CERTIFIED-IN-CYBERSECURITY Question #458: Real Exam Question with Answer & Explanation

Question

The Bell-LaPadula model has a PRIMARY goal to: ()

Options

• AMake sure only the owner of a file can access it
• BPrevent the unauthorized sharing of classified information
• CEnsure that all network communications are encrypted.
• DProtect computers from viruses and malware

Explanation

The primary goal of the Bell-LaPadula model is to prevent the unauthorized disclosure of classified information. The Bell- LaPadula model is a state machine that enforces access control in government and military applications. The model is based on the concept of secure states and state transitions. A system is in a secure state when no subject can access an object in a manner that violates the security policy. State transitions are defined by a set of rules that determine how subjects and objects can interact. The Bell-LaPadula model is best known for its "no read up, no write down" rule, also known as the simple security property and the * property. The simple security property prevents a subject from reading an object at a higher security level (no read up), and the * property prevents a subject from writing to an object at a lower security level (no write down). This mechanism prevents unauthorized sharing of classified information by ensuring that subjects can only access objects at or below their own security level, and can only write to objects at or above their own security level. The other options are incorrect because the Bell- LaPadula model does not primarily aim to ensure that only the owner of a file can access it, has nothing to do with encryption, and does not protect computers from viruses and malware.

No community discussion yet for this question.