ISC2 Exam ISSMP Topic 5 Question 75 Discussion

Actual exam question for ISC2's ISSMP exam

Question #: 75
Topic #: 5

Which of the following SDLC phases consists of the given security controls. Misuse Case Modeling Security Design and Architecture Review Threat and Risk Modeling Security Requirements and Test Cases Generation

ADesign

BMaintenance

CDeployment

DRequirements Gathering

Show Suggested Answer

Suggested Answer: B, D

The Biba model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

The Clark-Wilson security model provides a foundation for specifying and analyzing an integrity policy for a computing system.

Answer option C is incorrect. The Bell-LaPadula access control model is mainly used in military systems.

Answer option A is incorrect. There is no such access control model as Clark-Biba.

by Graciela at Nov 25, 2023, 07:14 AM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Denae

13 days ago

I'm not sure, but I think it makes sense that security controls would be part of the Design phase.

upvoted 0 times

...

Cammy

14 days ago

I agree with Elsa, Design phase is where security controls are implemented.

upvoted 0 times

...

Elsa

20 days ago

I think the answer is Design because it involves security controls.

upvoted 0 times

...