WGU, Information Security and Assurance (C725),
SET IV STUDY Questions and Answers (Verified Answers)
Part 1: Introduction and General Model
Part 2: CC Evaluation Methodology
Part 3: Extensions to the Methodology
Three parts of the Common Evaluation Methodology
This part of the CEM describes agreed-upon principles of evaluation and
introduces agreed-upon evaluation terminology dealing with the process of
evaluation.
Part 1: Introduction and General Model
This part of the CEM is based on CC Part 3 evaluator actions. It uses well-defined
assertions to refine CC Part 3 evaluator actions and tangible evaluator activities
to determine requirement compliance. In addition, it offers guidance to further
clarify the intent evaluator actions. This part provides for methodologies to
evaluate the following:
PPs
STs
EAL1
EAL2
EAL3
EAL4
EAL5
EAL6
EAL7
Components not included in an EAL
Part 2: CC Evaluation Methodology
This part of the CEM takes full advantage of the evaluation results. This part
includes topics such as guidance on the composition and content of evaluation
document deliverables.
Part 3: Extensions to the Methodology
Bell-LaPadula model
Biba integrity model
Clark and Wilson model
Noninterference model
State machine modelAccess matrix model
Information flow model
Security models that help evaluators determine if the implementation of a reference
monitor meets the design requirements
The two security models that were a major influence for the TCSEC and ITSEC,
Bell-LaPadula model and the Biba integrity model
Formed in the 1970's, a formal security model that describes a set of access
control rules. A subjects access to an object is allowed or disallowed by
, comparing the objects security classification with the subjects security
clearance. It is intended to preserve the principle of least privilege. It is a formal
description of allowable paths of information flow in a secure system and defines
security requirements for systems handling data at different sensitivity levels.
The model defines a secure state and access between subjects and objects in
accordance with specific security policy.
Bell-LaPadula Model
The Biba model covers integrity levels, which are analogs to the sensitivity levels
from the Bell-LaPadula model. Integrity levels cover inappropriate modification of
data and prevent unauthorized users from making modifications to resources and
data.
This security model uses a read-up, write-down approach. Subjects cannot read
objects of lesser integrity and cannot write to objects of higher integrity. Think of
CIA analysts and the information they need to perform their duties. Under this
model, an analyst with Top Secret clearance can see only information that's
labeled as Top Secret with respect to integrity (confirmed by multiple sources,
and so forth); likewise, this analyst can contribute information only at his or her
clearance level. People with higher clearances are not "poisoned" with data from
a lower level of integrity and cannot poison those with clearances higher than
theirs.
Biba Integrity Model
A security model that Proposes "well formed transactions." It requires
mathematical proof that steps are performed in order exactly as they are listed,
authenticates the individuals who perform the steps, and defines separation of
duties.
Clark and Wilson model
A security model that covers ways to prevent subjects operating in one domain
from affecting each other in violation of security policy.
Covers ways to prevent subjects operating in one domain from affecting each other in
violation of security policy.
A security model that acts as an abstract mathematical model consisting of state
variables and transition functions.
State machine mode
A security model that acts as a state machine model for a discretionary access
control environment.
Access matrix model
A security model that simplifies analysis of covert channels. A covert channel is a
communication channel that allows two cooperating processes of different
security levels (one higher than the other) to transfer information in a way that
violates a system's security policy.
Information flow model
Which of the following terms best describes the primary concern of the Biba
security model?
A. Confidentiality
SET IV STUDY Questions and Answers (Verified Answers)
Part 1: Introduction and General Model
Part 2: CC Evaluation Methodology
Part 3: Extensions to the Methodology
Three parts of the Common Evaluation Methodology
This part of the CEM describes agreed-upon principles of evaluation and
introduces agreed-upon evaluation terminology dealing with the process of
evaluation.
Part 1: Introduction and General Model
This part of the CEM is based on CC Part 3 evaluator actions. It uses well-defined
assertions to refine CC Part 3 evaluator actions and tangible evaluator activities
to determine requirement compliance. In addition, it offers guidance to further
clarify the intent evaluator actions. This part provides for methodologies to
evaluate the following:
PPs
STs
EAL1
EAL2
EAL3
EAL4
EAL5
EAL6
EAL7
Components not included in an EAL
Part 2: CC Evaluation Methodology
This part of the CEM takes full advantage of the evaluation results. This part
includes topics such as guidance on the composition and content of evaluation
document deliverables.
Part 3: Extensions to the Methodology
Bell-LaPadula model
Biba integrity model
Clark and Wilson model
Noninterference model
State machine modelAccess matrix model
Information flow model
Security models that help evaluators determine if the implementation of a reference
monitor meets the design requirements
The two security models that were a major influence for the TCSEC and ITSEC,
Bell-LaPadula model and the Biba integrity model
Formed in the 1970's, a formal security model that describes a set of access
control rules. A subjects access to an object is allowed or disallowed by
, comparing the objects security classification with the subjects security
clearance. It is intended to preserve the principle of least privilege. It is a formal
description of allowable paths of information flow in a secure system and defines
security requirements for systems handling data at different sensitivity levels.
The model defines a secure state and access between subjects and objects in
accordance with specific security policy.
Bell-LaPadula Model
The Biba model covers integrity levels, which are analogs to the sensitivity levels
from the Bell-LaPadula model. Integrity levels cover inappropriate modification of
data and prevent unauthorized users from making modifications to resources and
data.
This security model uses a read-up, write-down approach. Subjects cannot read
objects of lesser integrity and cannot write to objects of higher integrity. Think of
CIA analysts and the information they need to perform their duties. Under this
model, an analyst with Top Secret clearance can see only information that's
labeled as Top Secret with respect to integrity (confirmed by multiple sources,
and so forth); likewise, this analyst can contribute information only at his or her
clearance level. People with higher clearances are not "poisoned" with data from
a lower level of integrity and cannot poison those with clearances higher than
theirs.
Biba Integrity Model
A security model that Proposes "well formed transactions." It requires
mathematical proof that steps are performed in order exactly as they are listed,
authenticates the individuals who perform the steps, and defines separation of
duties.
Clark and Wilson model
A security model that covers ways to prevent subjects operating in one domain
from affecting each other in violation of security policy.
Covers ways to prevent subjects operating in one domain from affecting each other in
violation of security policy.
A security model that acts as an abstract mathematical model consisting of state
variables and transition functions.
State machine mode
A security model that acts as a state machine model for a discretionary access
control environment.
Access matrix model
A security model that simplifies analysis of covert channels. A covert channel is a
communication channel that allows two cooperating processes of different
security levels (one higher than the other) to transfer information in a way that
violates a system's security policy.
Information flow model
Which of the following terms best describes the primary concern of the Biba
security model?
A. Confidentiality
