Simple Security Property, Star Security Property, and Strong Star Property are all properties of which model?
Bell LaPadula
This model formed the basis forTCSEC (the Orange Book)
BLP
BLP is an informational flow model because it isconcerned with data flowing between levels
true or false
true
Which property allows you to have read capability, you can read data at your level of secrecy and the level below it, but you cannot read data at a higher layer of secrecy?
Simple Security Property
Which property allows you to write data at your level of secrecy, you can write your secret data to a higher layer of secrecy without compromising the secrecy of the data, but you must not write your secret data to a lower layer of secrecy?
Star Property
Which property allows you to have both read and write capabilities, you are restricted to read and write your data at your level of secrecy, but you cannot read and write to levels of higher or lower secrecy.
Strong Star Property
(Constrained/Tranquility)
What are the three fundamental modes of access for BLP?
Read only, write only, or read and write.
Which models are also Lattice-Based?
BLP
Biba
Which models are also State Machine models?
BLP
Biba
Which model is designed to prevent conflicts of interests?
Brewer Nash
This policy defines the rules for separation anddevelops a set of rules over time. The rules change as the users makedecisions that cause conflicts of interest.
Chinese Wall Security Policy
This model was published in 1977.
Biba
Which model addresses first goal of integrity?
Biba
What are the three goals of integrity?
Preventing unauthorized users from making modifications.
Preventing authorized users from making improper modifications.
Maintaining internal and external consistency.
Which model addresses all three goals of integrity?
Clark Wilson
Which proprty allows you to have read capability, you can read data at your level of accuracy as well as at a higher layer of accuracy, but you cannot read in data from a lower layer of accuracy?
Simple Integrity Property
Which property allows you to have write capability, you can write data at your level of accuracy as well as to the level below it, but you cannot write your data to a higher layer of accuracy
Star Integrity Property
Which property prevents a user from taking advantage of the powers of a more privileged user.
Invocation Property
This relationship forces a user making a change todata to comply with the restrictions built into the program, therebypreventing user error or intentional inappropriate manipulation of thedata.
Access Triple
This defines the relationship between subjects and objects.
Access Tuple
Which type of memory is volitile?
RAM
Which type of memory is non-volitile
ROM
Which type of software is permanently (or semi-permanently) embedded in hardware and typically provides low-level services and/or control of hardware.
Firmware
Which hardware component controls primary processing, interaction with peripheral devices, organization of memory, and control over networkin goperations
CPU
Which memory component is directly accessible by the CPU and with the highest response speed.
Primary Storage
This memory component is the very fast memory directly on the CPU chip body.
Cache
Which memory componet is the main memory of the system and is provided through chips inserted into slots on the motherboard.
RAM
Which software component provides the security functionality and control necessary to ensure that resources and operations execute correctly without overwriting each other, accessing the wrong areas or resources, and maintaining a log ofthe errors and activities on the system.
Kernal
Which software component represents all the security functionality of the operating system.
Kernal
Which system architecture uses standard interfaces and support standardization protocols.
Open Systems
This system architecture uses proprietary interfaces, and implementations were customized for a specific application’s environments
Closed System
Which system architecture is only used for a single purpose.
Dedicated System
Which system architecture refers to a system where a central server, or group of servers, provides service (data storage, processing, networking, etc.) to a user who accesses the server through a network.
Client Server
Which process isolation method does not have an interface with a process at a different layer, it cannot communicate and will, therefore, not have access to the data on the different layer. It can prevent unauthorized disclosure or threats to integrity.
Data Hiding
Which system object includes the hardware, firmware, and software elements of a trusted computing base (TCB) that implement the reference monitor
Security Kernel
This is an active entity, that include users, programs, processes, logon identifiers.
Subjects
Which entity is passive and includes files, programs, instructions, data, and hardware.
Object
Which rainbow series book applies security concepts to networks and books dealing with passwords, access control, andphysical security, to name a few.