SSCP Question #340: Real Exam Question with Answer & Explanation

Question

Which of the following describes a logical form of separation used by secure computing systems?

Options

• AProcesses use different levels of security for input and output devices.
• BProcesses are constrained so that each cannot access objects outside its permitted domain.
• CProcesses conceal data and computations to inhibit access by outside processes.
• DProcesses are granted access based on granularity of controlled objects.

Explanation

A logical form of separation in secure computing systems involves constraining processes to prevent access to objects outside their permitted domain.

Common mistakes.

• A. Using different security levels for input and output devices is related to multi-level security, but does not directly describe the logical separation of processes' access domains.
• C. Concealing data and computations describes encapsulation or information hiding, which is a software design principle, not the overarching principle of logical separation in secure computing systems.
• D. Granting access based on the granularity of controlled objects describes fine-grained access control, which is a method of access control, but not the fundamental principle of logical separation itself.

Concept tested. Logical separation in secure computing

Reference. https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-security

No community discussion yet for this question.