Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP James > Security Models > Flashcards

Security Models Flashcards

1
Q

Bell La Padula

A

Mandatory Access Control
Focused on Confidentiality
TCSEC B1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Bell La Padula - Simple Security

A

Cannot Read Up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Bell La Padula - *Security

A

No Write down

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Bell La Padula - Strong*

A

Only access data at own level (no read/write up or down)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

BIBA

A

Mandatory Access Control

Focused on Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

BIBA Simple Integrity

A

No Read Down

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

BIBA *Integrity

A

No Write Up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

BIBA Invocation

A

No read or write up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Lattice Based Access Control (LBAC)

A

MAC

subject can have multiple access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Graham Denning Model

A

Uses Objects, subjects and rules

focused on relationship between subjects and objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Clark Wilson

A

Integrity Model

Focus on seperation of duties and Well formed transactions (one consistent state to another consistent state)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Brewer Nash

A

Chinese wall or Info Barriers
provide controls that mitigate conflict of interest
no info flow that could create conflict of interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Take-Grant

A

Uses rules that govern interaction between subjects and objects

  • Take - take rights of another object
  • grant - grant own rights to an object
  • create - create new rights
  • remove - remove rights it has
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Lipner Model

A

Bell La Padula + BIBA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Non interference model

A

Actions taken place at higher level does not affect lower levels. Any change at higher level will not be noticed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Zachman framework

A

Maps a matrix of Who, what where, when, how and why

Map to - planner, owner, designer, builder, programmer, user

17
Q

TCSEC

A

Orange Book - Trusted Computer Security Evaluation Criteria

A- MAC; Formal, verified protection
B3 - MAC; Security domain (trusted recovery, Monitor event and notification
B2 - MAC; Structured protection (trusted path, covert channel analysis). Separate operator/admin roles. Configuration management
B1 - MAC; (security labels) based on Bell LaPadula security model. Labeled security (process isolation, devices
C2 - DAC; Controlled access protection (object reuse, protect audit trail).
C1 - DAC; (identification, authentication, resource protection).
D- minimal protection, any systems that fails higher levels

18
Q

ITSEC

A 
First international security model
based on TCSEC 
1 = D
2= C1
3 = C2
4 = B1
5 = B2
6 = B1
7 = A

CISSP James (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions