If the Subject's sensitivity label dominated the object's and we allowed write,
we would have higher levels writing to lower levels, forbidden by the no write
down rule.
-----Original Message-----
From: Weifeng Bao [mailto:go2sailing@yahoo.com]
Sent: Wednesday, November 17, 2004 11:46 PM
To: CISSP-Discuss@yahoogroups.com
Subject: [CISSP-D] Q: Subject/Object sensitive label in Multi-level security
Here is the question from cccure.org quiz:
Q: what is necessary for a subject to have write
access to an object in a Multi-level security policy?
A. The subject's sensitivity label must dominate the
object's sensitivity label. (forbidden by no write down)
B. The subject's sensitivity label subordinates the
object's sensitivity label. (no write down )
C. The subject's sensitivity label is subordinated by
the object's senstivity label. (no write down- same as a)
D. The subject's sensitivity label is dominated by the
object's sensitivity label (is write up, although this violates integrity
restrictions).
The given answer D. However, I think the answer
should be A. Do I misunderstand the keywords or
concept here?
Thanks.
--Weifeng
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
Yahoo! Groups Links
------------------------ Yahoo! Groups Sponsor --------------------~-->
$9.95 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/kgFolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/CISSP-Discuss/
<*> To unsubscribe from this group, send an email to:
CISSP-Discuss-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
