New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSMP Exam - Topic 3 Question 62 Discussion

Actual exam question for ISC2's ISSMP exam
Question #: 62
Topic #: 3
[All ISSMP Questions]

Which of the following security models dictates that subjects can only access objects through applications?

Show Suggested Answer Hide Answer
Suggested Answer: B, D

The Biba model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

The Clark-Wilson security model provides a foundation for specifying and analyzing an integrity policy for a computing system.

Answer option C is incorrect. The Bell-LaPadula access control model is mainly used in military systems.

Answer option A is incorrect. There is no such access control model as Clark-Biba.


by Leota at Jan 10, 2023, 12:58 AM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kirk
4 months ago
I thought Biba was about access too, but I guess not!
upvoted 0 times
...
Dominque
4 months ago
Yup, Clark-Wilson is the right answer!
upvoted 0 times
...
Theron
4 months ago
Wait, are we sure it's not Bell-LaPadula?
upvoted 0 times
...
Dominque
4 months ago
Totally agree, Clark-Wilson is all about applications.
upvoted 0 times
...
Joaquin
4 months ago
It's the Clark-Wilson model that does that!
upvoted 0 times
...
Janey
5 months ago
I have a vague recollection that the Clark-Wilson model was mentioned in a practice question about application controls. That might be the right choice here.
upvoted 0 times
...
Willard
5 months ago
The Biba model is about integrity, right? I feel like it doesn't relate to accessing objects through applications.
upvoted 0 times
...
Irene
5 months ago
I remember studying the Bell-LaPadula model, but I don't think it focuses on applications like this question suggests.
upvoted 0 times
...
Shalon
5 months ago
I think the answer might be the Clark-Wilson model since it emphasizes the use of applications for access control, but I'm not entirely sure.
upvoted 0 times
...
Dalene
5 months ago
I'm pretty sure the answer is A, Versions R77 and higher. The question specifically mentions the R81.20 management server, so it makes sense that it would support the latest versions of the gateways.
upvoted 0 times
...
Kiera
5 months ago
Okay, let me see here. The key is that the VMs are in a shared datacenter, so I'm guessing the most concerning attack would be one that could leverage that shared environment. I'm leaning towards side channel as the answer.
upvoted 0 times
...
Francesco
5 months ago
I've seen questions like this before. Definitely go with the PCA and feature removal approaches. That should help reduce the dimensionality and multicollinearity in the data, which should improve the model performance. Gotta love those data preprocessing steps!
upvoted 0 times
...
Mauricio
5 months ago
Okay, I think I've got a handle on this. The key is understanding how in-profile and above-CIR traffic is treated at ingress versus egress. I'll focus on that as I work through the options.
upvoted 0 times
...
Stacey
10 months ago
I'm just going to throw a dart at the options and hope for the best. Security models? More like security nightmares!
upvoted 0 times
Bette
8 months ago
C) Clark-Wilson
upvoted 0 times
...
Timothy
8 months ago
B) Bell-LaPadula
upvoted 0 times
...
Cammy
8 months ago
A) Biba-Clark model
upvoted 0 times
...
...
Bulah
10 months ago
Jokes on you, the answer is obviously the Biba model. It's like the Clark-Wilson model, but for hippies who want to 'biba' all day long.
upvoted 0 times
Yong
9 months ago
B) Bell-LaPadula
upvoted 0 times
...
Willetta
9 months ago
Haha, that's a good one!
upvoted 0 times
...
Mitzie
9 months ago
D) Biba model
upvoted 0 times
...
Eliseo
9 months ago
A) Biba-Clark model
upvoted 0 times
...
...
Daron
10 months ago
Aha! I remember learning about the Clark-Wilson model in class. It's all about ensuring integrity through controlled access, right?
upvoted 0 times
Shannan
8 months ago
So, the Biba-Clark model must be a combination of both Biba and Clark-Wilson principles.
upvoted 0 times
...
Mila
8 months ago
The Biba model, on the other hand, is all about integrity and preventing data corruption.
upvoted 0 times
...
Freida
8 months ago
I think the Bell-LaPadula model is more about confidentiality and preventing information leaks.
upvoted 0 times
...
Lera
8 months ago
Yes, you're right! The Clark-Wilson model focuses on integrity and controlled access.
upvoted 0 times
...
Jacqueline
9 months ago
So, the Biba-Clark model must be a combination of both integrity and controlled access.
upvoted 0 times
...
Stacey
9 months ago
The Biba model, on the other hand, is all about integrity and preventing information flow.
upvoted 0 times
...
Shad
9 months ago
I think the Bell-LaPadula model is more about confidentiality and preventing information flow.
upvoted 0 times
...
Bo
10 months ago
Yes, you're right! The Clark-Wilson model focuses on integrity and controlled access.
upvoted 0 times
...
...
Beatriz
10 months ago
Wait, isn't the Bell-LaPadula model the one that deals with confidentiality? I'm not sure about this one.
upvoted 0 times
...
Elroy
11 months ago
Hmm, this is a tricky one. I think the Clark-Wilson model is the answer, as it focuses on controlling access to sensitive data through applications.
upvoted 0 times
Lelia
10 months ago
Actually, I think it might be the Bell-LaPadula model, which also focuses on access control but in a different way.
upvoted 0 times
...
Zona
10 months ago
I agree, the Clark-Wilson model is all about ensuring data integrity and access control through applications.
upvoted 0 times
...
...
Yan
11 months ago
I'm not sure, but I think C) Clark-Wilson could also be a possibility.
upvoted 0 times
...
Daren
11 months ago
I agree with Tarra, Bell-LaPadula makes sense for that.
upvoted 0 times
...
Tarra
11 months ago
I think the answer is B) Bell-LaPadula.
upvoted 0 times
...

Save Cancel