CISSP · Question #917
CISSP Question #917: Real Exam Question with Answer & Explanation
The correct answer is C: Clark-Wilson. Clark-Wilson Model Explained Clark-Wilson (C) is correct because it was specifically designed to enforce data integrity in commercial environments, particularly for financial and accounting systems. It achieves this through two key mechanisms: well-formed transactions (ensuring d
Question
Which security modes is MOST commonly used in a commercial environment because it protects the integrity of financial and accounting data?
Options
- ABiba
- BGraham-Denning
- CClark-Wilson
- DBeil-LaPadula
Explanation
Clark-Wilson Model Explained
Clark-Wilson (C) is correct because it was specifically designed to enforce data integrity in commercial environments, particularly for financial and accounting systems. It achieves this through two key mechanisms: well-formed transactions (ensuring data can only be modified in controlled, authorized ways) and separation of duties (preventing fraud by requiring multiple people to complete sensitive processes).
Why the distractors are wrong:
- Biba (A) also focuses on integrity, but uses a military-style lattice model (no read down, no write up) - it's not tailored for commercial/financial use cases
- Graham-Denning (B) addresses how subjects and objects are created and deleted, focusing on access control rules rather than commercial data integrity
- Bell-LaPadula (D) - note the correct spelling - focuses on confidentiality, not integrity, and was designed for military/government classified information
💡 Memory Tip: Think "Clark-Wilson = Commerce" - both start with "C," and Clark-Wilson keeps commercial data clean and correct through controlled transactions. If the question mentions financial data or accounting, always think Clark-Wilson.
Topics
Community Discussion
No community discussion yet for this question.