CISSP · Question #1028
CISSP Question #1028: Real Exam Question with Answer & Explanation
The correct answer is D: Reference monitor. The reference monitor is the system component that enforces access controls on an object. An object is a passive entity that contains or receives information, such as a file, a folder, a database, or a message. Access control is the process of granting or denying access to an obj
Question
Which of the following system components enforces access controls on an object?
Options
- ASecurity perimeter
- BAccess control matrix
- CTrusted domain
- DReference monitor
Explanation
The reference monitor is the system component that enforces access controls on an object. An object is a passive entity that contains or receives information, such as a file, a folder, a database, or a message. Access control is the process of granting or denying access to an object based on the identity, role, or attributes of the subject that requests access, and the rules or policies that define the access rights and permissions of the subject to the object. A subject is an active entity that requests access to an object, such as a user, a process, or a device. A requests from the subjects to the objects, and that enforces the access control policies on the objects. A reference monitor can be implemented as a hardware component, a software component, or a combination of both, and it can be integrated into the operating system, the application, or the device. A reference monitor has three properties: It is tamper-proof, which means that it cannot be modified, bypassed, or disabled by unauthorized It is always invoked, which means that it is always active and operational, and that it always checks every access request. It is verifiable, which means that it can be tested and validated to ensure its correctness and
Topics
Community Discussion
No community discussion yet for this question.