ISC2 Exam ISSMP Topic 2 Question 9 Discussion

Actual exam question for ISC2's Information Systems Security Management Professional exam

Question #: 9
Topic #: 2

[All Information Systems Security Management Professional Questions]

Which of the following divisions of the Trusted Computer System Evaluation Criteria (TCSEC) is based on the Mandatory Access Control (MAC) policy?

ADivision A

BDivision D

CDivision B

DDivision C

Show Suggested Answer

Suggested Answer: C

Division B of the Trusted Computer System Evaluation Criteria (TCSEC) is based on the Mandatory Access Control (MAC) policy. Mandatory Access Control (MAC) is a model that uses a predefined set of access privileges for an object of the system. Access to an object is restricted on the basis of the sensitivity of the object and granted through authorization. Sensitivity of an object is defined by the label assigned to it. For example, if a user receives a copy of an object that is marked as 'secret', he cannot grant permission to other users to see this object unless they have the appropriate permission.

by Nickolas at May 04, 2022, 06:30 AM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!