[CCCure CISSP] Q5April-13 Some cccure Quiz question doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Q5April-13 Some cccure Quiz question doubts

Amlan Deb
Hi guys,
 
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them.
 
Thanks,
Amlan
 

Doubt#5
========
 
 

1.     Question: 1579 | Difficulty: 5/5 | Relevancy: 3/3

Controlled Security Mode is also known as:

o      Multilevel Security Mode

o     Partitioned Security Mode

o      Dedicated Security Mode

o      System-high Security Mode

You did not provide any answer to this question. Please review details below.

Controlled Security Mode was defined in an earlier version of the U.S. Department of Defense policy that regulates system accreditation, but was subsumed by partitioned security mode in the current version. This information system operating mode is used when at least some users with access to the system have neitfher a security clearance nor a need-to-know for all classified material contained on the system. However, separation and control of users and classified material on the basis, respectively, of clearance and classification level are not essentially under operating system control like they are in multilevel security mode. Controlled mode was intended to encourage ingenuity in meeting the security requirements of Defense policy in was less restrictive than dedicated security mode and system-high security mode, but at a level of risk lower than that generally associated with the true multilevel security mode.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.

Thanks to Kevin Hornung for his input to correct and update this question

Contributor: Christian Vezina

Study area: Security Architecture and Design

Covered topic: <A title="Controlled (partitioned) security mode - " href="javascript:void(0)">Controlled (partitioned) security mode

This question is also tied to the following area:SSCP

 

My doubt:

I was not able to understand this concept at all. Could you please explain Controlled/Partitioned Security Mode in the below format so I could compare it with the other 4 modes. Also please provide an example of how it is used if possible.

 

Multilevel security mode

In this mode of operation, all users must have:

o  Signed NDA for ALL information on the system.

o  Proper clearance for SOME information on the system.

o  Formal access approval for SOME information on the system.

o  A valid need to know for SOME information on the system.


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org