CSSLP Exam Guide with 100% Complete Solutions

CSSLP Exam Guide with 100% Complete Solutions Which access control mechanism provides the owner of an object the opportunity to determine the access control permissions for other subjects? a. Mandatory b. Role-based c. Discretionary d. Token-based - Correct Answer ️️ -Discretionary The elements UDI and CDI are associated with which access control model? a. Mandatory access control b. Clark-Wilson c. Biba integrity d. Bell-LaPadula confidentiality - Correct Answer ️️ -Clark-Wilson The concept of separating elements of a system to prevent inadvertent information sharing is? a. Leverage existing components b. separation of duties c. weakest link d. least common mechanism - Correct Answer ️️ -Least Common Mechanism Which of the following is true about the Biba Integrity Model? a. No write up, no read down b. No read up, no write down c. It is described by the simple security rule d. It uses the high-water-mark principle - Correct Answer ️️ -No write up, no read down The concept of preventing a subject from denying a previous action with an object in a system is a description of? a. Simple security rule b. Non-repudiation c. Defense in depth d. Constrained data item (CDI) - Correct Answer ️️ -Non-repudiation What was described as being essential in order to implement discretionary access controls? a. Object owner-defined security access b. Certificates c. Labels d. Security classifications - Correct Answer ️️ -Object owner-defined security access The CIA of security includes: a. Confidentiality, integrity, authentication b. Certificates, integrity, availability c. Confidentiality, inspection, authentication d. Confidentiality, integrity, availability - Correct Answer ️️ -Confidentiality, integrity, availability Complete mediation is an approach to security that includes: a. Protect systems and networks by using defense in depth b. A security design that cannot be bypassed or circumvented c. The use of interlocking rings of trust to ensure protection to data elements d. The use of access control lists to enforce security rules - Correct Answer ️️ -A security design that cannot be bypassed or circumvented (Complete Mediation) The fundamental approach to security in which an object has only the necessary rights and privilege to perform its task with no additional permissions is a description of: a. Layered security b. Least privilege c. Role-based security d. Clark-Wilson model - Correct Answer ️️ -Least Privilege Which access control technique relies on a set of rules to determine whether access to an object will be granted or not? a. role-based access control b. Object and rule instantiate access control c. Rule-based access control d. Discretionary access control - Correct Answer ️️ -Rule-based access control The security principle that ensures that no critical function can be executed by any single individual (by dividing the function into multiple tasks that can't all be executed by the same individual) is know as: a. Discretionary access control b. Security through obscurity c. Separation of duties d. Implicit deny - Correct Answer ️️ -Separation of duties The ability of a subject to interact with an object describes: a. authentication b. Access c. Confidentiality d. Mutual authentication - Correct Answer ️️ -Access Open design places the focus of security efforts on: a. Open-source software components b. Hiding key elements (security through obscurity) c. Proprietary algorithms d. Producing a security mechanism in which its strength is independent of its design - Correct Answer ️️ -Producing a security mechanism in which its strength is independent of its design The security principle of fail-safe is related to: a. Session management b. Exception management c. Least privilege d. Single point of failure - Correct Answer ️️ -Exception management Using the principle of keeping things simple is related to: a. Layered security b. simple Security Rule c. Economy of mechanism d. Implementing least privilege for access control - Correct Answer ️️ -Economy of mechanism Of the following, which is not a class of controls