nerdexam
ExamsCISSPQuestions#1203
(ISC)2(ISC)2

CISSP · Question #1203

CISSP Question #1203: Real Exam Question with Answer & Explanation

The correct answer is C: It contains no provision or policy for changing data access control and works well only with. The limitation of the Bell-LaPadula model that is represented by the option C is that it contains no provision or policy for changing data access control and works well only with access systems that are static in nature. The Bell-LaPadula model is a type of security model that is

Submitted by renata2k· Mar 5, 2026Security Architecture and Engineering

Question

Which of the following is a limitation of the Bell-LaPadula model?

Options

  • ASegregation of duties (SoD) is difficult to implement as the "no read-up" rule limits the ability of an
  • BMandatory access control (MAC) is enforced at all levels making discretionary access control
  • CIt contains no provision or policy for changing data access control and works well only with
  • DIt prioritizes integrity over confidentiality which can lead to inadvertent information disclosure.

Explanation

The limitation of the Bell-LaPadula model that is represented by the option C is that it contains no provision or policy for changing data access control and works well only with access systems that are static in nature. The Bell-LaPadula model is a type of security model that is based on the concept of multilevel security, and that enforces the confidentiality of the information or the data in a system or a network. The Bell-LaPadula model uses two rules to control the access of the subjects, such as the users or the processes, to the objects, such as the files or the documents, in a system or a network, based on the security labels or the clearance levels of the subjects and the objects. The two rules are: The simple security property, or the "no read-up" rule, which states that a subject can read an object only if the security level of the subject is equal to or higher than the security level of the The *-property, or the "no write-down" rule, which states that a subject can write to an object only if the security level of the subject is equal to or lower than the security level of the object. The limitation of the Bell-LaPadula model is that it contains no provision or policy for changing data access control and works well only with access systems that are static in nature. This means that the Bell-LaPadula model does not allow the subjects or the objects to change their security levels or labels, and that it assumes that the security levels or labels of the subjects and the objects are fixed and predefined. This limitation can make the Bell-LaPadula model inflexible and impractical for the access systems that are dynamic or variable in nature, and that require the subjects or the objects to change their security levels or labels, depending on the context, situation, or need.

Topics

#Bell-LaPadula model#Security models#Access control models#Confidentiality model

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions