182. Which of the following models is used to protect the confidentiality of classified information?
a. Biba model and Bell-LaPadula model
b. Bell-LaPadula model and information flow model
c. Bell-LaPadula model and Clark-Wilson model
d. Clark-Wilson model and information flow model
The Biba model is similar to the Bell-LaPadula model but protects the integrity of information instead of its confidentiality. The Clark-Wilson model is a less formal model aimed at ensuring the integrity of information, not confidentiality. This model implements traditional accounting controls including segregation of duties, auditing, and well-formed transactions such as double entry bookkeeping. Both the Biba and Clark-Wilson models are examples of integrity models.
183. Which of the following is the
a. Prevent
b. Detect
c. Respond
d. Report
184. Which of the following is the heart of intrusion detection systems?
a. Mutation engine
b. Processing engine
c. State machine
d. Virtual machine
For example, a mutation engine is used to obfuscate a virus, polymorphic or not, to aid the proliferation of the said virus. A state machine is the basis for all computer systems because it is a model of computations involving inputs, outputs, states, and state transition functions. A virtual machine is software that enables a single host computer to run using one or more guest operating systems.
185. From an access control decision viewpoint, failures due to flaws in exclusion-based systems tend to do which of the following?
a. Authorize permissible actions
b. Fail-safe with permission denied
c. Unauthorize prohibited actions
d. Grant unauthorized permissions
186. Which of the following is a major issue with implementation of intrusion detection systems?
a. False-negative notification
b. False-positive notification
c. True-negative notification
d. True-positive notification
187. Which of the following provides strong authentication for centralized authentication servers when used with firewalls?
a. User IDs
b. Passwords
c. Tokens
d. Account numbers