[Cisspstudy] Security Models
Belinda Foster
belinda.foster at gmail.com
Fri Jun 26 08:21:29 EDT 2009
Nimal --
Don should not be developing/working on code that's in production. Period.
If I had to decide on a certain security model, I'd fail this question for
sure because him working on code that staff members are affected by is a
MAJOR distractor within this paragraph.
Belinda.
On Thu, Jun 25, 2009 at 5:10 PM, Nimal Gunarathna <ng949 at yahoo.com> wrote:
> Hi,
>
> This question is from Shon H's CISSP V4 Quiz Engine. I immediatly thought
> that this fall
> into a certain security model based on a key statement here but I was
> wrong. Anyway you guys could dissect this ...
>
> Don is a senior manager of an architectural firm. He has just found out
> that a key contract was renewed, allowing the company to continue developing
> an operating system that was idle for several months. Excited to get
> started, Don begins work in the operating system privately, but cannot tell
> his staff until the news is announced publicly in a few days. However, as
> Don begins making changes in the software, various staff members notice
> changes in their connected systems, even though they work in a
> lower-security level. What kind of model could be used to ensure this does
> not happen?
> <cisspstudy at cccure.org>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090626/0b9aaebb/attachment.html>
More information about the cisspstudy
mailing list