Computer Security Policy Model - SSCP Exam Question | WebsiteName

The Computer Security Policy Model the Orange Book is based on is which of the following?

Prev Question Next Question

Question

The Computer Security Policy Model the Orange Book is based on is which of the following?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The Computer Security Policy Model Orange Book is based is the Bell-LaPadula Model.

Orange Book Glossary.

The Data Encryption Standard (DES) is a cryptographic algorithm.

National Information Security Glossary.

TEMPEST is related to limiting the electromagnetic emanations from electronic equipment.

Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DOD 5200.28-STD.

December 1985 (also available here).

The Orange Book is a document that provides a framework for evaluating the security of computer systems. It was created by the United States Department of Defense in the 1980s and is now known as the Trusted Computer System Evaluation Criteria (TCSEC). The Orange Book is divided into several classes, ranging from Class D (minimal security) to Class A (maximum security).

The Computer Security Policy Model the Orange Book is based on is the Bell-LaPadula model. The Bell-LaPadula model is a security model used to enforce access control in government and military organizations. It is based on the principle of least privilege, which means that a user should only have access to the resources necessary to perform their job.

The Bell-LaPadula model defines two types of security policies: confidentiality and integrity. The confidentiality policy states that information cannot flow from a higher security level to a lower security level. The integrity policy states that information cannot be modified by a user without the appropriate level of clearance.

The Bell-LaPadula model also defines three security levels: top secret, secret, and confidential. Each level has its own set of rules for accessing information. For example, a user with a secret clearance cannot access top secret information.

In summary, the Computer Security Policy Model the Orange Book is based on is the Bell-LaPadula model, which is a security model used to enforce access control in government and military organizations.