Which of the following are necessary components of a Multi-Level Security Policy?

seenagapeSeptember 13, 2013

PrepAway - Latest Free Exam Questions & Answers

A.
Sensitivity Labels and a “system high” evaluation.

B.
Sensitivity Labels and Discretionary Access Control.

C.
Sensitivity Labels and Mandatory Access Control.

D.
Object Labels and a “system high” evaluation.

Explanation:
First implemented in Military organizations (and I think even today it’s implemented
there only), this model was a significant improvement in terms of security policy implementation.
This model made implementation of complex security policies very simple. It’s specifications are
present in the orange book from DoD. In this model, every object is assigned a sensitivity label.
Also, every user is assigned a sensitivity label. If a user’s sensitivity label is greater than or equal
to the sensitivity label, he is allowed access to the object, otherwise, he is denied access. This
methodology is used for creating a hierarchy of access. We can say that this method is used for
partitioning the organization hierarchy horizontally.
Multi-Level Security is considered a Mandatory Access Control method.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which of the following are necessary components of a Multi-Level Security Policy?

Leave a Reply Cancel reply