents users from obtaining access to information for
which they lack authorization. The Subject’s sensitivity label must be equal to or greater than the
object’s sensitivity label in order for the subject to have read access to it, no read up.