CSSLP · Question #349
CSSLP Question #349: Real Exam Question with Answer & Explanation
The correct answer is B: Chinese Wall model. The Chinese Wall (Brewer-Nash) model is specifically designed to prevent conflicts of interest by restricting information access based on previous access, ensuring that a user cannot access information from competing companies. This model is commonly used in financial and legal s
Question
You work as an analyst for Tech Perfect Inc. You want to prevent information flow that may cause a conflict of interest in your organization representing competing clients. Which of the following security models will you use?
Options
- ABell-LaPadula model
- BChinese Wall model
- CClark-Wilson model
- DBiba model
Explanation
The Chinese Wall (Brewer-Nash) model is specifically designed to prevent conflicts of interest by restricting information access based on previous access, ensuring that a user cannot access information from competing companies. This model is commonly used in financial and legal sectors.
Common mistakes.
- A. The Bell-LaPadula model is a state machine model focused on confidentiality, preventing unauthorized reading down (no read up) and writing up (no write down) across security levels, but it does not address conflicts of interest directly.
- C. The Clark-Wilson model focuses on integrity, enforcing well-formed transactions and separation of duties to maintain the consistency of data.
- D. The Biba model is an integrity model, focused on preventing unauthorized writing down (no write up) and reading up (no read down) to ensure data integrity, which is the inverse of Bell-LaPadula.
Concept tested. Information Security Models - Conflict of Interest
Topics
Community Discussion
No community discussion yet for this question.