Domain 3: Security Models

Question 1

Ensures that a system behaves properly in all cases and that it adheres to the security policy under all circumstances. It is the combination of hardware, software, and controls that work together to enforce your security policy.

Answer 1

Trusted Computing Base (TCB)

Question 2

Design principle that is a combination of hardware, software, and controls that work together to form a trusted base to enforce the security policy.

Answer 2

Trusted Computing Base (TCB)

Question 3

A system that is secure no matter what state it is in.

Answer 3

State Machine Model

Question 4

Focuses on controlling the flow of information.

Answer 4

Information Flow Model

Question 5

Based on the state machine model. However, instead of being concerned about the flow of information, it is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level.

Answer 5

Information Flow Model

Question 6

Designed to prevent unauthorized, insecure, or restricted information flow, often between different levels of security (Known as multilevel models).

Answer 6

Information Flow Model

Question 7

Loosely based on the Information Flow Model, but is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level.

Answer 7

Noninterference Model

Question 8

Employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object.

Answer 8

Take-Grant Model

Question 9

Focused on maintaining confidentiality and is built on a state machine and the information flow model.

Answer 9

Bell-LaPadula Model

Question 10

Employs mandatory access controls and is a lattice-based access control concept.

Answer 10

Bell-LaPadula Model

Question 11

Simple Security Property (ss-Property) = No Read Up

Answer 11

Bell-LaPadula Model

Question 12

Star Property (*-Property) = No Write Down

Answer 12

Bell-LaPadula Model

Question 13

Focuses on integrity. Built on a state machine concept, is based on information flow, and is a multilevel model.

Answer 13

Biba Model

Question 14

Simple Integrity Property = No Read Down

Answer 14

Biba Model

Question 15

Star Property (*-Property) = No Write Up

Answer 15

Biba Model

Question 16

What is the SIMPLE property about?

Answer 16

Read Capability

Question 17

What is the STAR property about?

Answer 17

Write Capability

Question 18

What is the primary goal of the Clark-Wilson Model?

Answer 18

To ensure data integrity through well-formed transactions and separation of duties.

Question 19

Which two main elements are enforced by the Clark-Wilson model to maintain date integrity?

Answer 19

Well-formed transactions and separation of duties.

Question 20

In the Clark-Wilson Model, what are Transformation Procedures (TPs)?

Answer 20

Programs or processes that take unconstrained data and transform it into secure, validated form.

Question 21

What are Constrained Data Items (CDIs) in the Clark-Wilson Model?

Answer 21

Any data item whose integrity is protected by the security model. This data can only be manipulated by authorized Transformation Procedures (TPs).

Question 22

Uses security labels to grant access to objects, but only through Transformation Procedures (TPs) and a restricted interface model

Answer 22

Clark-Wilson Model

Question 23

Does not require the use of a lattice structure; rather, it uses a three-part relationship of subject/program/object (or subject/transaction/object) known as a triple or access control triplet.

Answer 23

Clark-Wilson Model

Question 24

Ensures that the actions of different objects and subjects aren’t seen by (and don’t interfere with) other objects and subjects on the same system.

Answer 24

Non-Interference Model

Question 25

Rules around invocations (calls), such as to subjects. States that a process from below cannot request higher access (neither read nor write); only with subjects at an equal or lower lever.

Answer 25

Invocation Property

Question 26

THE non-interference model

Answer 26

Goguen and Meseguer

Question 27

Preventing interference (information flow and State Machine Model (SMM))

Answer 27

Sutherland

Question 28

Referrred to as the Chinese Wall model (now deprecated)

Answer 28

Brewer and Nash Model

Question 29

Referred to as the “Ethical Wall”

Answer 29

Brewer and Nash Model

Question 30

Referred to as the “Cone of Silence”

Answer 30

Brewer and Nash Model

Question 31

Employs a “Directed Graph”

Answer 31

Take-Grant Model

Question 32

What are Unconstrained Data Items (UDI)?

Answer 32

Clark-Wilson Model - Any data item that is NOT controlled by the security model.

Question 33

What is an Integrity Verification Procedure (IVP)?

Answer 33

Clark-Wilson Model - A procedure that scans data items and confirms their integrity.

Question 34

What are Transformation Procedures (TPs)?

Answer 34

Clark-Wilson Model - The only procedures that are allowed to modify a Constrained Data Item (CDI).

Question 35

Confidentiality-based model that supports four basic operations: Take, Grant, Create, Revoke

Answer 35

Take-Grant Model

Question 36

Confidentiality-based model developed to prevent Conflict of Interest (COI) problems

Answer 36

Brewer and Nash Model

Question 37

This model uses a formal set of protection rules for which each object has an owner and a controller.

Answer 37

Graham-Denning Model

Question 38

This model is focused on the secure creation and deletion of both subjects and objects.

Answer 38

Graham-Denning Model

Question 39

States that the system uses an access matrix to enforce discretionary access control.

Answer 39

Discretionary Security Property